ScanMalware.com

Security Scan Report: thermoplanconnect.com

Redirected to: https://login.microsoftonline.com/9eab4bc7-132f-4754-89a8-6d2b001e6c43/oauth2/v2.0/authorize?client_id=496d8d64-98ad-4b12-b2fa-d1a43af59bde&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fthermoplanconnect.com%2F&client-request-id=019b530c-90c0-7d72-b854-b6d884685279&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.30.0&client_info=1&code_challenge=RMT_PNzNpztiutWO6u0xXzmO0OBRfcRNIw3REMB1Z9o&code_challenge_method=S256&nonce=019b530c-90c4-7b3e-ba25-c43d5324eff3&state=eyJpZCI6IjAxOWI1MzBjLTkwYzAtNzMwNi04MTk2LWZmZTQ0Njk5MWUyMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=true

Site favicon
Submitted: Dec 25, 2025, 1:08:08 AMCompleted: Dec 25, 2025, 1:08:22 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 27 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://thermoplanconnect.com

Effective URL: https://login.microsoftonline.com/9eab4bc7-132f-4754-89a8-6d2b001e6c43/oauth2/v2.0/authorize?client_id=496d8d64-98ad-4b12-b2fa-d1a43af59bde&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fthermoplanconnect.com%2F&client-request-id=019b530c-90c0-7d72-b854-b6d884685279&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=3.30.0&client_info=1&code_challenge=RMT_PNzNpztiutWO6u0xXzmO0OBRfcRNIw3REMB1Z9o&code_challenge_method=S256&nonce=019b530c-90c4-7b3e-ba25-c43d5324eff3&state=eyJpZCI6IjAxOWI1MzBjLTkwYzAtNzMwNi04MTk2LWZmZTQ0Njk5MWUyMyIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #704,637 of the top 1 million websites

AI Security Verdict

Safe Website

Confidence: 92%

2
Risk Score

The site appears to be a legitimate OAuth login redirect to Microsoft; no strong phishing indicators.

Risk Factors
Low Cisco Umbrella ranking (704,637) for the initial domain
Safety Factors
Long‑standing domain registration
Redirects to a legitimate Microsoft login page
No payment or sensitive data collection beyond standard Microsoft credentials
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(30%)

Domain Information

Within the commercial generic top-level domain (.com), 'thermoplanconnect.com' is registered. Its registrable label 'thermoplanconnect' stretches across 17 characters split between 5 vowels and twelve consonants. Word splitting yields 3 words: thermo, plan, connect. Median word length comes out to 6 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://thermoplanconnect.com

Page Load Overview

2.26s
Total Load Time
26
HTTP Requests
8
Domains
504 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

government public service30% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

government public service
30%
technology software
27%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8104.26.3.186United States
AS13335CLOUDFLARENET
313.94.101.214Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
340.126.31.73Ireland
AS20940
3172.217.23.106United States
AS15169GOOGLE
313.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
323.207.210.141Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
320.190.160.132Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
267--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10F735BEA7EA31937828A40BAB5B57E02AF3A5903884CDD64F14C88C42FF774D8177657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lq8GLGG5fbWq/UfgzzTEyqU6MVnvnaloMPb1EHm+iFrC:I8NgmyS2WC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:78907:DEoRgmqBClKGcrbiaEIIS4BVI6EsIXul7AsBVwcQJSBBI8UoqOaCEEAgQgCaIAU8wAERgBKSkDCWImaOBiOmBONAhUHkUJcF

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0f1f1f1f3f1f0602
Perceptual Hash:9c8873b3cc33c9c6
Difference Hash:bbb7333373f24ee6
Wavelet Hash:0f1f1f1f1f1f0602
Color Hash:#8987c5

Other Hashes

Crop Resistant:b2b8e2bab28382b2,bbb7333373f24ee6

Scan History

Scan history not available

Unable to load historical scan data