Security Scan Report: verify.numat-test.com

Redirected to:
https://login.microsoftonline.com/2f2b18fb-66ef-4423-86cb-4b21bba627ee...
Site favicon
Submitted: Dec 3, 2025, 7:34:17 AMCompleted: Dec 3, 2025, 7:35:40 AMpubliccompleted
Loading additional data...

Summary

This website contacted 44 IPs in 4 countries across 8 domains to perform 33 HTTP transactions. The main domain is login.microsoftonline.com.

Submitted URL: http://verify.numat-test.com/

Effective URL: https://login.microsoftonline.com/2f2b18fb-66ef-4423-86cb-4b21bba627ee/oauth2/v2.0/authorize?client_id=f82de8b6-f0b8-40f5-af3c-a32f975f1430&prompt=select_account&redirect_uri=https%3A%2F%2Fauthenticate.numat-test.com%2Foauth2%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=SGF0QjVGMkEzN3NRZ2tUWEFwYTJkSndjYkNDdEU4MWZ4WHhnbFpVaHdCND18MTc2NDc0NzMwNnxRSzEyTlQyM3RZSElzQ2NXMms2OVlnRXxvrA1XHCMXrs5x7hdAc255DeCcbJStQW8TaYwEfeJ3wAnfpsgpC0X9s_kRB0wI-iyNuR-84j1sDaD1Uo2FX9lrdAQN4CxGgout1-ByhPSUQ9kp74U0uYdMNv3e91lhnBJoh08lZiLmXRIe9u3eyAr0TOFQJcYlNDq1dOXOClRgOsQj53_aq5C8iQpU4JOVM9HOSG0v5kCBWd9Ry3jLVURFyo0DKPTYXnRwVqitULya0in_bb-CgTKC3QcTQQk2Q52VXZWBNJUnn1EHyoAtUwHuxomrAwVSBehveEDe-J_mOWdIke817WG8ocK85eqRfavfzTVgPZOY-d-uyVR_kZv6Mh3I9RQIxTTr-NuSRcae2Pqlx95zUdhuSOPz_VF4crCwPNHgKttxlJtnu2tZGqXiULTT3OeyUnF45Qrtuj7uI5lpjTkVZWEMKvNmWMRouAQL0Mcdlc8cLYgN3OzOfgcJDHPMHOvmlctXOg1VDNbk58vt3PJWBnhNDzhYV4GsPHtDcfMmd3a_UyuchvlcMHFVZauSOvckvgdUjKgf&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 85%

2
Risk Score

High‑risk credential phishing site impersonating the "numat" brand with a login form that forwards to Microsoft.

Risk Factors
Brand impersonation on unknown/unranked domain
Credential collection (email/password) on non‑official domain
Unknown domain age
Cross‑origin form submission to external login service
Safety Factors
Form posts to legitimate Microsoft login endpoint
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 8 to 2
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'verify.numat-test.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'verify'. Count 10 characters in 'numat-test' with 3 vowels and six consonants, along with one hyphen. Word splitting yields three words: num, at, test. Expect three characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://verify.numat-test.com/

Page Load Overview

1.80s
Total Load Time
33
HTTP Requests
8
Domains
1.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1913.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
440.126.32.76Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
495.100.135.57Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2172.67.129.50United States
AS13335CLOUDFLARENET
140.126.31.2Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
152.168.117.168Washington, Virginia, United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.190.159.131Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.17Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.4Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.68Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
3344--

Detected Technologies4

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T144835CE97EA62937868A0575B9B53D02AA3A49039D0CCE74F15CCC882FF770D8277197

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lRbymxbymE8GLGGWbym/M+bymW1n2upzTEyqU6MVnvnaloMP4eEBglioC:/OcOv8rOJ+OHku0yS2UC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:85962:0SxSJAAAZCA/XAjkLSCYwYuA4GNMTAAxCAYAOQQNiLgAkCcIOYZQAJoQMZAGI54MAhngIVd4GCNZBEUACshCXphT2F5CMIMV

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3c3c3c3c3c3c3c00
Perceptual Hash:879278cd6d326c6c
Difference Hash:f8d8f0f8e4e4d8c0
Wavelet Hash:3c3c3e3e3e3e3c00
Color Hash:#3ad22d

Scan History

Scan history not available

Unable to load historical scan data