Security Scan Report: intranet.altour.com

Redirected to:
https://travelleaders.okta.com/oauth2/v1/authorize?client_id=0oajlg46r...
Site favicon
Submitted: May 17, 2026, 9:52:42 AMCompleted: May 17, 2026, 9:54:43 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 13 HTTP transactions. The main domain is travelleaders.okta.com and was registered NaN years ago.

Submitted URL: https://intranet.altour.com

Effective URL: https://travelleaders.okta.com/oauth2/v1/authorize?client_id=0oajlg46rk5LU8uT5357&redirect_uri=https%3A%2F%2Ftravelleaders.cloudflareaccess.com%2Fcdn-cgi%2Faccess%2Fcallback&response_type=code&scope=openid%20groups%20profile%20email&state=e771e071dc98cf03b2c43f08c5b97aec200d643b68d1fd55bf818232eec3862c.JTdCJTIyaWF0JTIyJTNBMTc3OTAxMTU4MiUyQyUyMmF1dGhEb21haW4lMjIlM0ElMjJ0cmF2ZWxsZWFkZXJzLmNsb3VkZmxhcmVhY2Nlc3MuY29tJTIyJTJDJTIyaG9zdG5hbWUlMjIlM0ElMjJpbnRyYW5ldC5hbHRvdXIuY29tJTIyJTJDJTIycmVkaXJlY3RVUkwlMjIlM0ElMjIlMkYlMjIlMkMlMjJhdWQlMjIlM0ElMjI4M2I0MWZmN2VlZjk3ZjQyZjA0MGJmZWQ3OGUzZjQ2MDI5ZGU0M2IyZTI4MjUyYTY2OGJhMWYzZDk3ZTUwOWNjJTIyJTJDJTIyaXNTYW1lU2l0ZU5vbmVDb21wYXRpYmxlJTIyJTNBdHJ1ZSUyQyUyMmlzSURQVGVzdCUyMiUzQWZhbHNlJTJDJTIyaXNSZWZyZXNoJTIyJTNBZmFsc2UlMkMlMjJub25jZSUyMiUzQSUyMm5uUjI2VFNCMXZ3SHZ4Qzc4JTIyJTJDJTIyaWRwSWQlMjIlM0ElMjI1Y2NkMWY1NS04ZTdiLTQxN2EtOTY0OC0yYWRhMTMwYjRhNDYlMjIlMkMlMjJzZXJ2aWNlX3Rva2VuX3N0YXR1cyUyMiUzQWZhbHNlJTJDJTIyYXV0aF9zdGF0dXMlMjIlM0ElMjJOT05FJTIyJTJDJTIyaXNfd2FycCUyMiUzQWZhbHNlJTJDJTIyaXNfZ2F0ZXdheSUyMiUzQWZhbHNlJTJDJTIybXRsc19hdXRoJTIyJTNBJTdCJTIyY2VydF9pc3N1ZXJfZG4lMjIlM0ElMjIlMjIlMkMlMjJjZXJ0X3NlcmlhbCUyMiUzQSUyMiUyMiUyQyUyMmNlcnRfaXNzdWVyX3NraSUyMiUzQSUyMiUyMiUyQyUyMmNlcnRfcHJlc2VudGVkJTIyJTNBZmFsc2UlMkMlMjJjb21tb25fbmFtZSUyMiUzQSUyMiUyMiUyQyUyMmF1dGhfc3RhdHVzJTIyJTNBJTIyTk9ORSUyMiU3RCUyQyUyMmFwcFNlc3Npb25IYXNoJTIyJTNBJTIyNGI3ZjFhODkzN2ZlYjIzMWIzNmU5NDNjYjM0M2E2MTRmNTRlYjY0NzEwZDkyMGU3ODliOGY5ZDUwZGE5OGZmNiUyMiU3RA%253D%253DRedirected

The Cisco Umbrella rank of the primary domain is #612,542 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 80%

8
Risk Score

The site shows a high‑risk credential phishing pattern with a critical IDS alert and suspicious obfuscated JavaScript.

Risk Factors
Critical IDS alert indicating possible malware/data exfiltration
Obfuscated JavaScript with high‑entropy and base64 encoding
Suspicious credential form (password without username)
Redirect to external authentication provider (Okta) on a low‑rank domain
Potential brand impersonation risk due to low ranking for a travel brand
Domain age information unavailable

Details

Page Title

Internova Travel Group - Production - Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(75%)

Domain Information

You're looking at domain 'intranet.altour.com' on the commercial generic top-level domain (.com) with subdomain 'intranet'. Its registrable label 'altour' stretches across 6 characters holding 3 vowels versus three consonants. Word splitting yields two words: al, tour. Expect 3 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://intranet.altour.com

Page Load Overview

3.55s
Total Load Time
23
HTTP Requests
5
Domains
333 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:477 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software75% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
75%
documentation technical
68%
travel tourism
50%
adult content
48%
government public service
43%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
835.71.178.224United States
AS16509Amazon.com, Inc.
5104.19.194.29United States
AS13335Cloudflare, Inc.
53.161.82.15United States
AS16509Amazon.com, Inc.
5104.18.24.43United States
AS13335Cloudflare, Inc.
234--

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D50318C21D0ADADD16C96D88A63B5546350282C3C3A0EEC077FDCDCAAF99D4B745E60C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:IEc0SS/hTmshwkuvCPEXkeZiCPEXkeZCZTmxls/G:Pc0xhTmsbuqakyakvZTmxlYG

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:39236:TxiBdJIxEEAAgIlwo4GQIRDyIlMAaTYIaImDGoXAJKBAjAgEqQkUBgxYeFkBwehaicDq5wEYxJYSCNlkIICAFEJVQFYBCcMo

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3f7fffffffffffff
Perceptual Hash:800002070f7fffff
Difference Hash:e080000000000000
Wavelet Hash:20c0f0f0f0f0f0f0
Color Hash:#796ce0

Other Hashes

Crop Resistant:e080000000000000

Scan History

Scan history not available

Unable to load historical scan data