Security Scan Report: portal.secure-service-hub.com

Redirected to:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_...
Site favicon
Submitted: Dec 10, 2025, 9:25:51 AMCompleted: Dec 10, 2025, 9:26:55 AMpubliccompleted
Loading additional data...

Summary

This website contacted 43 IPs in 4 countries across 7 domains to perform 41 HTTP transactions. The main domain is login.microsoftonline.com.

Submitted URL: https://portal.secure-service-hub.com/

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=c26cac50-9ddb-482e-b3da-000309dfda75&redirect_uri=https%3a%2f%2fsymcloudplatformb2cprod.b2clogin.com%2fsymcloudplatformb2cprod.onmicrosoft.com%2foauth2%2fauthresp&response_type=code&scope=openid+profile+email&response_mode=form_post&nonce=%2bqxoctHik4Sz4rs2d3lXPQ%3d%3d&prompt=select_account&state=StateProperties%3deyJTSUQiOiJ4LW1zLWNwaW0tcmM6OTlmMDQxZjEtMzM5ZC00M2JkLWJiNDYtMDczNjMwMTlhNzFmIiwiVElEIjoiYzdkMGRmYzctZjVkYi00MmZhLWExYjktMDg3MjYzNDk2ZDZmIiwiVE9JRCI6ImIxNDAzMWFhLTY0ZGItNDI5MS1iZmM5LTFkNzE5ZTc4ZjNlMyJ9&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 88%

2
Risk Score

The site impersonates Microsoft login on an unranked, unknown‑age domain with a credential form, indicating high phishing risk.

Risk Factors
Brand impersonation of a major service
Credential collection form on unknown/unranked domain
Critical JavaScript obfuscation indicators
Unknown domain age
Safety Factors
Form submits to legitimate Microsoft login endpoint
No Indicators of Compromise matched
No YARA malware patterns detected
No network IDS alerts
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 8 to 2
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Domain 'portal.secure-service-hub.com' uses the commercial generic top-level domain (.com), featuring subdomain 'portal'. Its registrable label 'secure-service-hub' stretches across 18 characters holding seven vowels versus 9 consonants, along with 2 hyphens. It segments into 3 words: secure, service, hub. Average segment length settles at 6 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://portal.secure-service-hub.com/

Page Load Overview

17.83s
Total Load Time
41
HTTP Requests
7
Domains
531 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4113.69.116.108Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.129Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.76.82.231Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.20Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.22Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.31.0Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.5Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.32.76Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
02.16.241.207Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
02.16.241.211Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
4143--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T192835BD9BEA62E3BC74644BAB9B56E025E3B5A034C4CCD24F15CC8802FEBB0D8567553

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:DZ8GLGG7BOnhdo7zTEyqU6MVnvnaloMPtcEfai4fCC:N8yBOhddyS2jfCC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:82101:MDMLKMmAvQIIQEdkBShIIFhcxAjMBCBImBCFQYMIGAwNC3BVmhGYZIwkABAlgpIBBAYq2RVEjEOmfvGQAXkFUIAOyBKQAIC4

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393f3f373737
Perceptual Hash:85597476d973518c
Difference Hash:88e4f2dbf3e6e6e6
Wavelet Hash:00003b3b3f37373f
Color Hash:#a1c587

Other Hashes

Crop Resistant:88e4f2dbf3e6e6e6

Scan History

Scan history not available

Unable to load historical scan data