ScanMalware.com

Security Scan Report: mckinsey.sandbox.mambu.com

Site favicon
Submitted: May 10, 2026, 9:52:41 AMCompleted: May 10, 2026, 9:54:05 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 61 HTTP transactions. The main domain is mckinsey.sandbox.mambu.com and was registered NaN years ago.

Submitted URL: https://mckinsey.sandbox.mambu.com

The Cisco Umbrella rank of the primary domain is #448,516 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

The site pretends to be McKinsey, harvests login credentials, and triggers critical malware alerts – confirmed scam.

Risk Factors
Brand impersonation with credential collection
Low domain ranking for a high‑profile brand
Critical IDS alerts for malware/C2 activity
Highly obfuscated JavaScript with eval()
Presence of password field without legitimate context
Domain age information unavailable

Details

Page Title

McKinsey & Company - Global

Scan Type

public

Language

🇺🇸

English

(60% confidence)

Category

technology software

(41%)

Domain Information

The domain 'mckinsey.sandbox.mambu.com' uses the commercial generic top-level domain (.com), featuring subdomain 'mckinsey.sandbox'. Its registrable label 'mambu' stretches across 5 characters with 2 vowels and three consonants. Tokenizing the label suggests 2 words: mam, bu. Expect 2.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mckinsey.sandbox.mambu.com

Page Load Overview

5.99s
Total Load Time
72
HTTP Requests
2
Domains
241 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:60%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:60%
Script Type:Latin
Text Length:401 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software41% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
41%
documentation technical
39%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3652.31.118.36Dublin, Leinster, Ireland
AS16509Amazon.com, Inc.
36142.251.20.95United States
AS15169Google LLC
722--

Detected Technologies3

PasswordField
100%
HSTS
40%
React
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T190539231B2BC1019B02BC9A2AE11BBDE73794017D2575BE9BDAAFF34C9C79951E21304

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:Cq8LcAvHG1YeKxb1MyRXEkuKky+9OuW0kSo/svxmeZFn0xX5aJJY392ADRzexu46:l8LC1YllRgOu8w/6DRzJP

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:62381:oBmAQ9ICBNRGAhwdg7pRLjAAyocHCHhoACADAIgoCYJUbQwRSDAoJ9IMVCULGkEKCSBYCAQMGqAzAJGMBQioxQQ4Lk5woVhg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7e7e7e7ffffffff
Perceptual Hash:b33333999964cccc
Difference Hash:08080c0c00000000
Wavelet Hash:e7e7e7e700000000
Color Hash:#ac53a3

Other Hashes

Crop Resistant:08080c0c00000000

Scan History

Scan history not available

Unable to load historical scan data