ScanMalware.com

Security Scan Report: auth-01.dev.dratarules.com

Redirected to:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_...
Submitted: Apr 19, 2026, 10:55:50 AMCompleted: Apr 19, 2026, 10:57:06 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://auth-01.dev.dratarules.com/sso/social/microsoft

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d2ba9083-4183-49c6-b935-96296bf1c308&redirect_uri=https%3A%2F%2Fauth-01.dev.dratarules.com%2Fsignin%2Fauditor%2Fmicrosoft%2Fcallback&response_type=code&scope=User.Read&state=eyJwcm92aWRlciI6Im1pY3Jvc29mdCIsIm5vbmNlIjoiYmM4MTYzOWMtZWU0Ni00NzBiLTgxZDMtZWQxNzNlYjgxMGU5IiwiaXNBdWRpdG9yIjp0cnVlLCJ0aW1lc3RhbXAiOjE3NzY1OTYxNTg1NjUsImF1dGhUeXBlIjoic29jaWFsIn0%3D&response_mode=query&sso_reload=trueRedirected

AI Security Verdict

Moderate Risk

Confidence: 92%

5
Risk Score

Phishing page impersonating Microsoft login on an unranked domain; high risk of credential theft.

Risk Factors
Brand impersonation
Credential collection on non‑official domain
Unranked domain reputation
Login form without legitimate brand domain
Safety Factors
Domain age > 20 years (well‑established)
No malicious IoC matches
No JavaScript malware YARA hits
No network IDS alerts
Established domain (8684 days old) with no strong malicious indicators — risk clamped from 8 to 5
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(71%)

Domain Information

You're looking at domain 'auth-01.dev.dratarules.com' on the commercial generic top-level domain (.com) and includes subdomain 'auth-01.dev'. Its registrable label 'dratarules' stretches across 10 characters split between 4 vowels and six consonants. Word splitting yields four words: dr, at, a, rules. Expect 2 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://auth-01.dev.dratarules.com/sso/social/microsoft

Page Load Overview

6.68s
Total Load Time
17
HTTP Requests
5
Domains
464 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software71% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
71%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
520.190.159.2Ireland
AS8075
313.107.246.44United States
AS20940
320.190.159.128Germany
AS13335
352.168.117.169UnknownUnknown
3104.18.28.220UnknownUnknown
175--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D2734AEE7EB62D37868645B1B5B97D02AE3659038D4CCD60F14CCC882FEA70D8127A57

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lJ8GLG2poWdoIyEk77gx2xpTvPoMmCfnEfIioC:D8+xdJ32RAGC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:78887:bIhoAaIiB1BiCIJkBPQI4VeJAgICAHIDVwBjGABoNMgUQgZ/MgWYAFbXUcLBKBwgBEMOACAAANgQUIBMRirqBBgDgAj4FcCv

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5eee6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#6f3a78

Other Hashes

Crop Resistant:88e4d2d3e5eee6e6

Scan History

Scan history not available

Unable to load historical scan data