ScanMalware.com

Security Scan Report: id.sehlat.io

Redirected to: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=a-5Ud2JmB5Erw6OVASrW9d650UluyYmG_7gS9G3VCI7q8iQZ393HXZZHjYXFIrSsuNZT8RFNyjmk95stC1LR-9FSUPM6awq8MFKsOwB2KnkwoWLIenVd27sqZg8fLlJIzZfGtu4P9bYX7oT26NDzVxUzHoTAZ7AvKk7009zhiuB2jHFOEHbC56X0DEbCL88JpeqqHYNvVHv392-jYgqnLJj0ewq7INavs8w8ylw51wRFpWaazA1rsm1_69dtBaGa9ViprEEmWEGkrS9VxDiYB7zXQvzfvUXq5iR8gyegZuL55588oZrkYA5rj-vNyhdfeAYBLpcznGenKESCtSrKv9zWibjjYK4vEAsPL4xWjZIJV5cUaxsjkTFHdQGq4drhit-dH_qbT3IKEl6_WvfY9cd0T8onCc952x0hr0QLoii5H2mB-f1ZoEIrBub0iUsL4QjxDQrDdKkS3pAjybuv6FAsLE1UiMgSmsQ-J1O0WCrPqvFDnvdTziCuRb6vaioZ3E49-1tgJf870wKc-7Qy8Jij0jVnQ2Ku00l2CAkzWot82BZc_cQ9dYya0yp_5Rqr08okksAXZZah1TGljUkjsl1zeT2kkzSWcNl3CIPdHQ8qT91xtaOUuZNSUttbOtm8Awl_q994sbeXlPNWJcW-JeyOSdWxsZVwk3xRcDPwEfkFsYyYGEqjlDBlmV3Fkw5ofH-w_6oV0jmArZ55N-LCCNi1enEpfTbaAGIOQIxBgyo3Ekwk3te2A_aoBBmsuYAw6u6X-MuRbX20WXFmsxZHeOkIAecfQ6pjsAkBY_se_gk6I3NgYuylrvieuF7ypLvaFlZEQJTAsREaipUPdD2SxnY0ULtEaDPJ50soBk0GLLALnkiTKQOX-474cfwWANbWmNRfrMAnpEwlxuiexHpm8PDN2hGOYvC0Z06OSmNLGYiLLtXaURYYBsDjO_5UA4NBILuwoaQOiltshf8TxhCxw4By9YYKfUhdt2NDszHMKrszANRECWy5gRA53D5XCLH5_TJrnzBy2kHs_VKJIMG7oDpdBwNqLkxhw3jB_tIth3A7DMGX0W6WKOpnabbUwpgMWN3TtVg24monCX2xerd3nP-EAeHdb-8v1KLEgyjlgmodSX8oaljwg1KJ8IJrhua0-pZ0aqe6sdo9g4A6RHjrRKP2u1y001UiHOflz-4yr9LySL7h73Ad4GykHpvIYdadCGeudFt2TdpTJO8nCNXhLjyHaSKyo4MiOmC0h-pwiYR_w1Y6xeqn_eizyrGOaLSmv6JiDE3NfWKWyhA4X29q5De0-YH6P1cfohPn9o8u1hXzO4NDM4GkOjxuChUcimT20mtvI6ko5WVAFMS4L_yI-v5Oj9sK3RKzcl0Dh8AJ0yVO_H3N3061Q-JYt5-H&sso_reload=true

Submitted: Jan 10, 2026, 2:09:36 PMCompleted: Jan 10, 2026, 2:11:17 PMpubliccompleted
Loading additional data...

Summary

This website contacted 10 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://id.sehlat.io/oauth2/auth?access_type=offline&client_id=8373396b-25da-4fa2-ac9b-a2adf050a34c&code_challenge=Eyv6cE96WFpYwTXljHUD0pqgul1sIndpRUBGPLqSRLs&code_challenge_method=S256&nonce=1IDcjflT3z2KNpqE8gdFmRoKUsPz7VzG&redirect_uri=https%3A%2F%2Fnginx-auth.devcloud-system.dcr.sehlat.io%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=E1aYYekMhSGLpa70T3Jf6GstggNnIiHD

