ScanMalware.com

Security Scan Report: kaplanhecker.expertsierra.com

Redirected to: https://login.microsoftonline.com/1e4b3f30-f288-46ca-a093-d033aa3a7c4a/saml2?sso_reload=true

Site favicon
Submitted: Jan 14, 2026, 6:56:46 PMCompleted: Jan 14, 2026, 6:58:23 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://kaplanhecker.expertsierra.com

Effective URL: https://login.microsoftonline.com/1e4b3f30-f288-46ca-a093-d033aa3a7c4a/saml2?sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #214,751 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

High‑risk phishing page impersonating Okta on a low‑ranked domain; do not provide credentials.

Risk Factors
Credential harvesting form on suspicious domain
Brand impersonation on low‑ranked domain
Mismatched final URL (brand displayed ≠ final destination domain)
Domain age information unavailable

Details

Page Title

aderant-t00425474 - Signing in...

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Within the commercial generic top-level domain (.com), 'kaplanhecker.expertsierra.com' is registered with subdomain 'kaplanhecker'. The registrable portion 'expertsierra' spans 12 characters containing 5 vowels alongside seven consonants. Word splitting yields two words: expert, sierra. The median word length lands at six characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://kaplanhecker.expertsierra.com

Page Load Overview

5.43s
Total Load Time
25
HTTP Requests
8
Domains
946 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:82 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
954.162.231.48United States
AS14618
865.9.175.3France
AS8075
876.223.94.4United States
AS16509AMAZON-02
253--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17CD26C7041BE7DB7C222808CA527B7D4705F034AC752975C70BE9EA2DB86C3B3626A75

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:awA0mKCf/Ip9zg8Xuc0BndIUADClrRKVI2zrCpDEjisYfFZ3zcHy18CMoUP/aQ50:FA0BpHImwRNHN13kLKIiWpaqmiiia

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:30353:AnHiDIAQkpQqnccFQOJhSMDTlgXAvAw4BatMABEiD44qZyCQAADIkhTLggmKBOAJTMEsFDuiGAfiwBkAITQ75ToPWcgEwxCA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffe7e7fffffffe
Perceptual Hash:f7a2dd8877225588
Difference Hash:0000080800000000
Wavelet Hash:3c3c2424071f3f3e
Color Hash:#783a65

Other Hashes

Crop Resistant:0000080800000000

Scan History

Scan history not available

Unable to load historical scan data