ScanMalware.com

Security Scan Report: push-api-tigris.tfl.gov.uk

Redirected to: https://login.microsoftonline.com/1fbd65bf-5def-4eea-a692-a089c255346b/oauth2/authorize?client_id=31312096-b364-44bc-9f15-288a7c1b37fe&redirect_uri=https%3A%2F%2Ftransport-for-londongov.cloudflareaccess.com%2Fcdn-cgi%2Faccess%2Fcallback&resource=https%3A%2F%2Fgraph.microsoft.com&response_type=code&scope=openid&state=d6cc2b9d64671e9c07616b5286426f8493833ef92e2accd1f96290c0074718b1.JTdCJTIyaWF0JTIyJTNBMTc2NzQ4NDk3NSUyQyUyMmF1dGhEb21haW4lMjIlM0ElMjJ0cmFuc3BvcnQtZm9yLWxvbmRvbmdvdi5jbG91ZGZsYXJlYWNjZXNzLmNvbSUyMiUyQyUyMmhvc3RuYW1lJTIyJTNBJTIycHVzaC1hcGktdGlncmlzLnRmbC5nb3YudWslMjIlMkMlMjJyZWRpcmVjdFVSTCUyMiUzQSUyMiUyRiUyMiUyQyUyMmF1ZCUyMiUzQSUyMmVkMjc5MGRmNzRjMTNhOWE3MWE4MGQ5YTI4NDZiMjM2NjExZTMyMjk4ZTc5MWQyMGFjOTk3Y2NhMDhiYWI1N2YlMjIlMkMlMjJpc1NhbWVTaXRlTm9uZUNvbXBhdGlibGUlMjIlM0F0cnVlJTJDJTIyaXNJRFBUZXN0JTIyJTNBZmFsc2UlMkMlMjJpc1JlZnJlc2glMjIlM0FmYWxzZSUyQyUyMm5vbmNlJTIyJTNBJTIybm1GMFFremREVEhFMm5ZZXYlMjIlMkMlMjJpZHBJZCUyMiUzQSUyMmIyNDQzMjM1LThhZGEtNGFlMi1iMmY2LTk4ZmI5NTA0M2VhZiUyMiUyQyUyMnNlcnZpY2VfdG9rZW5faWQlMjIlM0ElMjIlMjIlMkMlMjJzZXJ2aWNlX3Rva2VuX3N0YXR1cyUyMiUzQWZhbHNlJTJDJTIyYXV0aF9zdGF0dXMlMjIlM0ElMjJOT05FJTIyJTJDJTIyaXNfd2FycCUyMiUzQWZhbHNlJTJDJTIyaXNfZ2F0ZXdheSUyMiUzQWZhbHNlJTJDJTIybXRsc19hdXRoJTIyJTNBJTdCJTIyY2VydF9pc3N1ZXJfc2tpJTIyJTNBJTIyJTIyJTJDJTIyY2VydF9wcmVzZW50ZWQlMjIlM0FmYWxzZSUyQyUyMmNlcnRfc2VyaWFsJTIyJTNBJTIyJTIyJTJDJTIyY2VydF9pc3N1ZXJfZG4lMjIlM0ElMjIlMjIlMkMlMjJhdXRoX3N0YXR1cyUyMiUzQSUyMk5PTkUlMjIlN0QlMkMlMjJhcHBTZXNzaW9uSGFzaCUyMiUzQSUyMmIxNTU4NDViZDkxMzhhNGI2MDFiZmM2YTA4MmE2YmQ4MTkzNzg0MmI5YmQ0Yzg1MGQ4NTQ2YWYxOWE0ZWFiMTAlMjIlN0Q%253D&sso_reload=true

Site favicon
Submitted: Jan 4, 2026, 12:02:51 AMCompleted: Jan 4, 2026, 12:04:01 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://push-api-tigris.tfl.gov.uk

