Security Scan Report: enterpriseenrollment.mural.co

Redirected to:
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?...
Site favicon
Submitted: Jul 8, 2026, 7:09:44 PMCompleted: Jul 8, 2026, 7:10:52 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 26 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://enterpriseenrollment.mural.co

Effective URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fintune.microsoft.com%2Fauth%2Flogin%2F&client-request-id=019f4322-e086-7536-8ad2-d43e85ad9bd4&response_mode=fragment&client_info=1&clidata=1&nonce=019f4322-e086-79f2-b6eb-7a39619886d6&state=eyJpZCI6IjAxOWY0MzIyLWUwODYtN2IzNC1iMzljLThmN2FlMGI2NjExNCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&x-client-SKU=msal.js.browser&x-client-VER=5.13.0&response_type=code&code_challenge=tY4B6dGk0ssCWqOpp1MwoZuNXbQh7-aQswRgf9qfQf0&code_challenge_method=S256&site_id=501430&instance_aware=true&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #37,920 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 82%

2
Risk Score

Page mimics Microsoft Azure login on a unrelated domain, indicating brand impersonation and credential phishing.

Risk Factors
Brand impersonation of Microsoft on a non‑Microsoft domain
Credential collection form on mismatched domain
Safety Factors
No malicious IoC matches
No JavaScript malware patterns
Cross‑origin submission appears to be a standard SSO redirect
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 7 to 2
Domain age information unavailable

Details

Page Title

Sign in to Microsoft Azure

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(77%)

Domain Information

The domain name 'enterpriseenrollment.mural.co' uses the Colombian country-code top-level domain (.co); it also runs on subdomain 'enterpriseenrollment'. The core label 'mural' covers 5 characters with two vowels and three consonants. It segments into 1 word: mural. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://enterpriseenrollment.mural.co

Page Load Overview

0.90s
Total Load Time
26
HTTP Requests
7
Domains
501 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:187 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software77% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
77%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
513.69.116.109Azure · CLOUDAmsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
313.107.246.44Azure · CLOUDUnited States
AS8075Microsoft Corporation
352.236.189.96Azure · CLOUDAmsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
320.190.160.22Office365 · CLOUDAmsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
340.126.32.68Azure · CLOUDAmsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
340.126.32.138Azure · CLOUDAmsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
320.190.160.131Office365 · CLOUDAmsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
3150.171.84.25Azure · CLOUDUnited States
AS8075Microsoft Corporation
268--

Detected Technologies5

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12A936CD97EB72937C28A05B5B5797E02AA3A98478C4CD960F15CC8842FFB74D812B613

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:Mx8GLG2H0YHOkLo4IZ9Tjuokmap5vPoMLufl0fiil11:08NYukLca/AE11

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:90630:kSclpIAF8SBJBECErAEpCJACALaI6RHS0aEAWGI0kBggylAgk4AuJKEQwFsFBgoGAwRKQACZAGILSegDi6NpMhyQCNlFQoAg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003a3f3f373fff00
Perceptual Hash:85d970f626d919e4
Difference Hash:c8e2d2d2e4cae6e7
Wavelet Hash:003a3b3f373f7700
Color Hash:#5371ac

Other Hashes

Scan History

Scan history not available

Unable to load historical scan data