Security Scan Report: authenticate.tools.engine.alloyed.com

Redirected to:
https://login.microsoftonline.com/4a71a66b-9528-4bfb-b5f5-adc541e1f9de...
Site favicon
Submitted: Jan 6, 2026, 5:45:54 PMCompleted: Jan 6, 2026, 5:47:07 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 4 countries across 5 domains to perform 12 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://authenticate.tools.engine.alloyed.com/.pomerium/sign_in?pomerium_expiry=1767592187&pomerium_idp_id=D7MQwPfBXnWvEGJqV8GqP8VnwHrwfyGtYxLpZD2NhYz2&pomerium_issued=1767591887&pomerium_redirect_uri=https%3A%2F%2Fverify.engine.alloyed.com%2F&pomerium_signature=9zGSHEvE8xJgs3PLNkv30i1nrM1Akc8dhm3UPmcbn2o%3D

Effective URL: https://login.microsoftonline.com/4a71a66b-9528-4bfb-b5f5-adc541e1f9de/oauth2/v2.0/authorize?client_id=c8413d30-9aca-4532-8202-4655fda2e1d6&prompt=select_account&redirect_uri=https%3A%2F%2Fauthenticate.tools.engine.alloyed.com%2Foauth2%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=S3JoOGQ2NGVsQUhVT1k1cEtTc205ZFVJWTExQ0NXaWVINHVxL2dyOG54OVREaUQrL3dCTUpPSkVVYWtYaFdhUWlxaGVDYU52WkxRMUVGMFVZL2ZVWXc9PXwxNzY3NzIxNTU4fMVImksBS48nAFvTawnKkld79RC7zzVu6zWoZosbpN5RNNcZxomaTfXOIfjWbhzJGR_BzLe3OSZawmUsVNTDqzh16APlgUO5ahGEJAz0R0xQBFNbPjOgeJllY8Yw_oBUK-pfKGESDJQUFF9pozmyDlfSvDA5lt-2X2hFCC5_2a5j1yBPeC6UuVouEj74wmxLwm5zWli6TIC2wYAxpLOAi6r22l6ZWAOmPr1yaoU61Vd5EaSGEYzBh4siiHPcF6hOY8qllq2KWMcQ3zK3YKB7AW-j3mNHGQKcFs2if0bqSNwg1Nc-vKoKYzuktuaHUIMsd8Z3R0s3lyhSrNSzq6Tpm-TlJ0Ja3TteM3udCUA04e7ZQdFq0zSZQWA2URr3y3OeGtMCX-WEwgjGgbv-OLvPSeucXCi2NRei9D1mOHnstZ6QJ5pAll5aay-ydV4UvzYJjLc-nxj5SCpBxUuB0Kc%3D&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 88%

2
Risk Score

Phishing page impersonating Microsoft; collects credentials on an unranked domain.

Risk Factors
Brand impersonation of Microsoft
Credential collection on non‑official domain
Unranked domain reputation
Highly obfuscated JavaScript
Safety Factors
Domain age > 20 years (well‑established)
No IoC, YARA, or IDS alerts detected
Form posts to legitimate Microsoft login endpoint
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 7 to 2
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(80%)

Domain Information

Domain 'authenticate.tools.engine.alloyed.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'authenticate.tools.engine'. Its registrable label 'alloyed' stretches across 7 characters split between 3 vowels and four consonants. Word splitting yields one word: alloyed. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://authenticate.tools.engine.alloyed.com/.pomerium/sign_in?pomerium_expiry=1767592187&pomerium_idp_id=D7MQwPfBXnWvEGJqV8GqP8VnwHrwfyGtYxLpZD2NhYz2&pomerium_issued=1767591887&pomerium_redirect_uri=https%3A%2F%2Fverify.engine.alloyed.com%2F&pomerium_signature=9zGSHEvE8xJgs3PLNkv30i1nrM1Akc8dhm3UPmcbn2o%3D

Page Load Overview

2.40s
Total Load Time
12
HTTP Requests
5
Domains
295 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:128 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software80% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
80%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
620.190.147.7Paris, Île-de-France, France
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
12.23.227.89Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
154.159.249.181Ashburn, Virginia, United States
AS14618AMAZON-AES
113.107.246.45United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
12.23.227.79Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
140.126.53.15Sweden
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.190.177.82Paris, Île-de-France, France
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
127--

Detected Technologies6

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19A835AEA7EB31937828A45B5B5B53E02AE765A039C8CD964F15CCCC42FF660D8237613

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:DWmA8GLGGSGFWQt63fxya1XoVzTEyqU6MVnvnaloMP2FESiiejC:M8VGAs63fxyIXjyS2ujC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:86177:sgJJIREfnAKcAkBDUYAhRQwDgAAYgCo2AhIeBCEEBMGOqliTgEoCkAeAkkD4jGyFC2M3cTgAgHBXkkRiPjhAGKQAjoIABzgY

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00103933372f3737
Perceptual Hash:8659517666d9d90b
Difference Hash:88e4d2e7e5cee6e6
Wavelet Hash:00203b33373f373f
Color Hash:#78563a

Other Hashes

Crop Resistant:88e4d2e7e5cee6e6

Scan History

Scan history not available

Unable to load historical scan data