Effective URL: https://login.microsoftonline.com/1fbd65bf-5def-4eea-a692-a089c255346b/oauth2/authorize?client_id=31312096-b364-44bc-9f15-288a7c1b37fe&redirect_uri=https%3A%2F%2Ftransport-for-londongov.cloudflareaccess.com%2Fcdn-cgi%2Faccess%2Fcallback&resource=https%3A%2F%2Fgraph.microsoft.com&response_type=code&scope=openid&state=d6cc2b9d64671e9c07616b5286426f8493833ef92e2accd1f96290c0074718b1.JTdCJTIyaWF0JTIyJTNBMTc2NzQ4NDk3NSUyQyUyMmF1dGhEb21haW4lMjIlM0ElMjJ0cmFuc3BvcnQtZm9yLWxvbmRvbmdvdi5jbG91ZGZsYXJlYWNjZXNzLmNvbSUyMiUyQyUyMmhvc3RuYW1lJTIyJTNBJTIycHVzaC1hcGktdGlncmlzLnRmbC5nb3YudWslMjIlMkMlMjJyZWRpcmVjdFVSTCUyMiUzQSUyMiUyRiUyMiUyQyUyMmF1ZCUyMiUzQSUyMmVkMjc5MGRmNzRjMTNhOWE3MWE4MGQ5YTI4NDZiMjM2NjExZTMyMjk4ZTc5MWQyMGFjOTk3Y2NhMDhiYWI1N2YlMjIlMkMlMjJpc1NhbWVTaXRlTm9uZUNvbXBhdGlibGUlMjIlM0F0cnVlJTJDJTIyaXNJRFBUZXN0JTIyJTNBZmFsc2UlMkMlMjJpc1JlZnJlc2glMjIlM0FmYWxzZSUyQyUyMm5vbmNlJTIyJTNBJTIybm1GMFFremREVEhFMm5ZZXYlMjIlMkMlMjJpZHBJZCUyMiUzQSUyMmIyNDQzMjM1LThhZGEtNGFlMi1iMmY2LTk4ZmI5NTA0M2VhZiUyMiUyQyUyMnNlcnZpY2VfdG9rZW5faWQlMjIlM0ElMjIlMjIlMkMlMjJzZXJ2aWNlX3Rva2VuX3N0YXR1cyUyMiUzQWZhbHNlJTJDJTIyYXV0aF9zdGF0dXMlMjIlM0ElMjJOT05FJTIyJTJDJTIyaXNfd2FycCUyMiUzQWZhbHNlJTJDJTIyaXNfZ2F0ZXdheSUyMiUzQWZhbHNlJTJDJTIybXRsc19hdXRoJTIyJTNBJTdCJTIyY2VydF9pc3N1ZXJfc2tpJTIyJTNBJTIyJTIyJTJDJTIyY2VydF9wcmVzZW50ZWQlMjIlM0FmYWxzZSUyQyUyMmNlcnRfc2VyaWFsJTIyJTNBJTIyJTIyJTJDJTIyY2VydF9pc3N1ZXJfZG4lMjIlM0ElMjIlMjIlMkMlMjJhdXRoX3N0YXR1cyUyMiUzQSUyMk5PTkUlMjIlN0QlMkMlMjJhcHBTZXNzaW9uSGFzaCUyMiUzQSUyMmIxNTU4NDViZDkxMzhhNGI2MDFiZmM2YTA4MmE2YmQ4MTkzNzg0MmI5YmQ0Yzg1MGQ4NTQ2YWYxOWE0ZWFiMTAlMjIlN0Q%253D&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #71,892 of the top 1 million websites

AI Security Verdict

Safe Website

Confidence: 95%

1
Risk Score

The site appears to be a legitimate TfL authentication page using Microsoft Azure AD.

Safety Factors
Official government domain with long registration history
Legitimate OAuth redirect to Microsoft authentication service
Absence of payment or credential‑harvesting forms on an untrusted domain
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(63%)

Domain Information

Domain 'push-api-tigris.tfl.gov.uk' uses the United Kingdom country-code top-level domain (.gov.uk) and includes subdomain 'push-api-tigris'. The core label 'tfl' covers 3 characters split between 0 vowels and 3 consonants. Word splitting yields 1 word: tfl. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://push-api-tigris.tfl.gov.uk

Page Load Overview

2.01s
Total Load Time
14
HTTP Requests
6
Domains
299 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:347 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software63% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
63%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
313.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1104.19.194.29United States
AS13335CLOUDFLARENET
113.69.109.131United States
AS13335
120.190.160.4United StatesUnknown
120.190.160.67United StatesUnknown
1104.19.195.29United StatesUnknown
120.190.160.65United StatesUnknown
120.190.160.22Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1104.16.97.104United StatesUnknown
140.126.32.136United StatesUnknown
1412--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T138937CDA7FB72937874A45B5B1757E026B7A8E43894CD8A0F24CC8842FFB64D8027653

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:ly5X8GLGGBVfVfguEDV4SVXV35VvCIzzTEyqU6MVnvnaloMPbJE3r5idVZC:a8W9IJ4AF3naImyS2YZC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:91177:oSDYASD19RsAISlGACBAAQGgIKMSGNAuDW+GUE4FoJiChSpewAAGQQoNLo6DOWqVA0QiCAi8RMNDuYJAqu8lAEBSzA5AAiAC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:1018ffff18180000
Perceptual Hash:98cc324cf6f6c8d1
Difference Hash:a4f3b23233f378d8
Wavelet Hash:7c1fffff39180000
Color Hash:#e06cad

Other Hashes

Crop Resistant:b270e89383beb2a2,92004030344000da,a4f3b23233f378d8

Scan History

Scan history not available

Unable to load historical scan data