Security Scan Report: update-thufllfnqzmmrxurxujmnpqh.pages.dev

Redirected to:
https://login.microsoftonline.com/jsdisabled
Site favicon
Submitted: Jul 2, 2026, 1:53:15 AMCompleted: Jul 2, 2026, 1:55:07 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 1 country across 5 domains to perform 2 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: http://update-thufllfnqzmmrxurxujmnpqh.pages.dev/

Effective URL: https://login.microsoftonline.com/jsdisabledRedirected

AI Security Verdict

Moderate Risk

Confidence: 92%

5
Risk Score

The site hosts a known phishing kit that redirects to a Microsoft login page, posing a credential‑phishing threat.

Risk Factors
Known malicious phishing kit deployed
High‑severity IDS alert for script obfuscation
Unranked hosting subdomain with unknown age
Redirect to a major brand’s login page from a non‑official domain
Safety Factors
Verdict cited a credential/login form, but DOM analysis found no password field (real or disguised) or payment field, and no other hard signal — credential-phishing framing unsupported; risk adjusted from 10 to 5
Domain age information unavailable

Details

Page Title

Something went wrong

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(41%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'update-thufllfnqzmmrxurxujmnpqh.pages.dev' is registered, featuring subdomain 'update-thufllfnqzmmrxurxujmnpqh'. Count 5 characters in 'pages' containing 2 vowels alongside three consonants. Breaking it apart gives one word: pages. Expect five characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://update-thufllfnqzmmrxurxujmnpqh.pages.dev/

Page Load Overview

1.60s
Total Load Time
18
HTTP Requests
7
Domains
245 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:243 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software41% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
41%
news media journalism
33%
blog personal website
32%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6172.64.147.188Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
3172.66.45.46Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
3192.178.183.95Google · CDNUnited States
AS15169Google LLC
3142.251.110.95Google · CDNUnited States
AS15169Google LLC
3151.101.1.155Fastly · CDNUnited States
AS54113Fastly, Inc.
185--

Detected Technologies2

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1104131B564F0201F5201C2D4BEE0F91AAF81D61BC14AE420F08D1ECC4FE2F9ACCA7269

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24:nCCs8CNiVIN/HkbbsKAXq8MWKoz0770bNny/cioJgpAfuspuVj9jjRLEojM2Q0:nqLNWbzAXRyAbNy/cioJTuswBxF/Qo

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2328:BAABAQIwAAACIAREAgAFEAEAIABACAQAACiAAQIAKBQAgCAmAAAAABCEAgAAEAAAAAAAACAAUAgAAAAAoAAABUAogAQACCAA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffefe7e7fffffe
Perceptual Hash:b323cc8c3333dd8c
Difference Hash:0000180c0c000000
Wavelet Hash:3c3c2020e3e3f3f2
Color Hash:#b240bf

Other Hashes

Crop Resistant:0000180c0c000000

Scan History

Scan history not available

Unable to load historical scan data