Security Scan Report: update-ibleexqkejmvpacjdcyelloi.pages.dev

Redirected to:
https://login.microsoftonline.com/jsdisabled
Submitted: Apr 19, 2026, 10:27:17 PMCompleted: Apr 19, 2026, 10:28:38 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: http://update-ibleexqkejmvpacjdcyelloi.pages.dev/

Effective URL: https://login.microsoftonline.com/jsdisabledRedirected

AI Security Verdict

Low Risk

Confidence: 92%

2
Risk Score

The site hosts a known multi‑brand phishing kit, redirects to Microsoft login, and triggers high‑severity IDS alerts – treat as confirmed credential phishing scam.

Risk Factors
Known malicious phishing kit deployed on the subdomain
High‑severity IDS alert for script obfuscation
Unknown subdomain age on a generic hosting platform
Redirect to a major brand’s login page (Microsoft) without authorization
Potential brand impersonation
Safety Factors
No visible credential or payment forms on the scanned page
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 9 to 2
Domain age information unavailable

Details

Page Title

Something went wrong

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(41%)

Domain Information

The domain 'update-ibleexqkejmvpacjdcyelloi.pages.dev' uses the developer-focused generic top-level domain (.dev) with subdomain 'update-ibleexqkejmvpacjdcyelloi'. Its registrable label 'pages' stretches across 5 characters split between two vowels and 3 consonants. Splitting it apart reveals 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://update-ibleexqkejmvpacjdcyelloi.pages.dev/

Page Load Overview

1.75s
Total Load Time
18
HTTP Requests
7
Domains
245 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:243 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software41% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
41%
news media journalism
33%
blog personal website
32%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
640.126.31.0Ireland
AS15169Google LLC
213.107.246.44United States
AS8075Microsoft Corporation
2172.64.147.188United States
AS13335Cloudflare, Inc.
2142.250.154.95Ireland
AS13335Cloudflare, Inc.
2172.66.47.102United States
AS13335Cloudflare, Inc.
2142.251.13.95IrelandUnknown
2151.101.130.137IrelandUnknown
187--

Detected Technologies2

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T16D5111B964F0201B5201D2D4BAE0F91AAF45D61B854AA560F58D1ECC4FE2FAACC63269

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:pDLDqLNWbzAXRyAbNy/cioJTuswBxF/Qo:pD/lbzalbNqRodWJQo

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2484:ADAMIaAAgAAAAhSIECAAAggAhABAAGACCAJAAoAAOQgQAAICAAABACAgAABCICAABRAEAiAAEAFgEEJAAQBBAAAoAAFABAQA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffefe7e7fffffe
Perceptual Hash:b323cc8c7333dc8c
Difference Hash:0000180c0c000000
Wavelet Hash:30302424e7e7f3f2
Color Hash:#83862d

Other Hashes

Crop Resistant:0000180c0c000000

Scan History

Scan history not available

Unable to load historical scan data