ScanMalware.com

Security Scan Report: portal.secure-service-hub.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=c26cac50-9ddb-482e-b3da-000309dfda75&redirect_uri=https%3a%2f%2fsymcloudplatformb2cprod.b2clogin.com%2fsymcloudplatformb2cprod.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=%2bqxoctHik4Sz4rs2d3lXPQ%3d%3d&prompt=select_account&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTlmMDQxZjEtMzM5ZC00M2JkLWJiNDYtMDczNjMwMTlhNzFmIiwiVElEIjoiYzdkMGRmYzctZjVkYi00MmZhLWExYjktMDg3MjYzNDk2ZDZmIiwiVE9JRCI6ImIxNDAzMWFhLTY0ZGItNDI5MS1iZmM5LTFkNzE5ZTc4ZjNlMyJ9&sso_reload=true

Site favicon
Submitted: Dec 10, 2025, 9:25:51 AMCompleted: Dec 10, 2025, 9:26:55 AMpubliccompleted
Loading additional data...

Summary

This website contacted 43 IPs in 4 countries across 7 domains to perform 41 HTTP transactions. The main domain is login.microsoftonline.com.

Submitted URL: https://portal.secure-service-hub.com/

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=c26cac50-9ddb-482e-b3da-000309dfda75&redirect_uri=https%3a%2f%2fsymcloudplatformb2cprod.b2clogin.com%2fsymcloudplatformb2cprod.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=%2bqxoctHik4Sz4rs2d3lXPQ%3d%3d&prompt=select_account&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTlmMDQxZjEtMzM5ZC00M2JkLWJiNDYtMDczNjMwMTlhNzFmIiwiVElEIjoiYzdkMGRmYzctZjVkYi00MmZhLWExYjktMDg3MjYzNDk2ZDZmIiwiVE9JRCI6ImIxNDAzMWFhLTY0ZGItNDI5MS1iZmM5LTFkNzE5ZTc4ZjNlMyJ9&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 80%

8
Risk Score

High‑risk phishing page impersonating Microsoft on a newly registered, unranked domain.

Risk Factors
Credential harvesting form on a suspicious, unranked domain
Potentially newly registered domain with login form
Brand impersonation of Microsoft on a non‑official domain
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Domain 'portal.secure-service-hub.com' uses the commercial generic top-level domain (.com), featuring subdomain 'portal'. Its registrable label 'secure-service-hub' stretches across 18 characters holding seven vowels versus 9 consonants, along with 2 hyphens. It segments into 3 words: secure, service, hub. Average segment length settles at 6 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://portal.secure-service-hub.com/

Page Load Overview

17.83s
Total Load Time
41
HTTP Requests
7
Domains
531 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4113.69.116.108Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.129Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.76.82.231Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.20Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.22Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.31.0Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.5Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.32.76Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
02.16.241.207Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
02.16.241.211Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
4143--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T192835BD9BEA62E3BC74644BAB9B56E025E3B5A034C4CCD24F15CC8802FEBB0D8567553

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:DZ8GLGG7BOnhdo7zTEyqU6MVnvnaloMPtcEfai4fCC:N8yBOhddyS2jfCC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:82101:MDMLKMmAvQIIQEdkBShIIFhcxAjMBCBImBCFQYMIGAwNC3BVmhGYZIwkABAlgpIBBAYq2RVEjEOmfvGQAXkFUIAOyBKQAIC4

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393f3f373737
Perceptual Hash:85597476d973518c
Difference Hash:88e4f2dbf3e6e6e6
Wavelet Hash:00003b3b3f37373f
Color Hash:#a1c587

Other Hashes

Crop Resistant:88e4f2dbf3e6e6e6

Scan History

Scan history not available

Unable to load historical scan data