ScanMalware.com

Security Scan Report: whm.whm.mvd.604219075ahczvupdate.krzbvigm.03-120-55-020.plesk.page

Redirected to:
https://login.microsoftonline.com/b34ec9cd-0a78-4623-9e54-2885791429c7...
Site favicon
Submitted: May 18, 2026, 11:49:18 AMCompleted: May 18, 2026, 11:50:33 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 22 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://whm.whm.mvd.604219075ahczvupdate.krzbvigm.03-120-55-020.plesk.page/auth/oidc/azure

Effective URL: https://login.microsoftonline.com/b34ec9cd-0a78-4623-9e54-2885791429c7/oauth2/v2.0/authorize?access_type=offline&client_id=86a3041a-a218-4ec6-a019-fe40c6d23389&code_challenge=nsg1wCWcZuhJ54hk-Zuj90IRQYKYa2Lmfp7IH4zGgr8&code_challenge_method=S256&redirect_uri=https%3A%2F%2Fvpn.hsag-prod.onpower.cloud%2Fauth%2Foidc%2Fazure%2Fcallback&response_type=code&scope=openid+email+profile&state=JBJH6CDAHDDnbRJQ&sso_reload=trueRedirected

AI Security Verdict

Confirmed Scam

Confidence: 92%

8
Risk Score

The site impersonates Powercloud, uses a login form to harvest credentials, and triggers critical IDS alerts – confirmed phishing scam.

Risk Factors
Unranked domain claiming a major brand
Credential‑collecting login form
Critical IDS alert indicating possible malware/data exfiltration
Highly obfuscated JavaScript
Redirect chain to external Microsoft login page
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Within the .page top-level domain, 'whm.whm.mvd.604219075ahczvupdate.krzbvigm.03-120-55-020.plesk.page' is registered and includes subdomain 'whm.whm.mvd.604219075ahczvupdate.krzbvigm.03-120-55-020'. The second-level label 'plesk' is 5 characters long holding 1 vowel versus four consonants. Breaking it apart gives two words: pl, esk. Median word length is 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://whm.whm.mvd.604219075ahczvupdate.krzbvigm.03-120-55-020.plesk.page/auth/oidc/azure

Page Load Overview

6.24s
Total Load Time
9
HTTP Requests
5
Domains
76 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
43.120.55.20Frankfurt am Main, Hesse, Germany
AS16509Amazon.com, Inc.
151.11.192.49Paris, Île-de-France, France
AS8075Microsoft Corporation
120.190.160.2Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
140.126.31.73Dublin, Leinster, Ireland
AS8075Microsoft Corporation
123.53.42.114Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
113.107.246.44United States
AS8075Microsoft Corporation
96--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HTTP/3
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T106835BDA7EA22937C28A45B5B4753E02AE3A5803894CDDA4F15CCD842FFB74C8267617

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lXdo8GLG2FVWBYmwxoIZ9Tjuokmap5vPoMLufFUEGJZiKC:881Cx9a/AOC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:81156:YGoKJDgCZBAGhwrAJhABiEKgMkYIkRJQjkABBOoCOQwRRAQKEcT+KHCEoFFIMRIAdeApDJJClsASFgFwxMgsDA4RgEQgIlQN

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000187858180000
Perceptual Hash:c81d2727c8cf9d8c
Difference Hash:3202b2b2b232e585
Wavelet Hash:030018fafe1f75e5
Color Hash:#798fd2

Other Hashes

Crop Resistant:b23062f2b2a093a3,00104034344000e0,3202b2b2b232e585

Scan History

Scan history not available

Unable to load historical scan data