ScanMalware.com

Security Scan Report: ifas-uat.andbank.com

Redirected to: https://login.microsoftonline.com/7e9697c1-c883-4e8f-93a4-98f7448f71fa/oauth2/v2.0/authorize?response_type=code&client_id=cba23c81-102e-42b3-bd71-68cff94478a0&scope=openid%20profile%20offline_access%20https://graph.microsoft.com/User.Read&state=uyjTDvgeA2tbBP3XY_SWlA3nRaZ2IUuEidTAz-tQXXw%3D&redirect_uri=https://ifas-uat.andbank.com/auth/redirect&nonce=4U5mHnVy1QjJ2npFwc8r35DikgscJRj3sHt0yhD3jt4&sso_reload=true

Site favicon
Submitted: Feb 28, 2026, 2:27:36 AMCompleted: Feb 28, 2026, 2:28:50 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://ifas-uat.andbank.com/

Effective URL: https://login.microsoftonline.com/7e9697c1-c883-4e8f-93a4-98f7448f71fa/oauth2/v2.0/authorize?response_type=code&client_id=cba23c81-102e-42b3-bd71-68cff94478a0&scope=openid%20profile%20offline_access%20https://graph.microsoft.com/User.Read&state=uyjTDvgeA2tbBP3XY_SWlA3nRaZ2IUuEidTAz-tQXXw%3D&redirect_uri=https://ifas-uat.andbank.com/auth/redirect&nonce=4U5mHnVy1QjJ2npFwc8r35DikgscJRj3sHt0yhD3jt4&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Phishing login page impersonating Andbank; harvests credentials via cross‑origin form.

Risk Factors
Cross‑origin credential form submitting password to an external domain
Login form with password field on a non‑official subdomain
Garbled/typo‑filled OCR text indicating social engineering
Unranked domain (low reputation) despite brand subdomain
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(43%)

Domain Information

You're looking at domain 'ifas-uat.andbank.com' on the commercial generic top-level domain (.com), featuring subdomain 'ifas-uat'. The core label 'andbank' covers 7 characters containing 2 vowels alongside five consonants. Breaking it apart gives two words: and, bank. Expect 3.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ifas-uat.andbank.com/

Page Load Overview

1.65s
Total Load Time
30
HTTP Requests
6
Domains
644 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:153 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking43% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

finance banking
43%
technology software
36%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
613.107.246.44Netherlands
AS8075
420.190.160.4United States
AS20940
445.60.64.107United States
AS19551Incapsula Inc
420.190.159.130FranceUnknown
420.190.159.0UnknownUnknown
420.50.201.203UnknownUnknown
423.207.210.137UnknownUnknown
307--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DA835CEA7FB21837828A45B5B4B96D02AE3A5903880CDD64F19CCD882FFB74D4137657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jDf8tf8i8GLGGeslf8N6fEvHeYDvcoIyEk77gx2xpTvPoMmCB9EAZKioNC:C8hsUtHeYTcJ32RAhNC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:82289:K0RJXgBIm0AIJRhDTCKIaBwGASJGFUZGQChJCBEDwxwLnQYASaVgQQ6iUwoQAtQARYhBgEBVoE+AkrxQGCKAUFq6hp1YkBGo

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:f0f0f8f8f8f8f8fc
Perceptual Hash:c86d36638c5b9999
Difference Hash:2523b2b2b3312920
Wavelet Hash:a0d0d8d8f8f8f0f8
Color Hash:#6240bf

Other Hashes

Crop Resistant:a8a062bcb383aca6,a2a2c0b2b2e280e0,2523b2b2b3312920

Scan History

Scan history not available

Unable to load historical scan data