ScanMalware.com

Security Scan Report: react-app-pre-412.zafire.sehlat.io

Redirected to:
https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2...
Site favicon
Submitted: Feb 21, 2026, 4:36:59 PMCompleted: Feb 21, 2026, 4:38:08 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 3 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://react-app-pre-412.zafire.sehlat.io/

Effective URL: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=FIKvZlECMnj7PZzOxBILwZJ9U34ODlFwbhf0g_FHBaoozlnYhv6F0EpwmifAL5MX2aggyoKRxWCt7Jirr_j1FHbPm_BhzZqp5L7asRLlDzdM02CDl5XRYQ14IVsb3ZrZCzmAw91-oDB0HpR3rEkizivcncyfvAz9-jAe9Ss3omaEGp2PFpTI9GSXkwR3fWT3WbQZzo3gAmtRzQIGdsizb0mrXrRw3zfUbFmzJZvGXbG4U8fUidKOME5fziThsLyZwPzaXGaVlZf-9yCe_KTnnib5HR_LnlZr8_dnszgfhO6FnPy8zIqsfbRMnUrfI0_HCi4IyJMMRaCPaHisfVBkv7W6CgHkfnShQqcIdLW-2X0JwRIEL_PTsw4EFzKVzM4ILf9-s_anby6tEhxZdf0sP3hMZwdvn_7RpB-LpACqGKfjIkMVcujS4HmpE2vyiXXrYndZxelDpTs-cMTK1yq8lkywxkK2az1ZlhRlMTxW3-CwC1B3beMA9A1kbM2uwVfoE3v0DqG8X3yxoisTLX_RFirEIT_twuup4v6lImSFUH1Y8-eXclna7MKi7lZSty9k6sZmAytOCtosqZVrmAz76TBPUUvkQlJHnRJJcdIhdGHF2DTnZeJCjsxVIUMnxv0fmcN_UalNdnM2qFZhnLxNiKKKbpF0qOGdZfarSlR6U7o_TBm9GFP_z_5IvpaRTpCNBNegQcOk9hWwUYf6iGLGqCBw-635pKcIgyT6tUAXkqtCkV_C9BLkPbbZCbYPNmEKN_UEj2RvyynTiPenneKxJJe9i903NJJUoQ2rpeHRPLowNHcMSWVrsFe-WSBP7Habn12gqcEMqmwAGAJepryBe5ZLL3axlfgSHW-WdXcUfmiLsMNOUNW7O3vqrEs4GWEoOH3d7pEoxZDSFATPSj5X_5ooRAmkown8vnpUz0LvUHphKOSHX-eTuaHo1Nn9Gu8_Ga8aglqYBBe4KQmrVQXdMNoXgUU2jGlrd3U65PaPxTVZqvk_8xKiogFeoNnhY2S2StvC3xhTbOucTt_vfC_QKQxMItq0tfWdKf0IVWx2oBCSBHVul00qb6fuyg3D3pjMQHrDVwf-t03VtJczXx6Cru2FMLBS8zawsrA9GU3udgHQNts9eZPcTBi3aEQY-ODKQhomso6bJXFW4pnzj8qkJHkowUh00_paLDRJmLLEYJXw8WxSeKsMvNdEbsLpoR_2kNjuF-j7zLqGb9BENfLKIRK-97uV3kXbTPlgRb_slOcYGFYcuY5yds3sc0m4vqNFAFktiz9sZobvO8F0M_nxNAMu5AC-7wizym24qxRkiplcQ9yF3P_ndLjWaa5A1U0IWP0wHMaf15rOr3PC1y2X11PuTP3kFolJikuCd6Ak1lGxtVsnTZeDc16v9a902P2oNtvR50vAWBOkCcC-OfjZFG1MU81Sezzp&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 85%

2
Risk Score

Page mimics Microsoft login, harvests credentials on an unrelated domain – high‑risk phishing site.

Risk Factors
Brand impersonation
Credential collection on unrelated domain
Unranked/low‑reputation domain
Excessive redirects
Highly obfuscated JavaScript
Safety Factors
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 8 to 2
Domain age information unavailable

Details

Page Title

react-app-pre-412.zafire.sehlat.io

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'react-app-pre-412.zafire.sehlat.io' uses the British Indian Ocean Territory country-code top-level domain (.io), featuring subdomain 'react-app-pre-412.zafire'. The registrable portion 'sehlat' spans 6 characters split between 2 vowels and 4 consonants. It segments into 3 words: se, hl, at. Median word length is 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://react-app-pre-412.zafire.sehlat.io/

Page Load Overview

0.85s
Total Load Time
20
HTTP Requests
7
Domains
1016 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
209.163.251.147Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
201--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1AE048F77329A063986558498F05B43099F20B143F506C9BCB9BCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:CfQho9PKBb9Js3q9Jzbs6tlg3SBKwdQWgceIszS2bMy8Oldq:5hoC9JSqzzbs6o3Sj3gcrse2eA4

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:184561:ROqhAlBAkpAoBeeCXQACgwRACFFDUDzKQAIyIGBDdIQAAhRsREkIQngRnCoAJwtQSwDAmJBalJhcQwWgkDCJUSqQRZkCAIIJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc3c7ffffffff
Perceptual Hash:b131cccccc673333
Difference Hash:00180c1400000000
Wavelet Hash:fcdcc0cc00000000
Color Hash:#2d5386

Other Hashes

Crop Resistant:00180c1400000000

Scan History

Scan history not available

Unable to load historical scan data