ScanMalware.com

Security Scan Report: verify.ebmpapst.afi-cloud.de

Redirected to: https://login.microsoftonline.com/e83c9344-926a-407e-bd67-78bfd5a22a83/saml2?SAMLRequest=jZJLb9swEITv%2FRUC79SDsvUgLAVujKAG0taIlRx6CShqlRCgSJVLuc2%2FryrHQHpokOti9tvBzG6ufg86OIFDZU1FkjAmARhpO2WeKnLf3NCCXNWfNigGzUa%2BnfyzuYOfE6APtojg%2FLx3bQ1OA7gjuJOScH93W5Fn70fkUTSjVf8SQjuMYkQfil5Rqe3UhR1EYsY9OkCrT0CC3QxVRvjFyWVf2ydlwkFJZ9H23hqtDITSDhEUqSzT1YqWLBN0FedA2y7LaV60fbcWjIkijRbfJNjvKvKYJes27YElZd%2ByfJ2sRAZdWXZpEcuerdtZhjjB3qAXxleExSyjcUqTrGEJj2MeJ2HOyh8kODjrrbT6szLnoCZnuBWokBsxAHIv%2BXH79ZazMObtWYT8S9Mc6OH7sSHBwyVw9jfwuQKD%2FBzx%2B6zx9TCpz43wxbF7S3gfIC6dkfojDW2it2fqyxt8m7n73cFqJV%2BCrdb217UD4aEivdA4V3lj3SD8%2F60kYbJMVEf7RcongyNI1SvoSFS%2F3v334eo%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=oL7mZID3Y6y5lxwjNIDKW6J9wWtO5f%2FDHmWS%2BSNfdB4BKx5xarFWo1JmHWBdQ4DG5fBm9azjF7QYwqTn2fZE63aOzkU9jZdUoEeYWSFH%2FcUgmzPDdL7vh0wdp%2BKo8XGRev9wpheOMXI9HSY%2B3i7KJptHDQQ5upSklCdn%2FYTZrJWiczdKSclceeisVjvYQ39kP65OasPmCsj2EF6qhpNj6ajfcsnVB6vcjZvWxD75QuPTSnDjnKRzG01xR5oTGKdXeTv00jPQpgSJzixQwU2V8M4lWf1OcNxeyP0%2B5%2BOasoRqhhUUbVZal9DlhLGWg0hqDt94I2e7WQk10%2BPw9pMgNg%3D%3D&sso_reload=true

Submitted: Mar 16, 2026, 8:59:59 PMCompleted: Mar 16, 2026, 9:01:17 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: http://verify.ebmpapst.afi-cloud.de/

Effective URL: https://login.microsoftonline.com/e83c9344-926a-407e-bd67-78bfd5a22a83/saml2?SAMLRequest=jZJLb9swEITv%2FRUC79SDsvUgLAVujKAG0taIlRx6CShqlRCgSJVLuc2%2FryrHQHpokOti9tvBzG6ufg86OIFDZU1FkjAmARhpO2WeKnLf3NCCXNWfNigGzUa%2BnfyzuYOfE6APtojg%2FLx3bQ1OA7gjuJOScH93W5Fn70fkUTSjVf8SQjuMYkQfil5Rqe3UhR1EYsY9OkCrT0CC3QxVRvjFyWVf2ydlwkFJZ9H23hqtDITSDhEUqSzT1YqWLBN0FedA2y7LaV60fbcWjIkijRbfJNjvKvKYJes27YElZd%2ByfJ2sRAZdWXZpEcuerdtZhjjB3qAXxleExSyjcUqTrGEJj2MeJ2HOyh8kODjrrbT6szLnoCZnuBWokBsxAHIv%2BXH79ZazMObtWYT8S9Mc6OH7sSHBwyVw9jfwuQKD%2FBzx%2B6zx9TCpz43wxbF7S3gfIC6dkfojDW2it2fqyxt8m7n73cFqJV%2BCrdb217UD4aEivdA4V3lj3SD8%2F60kYbJMVEf7RcongyNI1SvoSFS%2F3v334eo%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=oL7mZID3Y6y5lxwjNIDKW6J9wWtO5f%2FDHmWS%2BSNfdB4BKx5xarFWo1JmHWBdQ4DG5fBm9azjF7QYwqTn2fZE63aOzkU9jZdUoEeYWSFH%2FcUgmzPDdL7vh0wdp%2BKo8XGRev9wpheOMXI9HSY%2B3i7KJptHDQQ5upSklCdn%2FYTZrJWiczdKSclceeisVjvYQ39kP65OasPmCsj2EF6qhpNj6ajfcsnVB6vcjZvWxD75QuPTSnDjnKRzG01xR5oTGKdXeTv00jPQpgSJzixQwU2V8M4lWf1OcNxeyP0%2B5%2BOasoRqhhUUbVZal9DlhLGWg0hqDt94I2e7WQk10%2BPw9pMgNg%3D%3D&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 93%

8
Risk Score

Phishing login page impersonating ebmpapst; do not enter credentials and report the site.

Risk Factors
Brand impersonation (ebmpapst) on an unrelated domain
Credential harvesting form (email + password)
Cross‑origin submission of credentials to Microsoft login endpoint
Heavily obfuscated JavaScript
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(29%)

Domain Information

You're looking at domain 'verify.ebmpapst.afi-cloud.de' on the German country-code top-level domain (.de) with subdomain 'verify.ebmpapst'. Its registrable label 'afi-cloud' stretches across 9 characters containing 4 vowels alongside four consonants, along with one hyphen. Breaking it apart gives 2 words: afi, cloud. Median word length is 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://verify.ebmpapst.afi-cloud.de/

Page Load Overview

1.05s
Total Load Time
30
HTTP Requests
7
Domains
816 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:160 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software29% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
29%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
540.126.32.72Netherlands
AS3320
520.190.160.64United States
AS8075
513.107.246.44United States
AS8075Microsoft Corporation
552.178.17.3UnknownUnknown
523.207.210.137UnknownUnknown
5176.53.136.73Germany
AS3320Deutsche Telekom AG
306--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F0734BDA7EA22D37838611B4B4796E02AE3A59038D4CDCA0F19CC9843FF6B4D9137657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lw8GLG2S6VqLaSblj9dyVqoIyEk77gx2xpTvPoMmCfiEfGNiPkoC:O8n6VqLaSblj9yqJ32RA2koC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:79165:DiG4QkSBsKQuYDQsHJOATARXJVgAAgCEApCSQBKkiCArSwSAWfEBgyMBHQmgBSgsIQuILQQFRhxCcgWIEkFA3cAwUBAnAQkP

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:050f1f1f1e1c0000
Perceptual Hash:9c8963724ce189df
Difference Hash:3dbf32b230b08c0c
Wavelet Hash:0f1f1fdf1f1f0400
Color Hash:#56862d

Other Hashes

Crop Resistant:ba30e8a29382b2b2,9f82c072327280b6,3dbf32b230b08c0c

Scan History

Scan history not available

Unable to load historical scan data