ScanMalware.com

Security Scan Report: it4-my.sharepoint.com

Redirected to: https://login.microsoftonline.com/49c9e841-da4a-43d0-9fdc-7a45085af728/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=7E019FBAF0529003892732D74B033EC196EFEE8069C388AF%2DAA5376BECA1B910EF28747C6B2BA2C6A0AF7FCDAFFF3E652C80A3C28D5474B08&redirect%5Furi=https%3A%2F%2Fit4%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bd4704a2%2D80a6%2D1000%2D8589%2D5c5688f86bbb&sso_reload=true

Submitted: Mar 28, 2026, 2:38:49 AMCompleted: Mar 28, 2026, 2:40:01 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://it4-my.sharepoint.com

Effective URL: https://login.microsoftonline.com/49c9e841-da4a-43d0-9fdc-7a45085af728/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=7E019FBAF0529003892732D74B033EC196EFEE8069C388AF%2DAA5376BECA1B910EF28747C6B2BA2C6A0AF7FCDAFFF3E652C80A3C28D5474B08&redirect%5Furi=https%3A%2F%2Fit4%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=bd4704a2%2D80a6%2D1000%2D8589%2D5c5688f86bbb&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #66 of the top 1 million websitesTop 100 Site

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page that harvests Microsoft credentials; do not enter any information and report the site.

Risk Factors
Credential harvesting form that sends credentials to a different domain
Brand impersonation of Microsoft login page on a non‑official domain
Highly obfuscated JavaScript indicating attempt to hide malicious behavior
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'it4-my.sharepoint.com' uses the commercial generic top-level domain (.com), featuring subdomain 'it4-my'. Its registrable label 'sharepoint' stretches across 10 characters with 4 vowels and 6 consonants. Tokenizing the label suggests 2 words: share, point. The median word length lands at 5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://it4-my.sharepoint.com

Page Load Overview

2.52s
Total Load Time
32
HTTP Requests
7
Domains
1001 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
813.107.246.44United States
AS8075Microsoft Corporation
413.107.136.10Redmond, Washington, United States
AS8075Microsoft Corporation
452.168.117.168NetherlandsUnknown
420.190.160.130GermanyUnknown
423.207.210.137Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
440.126.31.0UnknownUnknown
420.190.160.22UnknownUnknown
327--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11D836BD97EE21837C7464171B9BA3E026E7A69038848CD64F19CC8842FFB75D8237657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:l28GLG2r5E7yoIyEk77gx2xpTvPoMmCduEQkCimC:c8A5eyJ32RAzC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:82707:qQBiAihKyMoEkwYSETgliHPIBBocFgIAImLkICDRgE6IlCQRGcBHgjIAAAYDDE1kQ1FgDZCGznIBwASA1NCRBCahJAR5SgDl

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff819999999981ff
Perceptual Hash:9c99e3669c991ccc
Difference Hash:d42b333333332fd0
Wavelet Hash:f9819898998181ff
Color Hash:#1f6f93

Other Hashes

Crop Resistant:8a806a72b29283c2,9880c03232e280f0,d42b333333332fd0

Scan History

Scan history not available

Unable to load historical scan data