ScanMalware.com

Security Scan Report: gvqhcwww.www.www.wwwen.54.83.164.174.nip.io

Redirected to: https://login.microsoftonline.com/97809f92-9ac4-4a49-a525-0e1771ac2962/oauth2/v2.0/authorize?access_type=offline&client_id=f6e058a0-27a4-44d1-920f-b3b2a4bbb9c0&code_challenge=Pz0SMUdcCO_zBKtlENOU8uBqwaFl76CtGGdprzfL3Pg&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fvpn.cognitivespace.com%2Fauth%2Foidc%2Fazure%2Fcallback%2F&response_type=code&scope=openid+email+profile+offline_access&state=InvKDxnC7A9lHHdO&sso_reload=true

Submitted: Apr 3, 2026, 5:08:14 PMCompleted: Apr 3, 2026, 5:09:25 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 35 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://gvqhcwww.www.www.wwwen.54.83.164.174.nip.io/auth/oidc/azure

Effective URL: https://login.microsoftonline.com/97809f92-9ac4-4a49-a525-0e1771ac2962/oauth2/v2.0/authorize?access_type=offline&client_id=f6e058a0-27a4-44d1-920f-b3b2a4bbb9c0&code_challenge=Pz0SMUdcCO_zBKtlENOU8uBqwaFl76CtGGdprzfL3Pg&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fvpn.cognitivespace.com%2Fauth%2Foidc%2Fazure%2Fcallback%2F&response_type=code&scope=openid+email+profile+offline_access&state=InvKDxnC7A9lHHdO&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #376,334 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page mimicking Microsoft login; do not enter credentials and report as scam.

Risk Factors
Credential harvesting form on a suspicious, non‑official domain
Brand impersonation of Microsoft on an unrelated domain
Low domain ranking for a brand‑claiming site
Cross‑origin credential submission to a legitimate Microsoft endpoint
Critical JavaScript obfuscation score indicating heavy code hiding
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(72%)

Domain Information

The domain 'gvqhcwww.www.www.wwwen.54.83.164.174.nip.io' uses the British Indian Ocean Territory country-code top-level domain (.io) and includes subdomain 'gvqhcwww.www.www.wwwen.54.83.164.174'. The second-level label 'nip' is 3 characters long split between 1 vowel and two consonants. It segments into one word: nip. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://gvqhcwww.www.www.wwwen.54.83.164.174.nip.io/auth/oidc/azure

Page Load Overview

1.24s
Total Load Time
17
HTTP Requests
5
Domains
473 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:946 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software72% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
72%
government public service
49%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
723.207.210.137United States
AS14618
213.107.246.44United States
AS8075Microsoft Corporation
220.190.159.71Dublin, Leinster, Ireland
AS8075Microsoft Corporation
213.89.179.9IrelandUnknown
220.190.160.128UnknownUnknown
254.83.164.174Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
176--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HTTP/3
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13B834CDA7FA62937828A41B5B5796E026F3669038D4CCD60F19CC8882FFB74D8133657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jI8GLG2GTgxEf8DreJIoIyEk77gx2xpTvPoMmCBSEiT0imQYC:M82xsJIJ32RAOPC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:83405:A4RJDZOYQPQwwaBYAi2CkoSICAKQCwtqQoWhoQJtDqIAEgbDDppsFsOJAuIXYpQBIEIAAnCITIeInhgkMwHoIQKCgY1KhCUP

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:043a372727677f7f
Perceptual Hash:a759d93366cc6609
Difference Hash:a8d2e5cfcdcdc6e6
Wavelet Hash:0038332727273f7f
Color Hash:#53ac7b

Other Hashes

Crop Resistant:a8d2e5cfcdcdc6e6

Scan History

Scan history not available

Unable to load historical scan data