ScanMalware.com

Security Scan Report: engineering-relay-useast-01.tamg.io

Redirected to: https://login.microsoftonline.com/cf3dc8a2-b7cc-4452-848f-cb570a56cfbf/saml2?SAMLRequest=fVPLbtswELznKwTd9X5EJWwDro2iBtLGsJ0eeikocukQkEiVXDXu35dUnNoBWutCYLkzOzNczSztu4EsR3xWO%2Fg5gsW7IDj1nbJkupqHo1FEUystUbQHS5CR%2FfLLA8njlAxGo2a6C9%2BBbmOotWBQauVBm%2FU8XD89%2FuACUshEm4tWVDyjXBS0Fjz%2FUEHWtkWaZkVdFU3bQprRPGtYXhUVL0TDy5LXReG5voGxjnYeuikTt7UjbJRFqtAV07yO0ixK60PakKIhafndd62dZakoTshnxMGSJOn0Uaq4l8xoqwVq1UkFMdN9wkTBWUPzqL1nLCrLKo%2BashERa6v7lFY1cwYSH0LuybfnfD5KxaU63g6mfW2y5PPhsI22j%2FuDp1i%2BxbXSyo49mD2YX5LB0%2B7hoperYzRaoBadxRhpf4ylTiizSbhwHEEw85LIlIhZ3Eb1gJRTpMksuQZdaAby1WnfrLe6k%2Bz3VPffJ216iv%2B3mMXZVJE8ElMrGZUdgEkhgYd%2FaZZdp19WBijCPEQzQhgk74af1xT4tLQuFYQTBivdD9RI618RTpTh2fjF%2FHX7qnNbuAOxuLmojDDf58pbd7xow%2F17AnOzD4Y68drgOaR%2Fkr%2BqTm7IXty9XV%2F%2FgYs%2F&RelayState=64gS1Gh3sFuU4L0n1LQGMmFUArRT4xNZ7OCEb28O&sso_reload=true

Site favicon
Submitted: Jan 6, 2026, 8:38:00 AMCompleted: Jan 6, 2026, 8:39:10 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 1 country across 6 domains to perform 16 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://engineering-relay-useast-01.tamg.io

Effective URL: https://login.microsoftonline.com/cf3dc8a2-b7cc-4452-848f-cb570a56cfbf/saml2?SAMLRequest=fVPLbtswELznKwTd9X5EJWwDro2iBtLGsJ0eeikocukQkEiVXDXu35dUnNoBWutCYLkzOzNczSztu4EsR3xWO%2Fg5gsW7IDj1nbJkupqHo1FEUystUbQHS5CR%2FfLLA8njlAxGo2a6C9%2BBbmOotWBQauVBm%2FU8XD89%2FuACUshEm4tWVDyjXBS0Fjz%2FUEHWtkWaZkVdFU3bQprRPGtYXhUVL0TDy5LXReG5voGxjnYeuikTt7UjbJRFqtAV07yO0ixK60PakKIhafndd62dZakoTshnxMGSJOn0Uaq4l8xoqwVq1UkFMdN9wkTBWUPzqL1nLCrLKo%2BashERa6v7lFY1cwYSH0LuybfnfD5KxaU63g6mfW2y5PPhsI22j%2FuDp1i%2BxbXSyo49mD2YX5LB0%2B7hoperYzRaoBadxRhpf4ylTiizSbhwHEEw85LIlIhZ3Eb1gJRTpMksuQZdaAby1WnfrLe6k%2Bz3VPffJ216iv%2B3mMXZVJE8ElMrGZUdgEkhgYd%2FaZZdp19WBijCPEQzQhgk74af1xT4tLQuFYQTBivdD9RI618RTpTh2fjF%2FHX7qnNbuAOxuLmojDDf58pbd7xow%2F17AnOzD4Y68drgOaR%2Fkr%2BqTm7IXty9XV%2F%2FgYs%2F&RelayState=64gS1Gh3sFuU4L0n1LQGMmFUArRT4xNZ7OCEb28O&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

High‑risk phishing site impersonating Tripadvisor

Risk Factors
Credential harvesting login form on a non‑official domain
Brand impersonation of Tripadvisor
Unranked domain with brand claim
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate business

(44%)

Domain Information

Within the British Indian Ocean Territory country-code top-level domain (.io), 'engineering-relay-useast-01.tamg.io' is registered with subdomain 'engineering-relay-useast-01'. Count 4 characters in 'tamg' with 1 vowel and three consonants. Word splitting yields two words: tam, g. Average segment length settles at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://engineering-relay-useast-01.tamg.io

Page Load Overview

2.94s
Total Load Time
12
HTTP Requests
5
Domains
234 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:177 chars
Detector Agreement:67%

Website Classification

Primary Category

corporate business44% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

corporate business
44%
social media network
34%
travel tourism
34%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
220.190.159.23United States
AS14618
223.207.210.132United States
AS8075
213.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
240.126.31.67United StatesUnknown
240.126.31.129United StatesUnknown
23.218.2.120Ashburn, Virginia, United States
AS14618AMAZON-AES
126--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T180735BE97EA72937C34A45B5B4BA7D02AE3A5903894CCD64F15CC9843FFA64D8137603

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:ls8GLGGy82zzTEyqU6MVnvnaloMPb1EyKPiHC:S8m2myS2UC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:77967:iMmKBEXBfFPIjgA8blu4gWBIIQogjQAAmuBgFCWAhBCYA0AiJQGB6SAgBjA8yVBBKgIhOCoFhhkTFAKKgpimgAmBeZwycwAF

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:001f7fffff180000
Perceptual Hash:98cd36c3ac13d999
Difference Hash:dcf0b2b2b2b0e8ac
Wavelet Hash:043f7fffff180000
Color Hash:#e06c75

Other Hashes

Crop Resistant:aeacf0b283b6aeac,dcf0b2b2b2b0e8ac

Scan History

Scan history not available

Unable to load historical scan data