ScanMalware.com

Security Scan Report: vdi.portal.effem.com

Redirected to:
https://mars-group.okta.com/app/marsgroup_citrixnetscalergatewayvdinew...
Site favicon
Submitted: May 11, 2026, 8:55:45 AMCompleted: May 11, 2026, 8:57:55 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 51 HTTP transactions. The main domain is mars-group.okta.com and was registered NaN years ago.

Submitted URL: https://vdi.portal.effem.com

Effective URL: https://mars-group.okta.com/app/marsgroup_citrixnetscalergatewayvdinewprod_1/exk3t67guljhYgSDC357/sso/samlRedirected

The Cisco Umbrella rank of the primary domain is #168,875 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 82%

9
Risk Score

The site shows strong malicious network activity (critical IDS alerts) despite lacking forms; treat as high‑risk malware distribution and do not interact.

Risk Factors
Critical IDS alerts for malware and command‑and‑control activity
Low domain ranking combined with brand claim on a non‑brand domain
Redirect chain to external Okta domain
Domain age information unavailable

Details

Page Title

Mars Group - Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(82%)

Domain Information

Within the commercial generic top-level domain (.com), 'vdi.portal.effem.com' is registered and includes subdomain 'vdi.portal'. Count 5 characters in 'effem' with 2 vowels and three consonants. Splitting it apart reveals 2 words: eff, em. Expect 2.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://vdi.portal.effem.com

Page Load Overview

16.09s
Total Load Time
35
HTTP Requests
1
Domains
1.3 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:641 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software82% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
82%
documentation technical
65%
government public service
56%
adult content
26%
phishing scam
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1351.105.249.50Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
1135.71.178.224United States
AS16509Amazon.com, Inc.
113.161.82.2United States
AS16509Amazon.com, Inc.
353--

Detected Technologies1

HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T105636BD2491AD9CE06C5AD54263B490666428AC3C3A4CFC1BBEDCEC5AFACC5F706E54C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:Ih5Q/jhwkHR5otL8ZtVKaFViMJyd5otL8ZtVKaFViMJydHSY5otL8ZtVKaFViMJY:I58jbHkmcaaM1mcaaMyyJmcaaMO

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:69799:nyu4dQjK5AgxCwHGBJoDRAqCYYUx7A4EwvghyIOMJKAmAFshJswCDU8AkGBbIIEImyKotiESQDrXUOIQtMgBCDYCAAkABYAU

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3f7fffffffffffff
Perceptual Hash:800001030fffffff
Difference Hash:c080000000000000
Wavelet Hash:3070f0f000000000
Color Hash:#2dd2b1

Other Hashes

Crop Resistant:c080000000000000

Scan History

Scan history not available

Unable to load historical scan data