ScanMalware.com

Security Scan Report: test-returnability.cedesco.mx

Redirected to: https://login.microsoftonline.com/0037ec4d-d9c4-4ee0-a421-435ea48dc279/saml2?SAMLRequest=fVJBbtswEPyKwDslSpFlibANuDGKGkhbI3ZzyCWgqVVMgCJV7qpOfl9abtH0YvBAYLgzwxnsAlVvB7ke6eQe4ecISMlbbx3K6WHJxuCkV2hQOtUDStJyv%2F76IItUyCF48tpb9oFym6EQIZDxjiXbzZK9lHmTd9UR4plXhYY6L2d1J1rRqbpr8llTNV1dKN0oljxBwMhcsigU6YgjbB2SchQhUcx4XnBRHYSQopJF%2BcySTUxjnKKJdSIaUGaZ9a%2FGpb3RwaPvyDtrHKTa95kQd3PQZcvbRpe8BBBclUXOy7sZqLJudTFvskvGgiXrv0HuvcOxh7CH8Mto%2BPH48M%2BKoj8PQLERdTTW0HuqoQXUPu3fMkSfnc%2FnrPftaCEdTsMknuH1LrjSOKEtdGq0xHFgye5P5Z%2BMa417vd328TqE8svhsOO77%2FsDWy0u2nJqL6ziF16AjF5kH9HFdSe%2BRb3tZuet0e%2FJZx96RbftLohpeTeNSgrKoQFHsSxr%2Ffk%2BgCJYMgojsGx1tfx%2F81a%2FAQ%3D%3D&RelayState=https%3A%2F%2Ftest-returnability.cedesco.mx%2Fapp.php&sso_reload=true

Site favicon
Submitted: Dec 6, 2025, 12:05:42 AMCompleted: Dec 6, 2025, 12:06:58 AMpubliccompleted
Loading additional data...

Summary

This website contacted 32 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main domain is login.microsoftonline.com.

Submitted URL: https://test-returnability.cedesco.mx/app.php

Effective URL: https://login.microsoftonline.com/0037ec4d-d9c4-4ee0-a421-435ea48dc279/saml2?SAMLRequest=fVJBbtswEPyKwDslSpFlibANuDGKGkhbI3ZzyCWgqVVMgCJV7qpOfl9abtH0YvBAYLgzwxnsAlVvB7ke6eQe4ecISMlbbx3K6WHJxuCkV2hQOtUDStJyv%2F76IItUyCF48tpb9oFym6EQIZDxjiXbzZK9lHmTd9UR4plXhYY6L2d1J1rRqbpr8llTNV1dKN0oljxBwMhcsigU6YgjbB2SchQhUcx4XnBRHYSQopJF%2BcySTUxjnKKJdSIaUGaZ9a%2FGpb3RwaPvyDtrHKTa95kQd3PQZcvbRpe8BBBclUXOy7sZqLJudTFvskvGgiXrv0HuvcOxh7CH8Mto%2BPH48M%2BKoj8PQLERdTTW0HuqoQXUPu3fMkSfnc%2FnrPftaCEdTsMknuH1LrjSOKEtdGq0xHFgye5P5Z%2BMa417vd328TqE8svhsOO77%2FsDWy0u2nJqL6ziF16AjF5kH9HFdSe%2BRb3tZuet0e%2FJZx96RbftLohpeTeNSgrKoQFHsSxr%2Ffk%2BgCJYMgojsGx1tfx%2F81a%2FAQ%3D%3D&RelayState=https%3A%2F%2Ftest-returnability.cedesco.mx%2Fapp.php&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

High‑risk phishing page mimicking Microsoft login; avoid entering credentials.

Risk Factors
Brand impersonation/typosquatting (Microsoft branding on unrelated domain)
Credential harvesting form on a non‑official domain
Unranked domain with unknown/very recent registration
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Within the Mexican country-code top-level domain (.mx), 'test-returnability.cedesco.mx' is registered; it also runs on subdomain 'test-returnability'. The registrable portion 'cedesco' spans 7 characters with 3 vowels and 4 consonants. Segmentation suggests two words: cedes, co. The median word length lands at 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://test-returnability.cedesco.mx/app.php

Page Load Overview

1.15s
Total Load Time
17
HTTP Requests
5
Domains
461 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1123.207.210.137Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
320.190.159.73Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
113.107.246.45United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
140.126.32.72Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
13.230.77.119Ashburn, Virginia, United States
AS14618AMAZON-AES
013.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
023.207.210.132Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
020.190.159.71Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.0Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.32.68Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1732--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T129734BDA7EA31937834A54B5B5B66E02AB3A9D038C4CCD60F18CCD882FF675D8127653

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:Do8GLGG6qxrXoKzTEyqU6MVnvnaloMPt9EVai1C:M8jgXayS2lC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:75914:gcHKQy7lgIizUg5giC4CwyKKsBqRkioLwCoE0BBuQcMugqyAkccEEiGm4jIAxAEhASkKAIQaExLGFIYAAwEhdzCZsBBUBYZH

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f3737
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5eee6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#64d22d

Other Hashes

Crop Resistant:88e4d2d3e5eee6e6

Scan History

Scan history not available

Unable to load historical scan data