ScanMalware.com

Security Scan Report: enterpriseenrollment.thetradedesk.com

Redirected to:
https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?...
Submitted: Apr 19, 2026, 2:55:23 AMCompleted: Apr 19, 2026, 2:56:36 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 31 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://enterpriseenrollment.thetradedesk.com

Effective URL: https://login.microsoftonline.com/organizations/oauth2/v2.0/authorize?client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&scope=https%3A%2F%2Fmanagement.core.windows.net%2F%2F.default%20openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fintune.microsoft.com%2Fauth%2Flogin%2F&client-request-id=019da3aa-15b7-7efd-b367-488e32cb8547&response_mode=fragment&client_info=1&nonce=019da3aa-15b8-73f4-837d-9eda31b95508&state=eyJpZCI6IjAxOWRhM2FhLTE1YjgtNzQzMC1hMzQwLWU5M2NhYjFhMDBlMCIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoicmVkaXJlY3QifX0%3D&x-client-SKU=msal.js.browser&x-client-VER=5.2.0&response_type=code&code_challenge=VEveKkAiy9mpIKCjwEW6h7SB1vzgqN7QvL7062UTty0&code_challenge_method=S256&site_id=501430&instance_aware=true&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #160,820 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 92%

5
Risk Score

The site impersonates Microsoft, hosts a credential‑stealing login on a low‑ranked, unrelated domain, and uses heavily obfuscated JavaScript – confirmed phishing scam.

Risk Factors
Low domain ranking for a major brand
Brand impersonation without official domain
Credential‑collecting login form
Highly obfuscated JavaScript
Redirect to Microsoft login after credential capture
Safety Factors
Domain age > 20 years (well‑established)
No Indicators of Compromise matched in threat intelligence
No JavaScript malware YARA patterns detected
No network IDS alerts
Established domain (8684 days old) with no strong malicious indicators — risk clamped from 9 to 5
Domain age information unavailable

Details

Page Title

Sign in to Microsoft Azure

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(77%)

Domain Information

Within the commercial generic top-level domain (.com), 'enterpriseenrollment.thetradedesk.com' is registered and includes subdomain 'enterpriseenrollment'. Its registrable label 'thetradedesk' stretches across 12 characters split between 4 vowels and eight consonants. Splitting it apart reveals three words: the, trade, desk. The median word length lands at 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://enterpriseenrollment.thetradedesk.com

Page Load Overview

1.47s
Total Load Time
26
HTTP Requests
8
Domains
568 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:187 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software77% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
77%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
852.236.189.96Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
352.168.112.67United States
AS20940
320.50.201.203GermanyUnknown
340.126.31.3NetherlandsUnknown
313.107.246.44United States
AS8075Microsoft Corporation
3150.171.84.26United States
AS8075Microsoft Corporation
320.190.160.67UnknownUnknown
267--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T181935CDA7EA22937824A05B5B5B93E02AE766D038D88CC68F15CCC842FFB74D8137557

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:sYwstwsW8GLG20wsCws63wsqsgieOoIyEk77gx2xpTvPoMmCfnEfIiK5ws+sgw1:NHo8Dcs3mOJ32RA8571

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:89420:EyIVKQDIcpAwMA4RlAQXxWlbEByihwGUEFIoocDEHUYFgIASYEhIBwcvSQIRIAyP9h1QeAVAFWZAKEKAkKMgpUAcAmgdLIgW

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003e3f3f373fff00
Perceptual Hash:85d970f626d919e4
Difference Hash:c8e2d2d2e4cae6e7
Wavelet Hash:003a3b3f373f7700
Color Hash:#d28b79

Other Hashes

Crop Resistant:c8e2d2d2e452e6e6,c6c7c3c3c3c6c7c6

Scan History

Scan history not available

Unable to load historical scan data