Effective URL: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=a-5Ud2JmB5Erw6OVASrW9d650UluyYmG_7gS9G3VCI7q8iQZ393HXZZHjYXFIrSsuNZT8RFNyjmk95stC1LR-9FSUPM6awq8MFKsOwB2KnkwoWLIenVd27sqZg8fLlJIzZfGtu4P9bYX7oT26NDzVxUzHoTAZ7AvKk7009zhiuB2jHFOEHbC56X0DEbCL88JpeqqHYNvVHv392-jYgqnLJj0ewq7INavs8w8ylw51wRFpWaazA1rsm1_69dtBaGa9ViprEEmWEGkrS9VxDiYB7zXQvzfvUXq5iR8gyegZuL55588oZrkYA5rj-vNyhdfeAYBLpcznGenKESCtSrKv9zWibjjYK4vEAsPL4xWjZIJV5cUaxsjkTFHdQGq4drhit-dH_qbT3IKEl6_WvfY9cd0T8onCc952x0hr0QLoii5H2mB-f1ZoEIrBub0iUsL4QjxDQrDdKkS3pAjybuv6FAsLE1UiMgSmsQ-J1O0WCrPqvFDnvdTziCuRb6vaioZ3E49-1tgJf870wKc-7Qy8Jij0jVnQ2Ku00l2CAkzWot82BZc_cQ9dYya0yp_5Rqr08okksAXZZah1TGljUkjsl1zeT2kkzSWcNl3CIPdHQ8qT91xtaOUuZNSUttbOtm8Awl_q994sbeXlPNWJcW-JeyOSdWxsZVwk3xRcDPwEfkFsYyYGEqjlDBlmV3Fkw5ofH-w_6oV0jmArZ55N-LCCNi1enEpfTbaAGIOQIxBgyo3Ekwk3te2A_aoBBmsuYAw6u6X-MuRbX20WXFmsxZHeOkIAecfQ6pjsAkBY_se_gk6I3NgYuylrvieuF7ypLvaFlZEQJTAsREaipUPdD2SxnY0ULtEaDPJ50soBk0GLLALnkiTKQOX-474cfwWANbWmNRfrMAnpEwlxuiexHpm8PDN2hGOYvC0Z06OSmNLGYiLLtXaURYYBsDjO_5UA4NBILuwoaQOiltshf8TxhCxw4By9YYKfUhdt2NDszHMKrszANRECWy5gRA53D5XCLH5_TJrnzBy2kHs_VKJIMG7oDpdBwNqLkxhw3jB_tIth3A7DMGX0W6WKOpnabbUwpgMWN3TtVg24monCX2xerd3nP-EAeHdb-8v1KLEgyjlgmodSX8oaljwg1KJ8IJrhua0-pZ0aqe6sdo9g4A6RHjrRKP2u1y001UiHOflz-4yr9LySL7h73Ad4GykHpvIYdadCGeudFt2TdpTJO8nCNXhLjyHaSKyo4MiOmC0h-pwiYR_w1Y6xeqn_eizyrGOaLSmv6JiDE3NfWKWyhA4X29q5De0-YH6P1cfohPn9o8u1hXzO4NDM4GkOjxuChUcimT20mtvI6ko5WVAFMS4L_yI-v5Oj9sK3RKzcl0Dh8AJ0yVO_H3N3061Q-JYt5-H&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 72%

4
Risk Score

Login page may be legitimate SSO but caution is advised due to credential form on an unranked domain.

Risk Factors
Credential‑harvesting form on a non‑official domain
Safety Factors
Domain has been registered since 2002 (well‑established)
Final destination is a legitimate Microsoft authentication endpoint
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'id.sehlat.io' uses the British Indian Ocean Territory country-code top-level domain (.io) with subdomain 'id'. The registrable portion 'sehlat' spans 6 characters containing 2 vowels alongside 4 consonants. Breaking it apart gives 3 words: se, hl, at. The median word length lands at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://id.sehlat.io/oauth2/auth?access_type=offline&client_id=8373396b-25da-4fa2-ac9b-a2adf050a34c&code_challenge=Eyv6cE96WFpYwTXljHUD0pqgul1sIndpRUBGPLqSRLs&code_challenge_method=S256&nonce=1IDcjflT3z2KNpqE8gdFmRoKUsPz7VzG&redirect_uri=https%3A%2F%2Fnginx-auth.devcloud-system.dcr.sehlat.io%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=E1aYYekMhSGLpa70T3Jf6GstggNnIiHD

Page Load Overview

9.32s
Total Load Time
18
HTTP Requests
5
Domains
450 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
920.190.160.67Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.190.159.131Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.190.159.2Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.190.159.23Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
123.207.210.137Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
113.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
123.207.210.132Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
12.21.239.157Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
140.68.146.194Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.190.159.129Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1810--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T161937DEA7DA3193A878A54B8B4B53E02AF7769534C4CCDA0F15CDD842FEB70D8163642

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:FcwC3wCn8GLGGC7KwCd95wC00ZZjNazj/oNzTEyqU6MVnvnaloMPb1EqtzismC:SwC3wCn8owCd95wC3Xqj/TyS2JC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:97350:YZo4XKSrfwIiIKCsxE6IMiAQIEyEBAEBCjhmcBkUEqFexLMBrgKFFAQGMF6kaQA22iEKhAQWIMM0cTgKX94ERODAQQkEACYA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fffffe1818180000
Perceptual Hash:9dc8233ecdd1998c
Difference Hash:204db23232325cfe
Wavelet Hash:ffffff9a18180000
Color Hash:#5378ac

Other Hashes

Crop Resistant:82a0eabab2b283b2,ba80c03034e080be,204db23232325cfe

Scan History

Scan history not available

Unable to load historical scan data