ScanMalware.com

Security Scan Report: abflex.vca-online.eu

Redirected to:
https://login.microsoftonline.com/common/oauth2/authorize?state=5a98d3...
Submitted: Nov 26, 2025, 8:11:30 PMCompleted: Nov 26, 2025, 8:14:37 PMpubliccompleted
Loading additional data...

Summary

This website contacted 28 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://abflex.vca-online.eu/users/sso/azure

Effective URL: https://login.microsoftonline.com/common/oauth2/authorize?state=5a98d35742d08f59bbac62962b720f4a&scope=email%20openid%20profile&response_type=code&approval_prompt=auto&redirect_uri=https%3A%2F%2Fabflex.vca-online.eu%2Fauth%2Fazure&client_id=3cd4b552-a061-4393-93a1-49cd056a5303&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 95%

2
Risk Score

The page impersonates Microsoft login, harvests credentials via a cross‑origin form; confirmed phishing scam.

Risk Factors
Brand impersonation
Credential collection form
Cross‑origin form submission
Unranked domain
Mismatch between displayed brand and domain
Safety Factors
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 10 to 2
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(79%)

Domain Information

The domain name 'abflex.vca-online.eu' uses the .eu country-code top-level domain and includes subdomain 'abflex'. The registrable portion 'vca-online' spans 10 characters holding 4 vowels versus five consonants, plus 1 hyphen. Breaking it apart gives three words: vc, a, online. Expect two characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://abflex.vca-online.eu/users/sso/azure

Page Load Overview

0.92s
Total Load Time
18
HTTP Requests
4
Domains
459 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:756 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software79% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
79%
documentation technical
55%
adult content
45%
government public service
28%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1213.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
340.126.32.136Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
2108.138.7.23United States
AS16509AMAZON-02
140.126.32.74Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
013.107.213.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
0108.138.7.79United States
AS16509AMAZON-02
0108.138.7.56United States
AS16509AMAZON-02
020.190.160.64Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.5Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.32.133Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1828--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T147735ADA7EA22D37C68A45B5B5B92D026F7A5A43884CD924F24CCDC02FEB70D8137563

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lw8GLGGhFSCa1zTEyqU6MVnvnaloMPbhEfCi48C:a8OgCaQyS2Y8C

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:74352:CAIFAykyKmTgEkCTUmfmPcgEBEyAFVskA9BU8B1uwxhFCUiCUIElkKEhGEUICTAERFbwRYA9DFAEAEdCZFDIQGaCYKWGhEtS

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3c1e1e7f33734f30
Perceptual Hash:8d12526d67926d6d
Difference Hash:d8b0b0d9d6e6d9d5
Wavelet Hash:3c1e1e3f33330f30
Color Hash:#3e1f93

Other Hashes

Crop Resistant:d8b0b0d9d6e6d9d5

Scan History

Scan history not available

Unable to load historical scan data