ScanMalware.com

Security Scan Report: update.test.admin.dev.en.03-120-55-020.plesk.page

Redirected to:
https://login.microsoftonline.com/b34ec9cd-0a78-4623-9e54-2885791429c7...
Site favicon
Submitted: Feb 17, 2026, 4:36:37 AMCompleted: Feb 17, 2026, 4:37:59 AMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 3 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://update.test.admin.dev.en.03-120-55-020.plesk.page/auth/oidc/azure

Effective URL: https://login.microsoftonline.com/b34ec9cd-0a78-4623-9e54-2885791429c7/oauth2/v2.0/authorize?access_type=offline&client_id=86a3041a-a218-4ec6-a019-fe40c6d23389&code_challenge=qo_YjarvepwAW0PFkgSlF9D697O3-b9niGFk_xVtOgg&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fvpn.hsag-prod.onpower.cloud%2Fauth%2Foidc%2Fazure%2Fcallback&response_type=code&scope=openid+email+profile&state=4gOHFvqu3yXbvNHg&sso_reload=trueRedirected

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

Page impersonates Microsoft login, harvests credentials via cross‑origin form; classified as confirmed credential phishing scam.

Risk Factors
Brand impersonation of Microsoft on unrelated domain
Credential collection (email/password)
Cross‑origin form submission to official Microsoft login endpoint
Highly obfuscated JavaScript code
Unranked domain lacking reputation
Domain age information unavailable

Details

Page Title

update.test.admin.dev.en.03-120-55-020.plesk.page

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Within the .page top-level domain, 'update.test.admin.dev.en.03-120-55-020.plesk.page' is registered with subdomain 'update.test.admin.dev.en.03-120-55-020'. Count 5 characters in 'plesk' containing 1 vowel alongside 4 consonants. Segmentation suggests two words: pl, esk. Expect 2.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://update.test.admin.dev.en.03-120-55-020.plesk.page/auth/oidc/azure

Page Load Overview

5.77s
Total Load Time
9
HTTP Requests
4
Domains
95 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
93.120.55.20Frankfurt am Main, Hesse, Germany
AS16509Amazon.com, Inc.
91--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HTTP/3
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T111048F77329A063986558498F05B43099F20B143F506C9BCB9BCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:yfQho9PKBb9Js3q9Jzbs6tlg3SBKwdQWgceIszq2bMy8Old8:phoC9JSqzzbs6o3Sj3gcrsW2eAG

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:184681:BaHRwSkBICUgUEI0DAwgkABXgiYC1HAMAhIAUEgGI0mCAQggsgBSQpWYA+AoQKMiFYA1h8CUMBpGowfXIgJKASKEIBgQIGQB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc3c7ffffffff
Perceptual Hash:b333cccccc233333
Difference Hash:00180c1c00000000
Wavelet Hash:331303070f0f0f0f
Color Hash:#93421f

Other Hashes

Crop Resistant:00180c1c00000000

Scan History

Scan history not available

Unable to load historical scan data