ScanMalware.com

Security Scan Report: msoid.dk.pandasecurity.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639095805162878068.MjQxY2QyMDktOTYzMS00N2FiLWEwZWEtOTM4YjI0ZjdhZDE1MzU2YThlYjctZDBiNi00MWYzLWEzYTEtMDZkM2M2MDBkYjdm&ui_locales=en-US&mkt=en-US&client-request-id=cbe4621b-1dea-42d7-beed-29471be03f15&state=jpUdpr5Mb-Z6IsHHp7q5Trb4hrTFNXAZ5X6gmcQybDOfjw1LwiD03u0QvW1BpN2YgKrmJAEC-L0t9wZklh6_hbva_iuFaDszHV0hHLasurakx2u8l7R_t0Wrd9UAO4XRUFFuqGs515V-v9AC_c97JkqqVyFD-I8yuu-Rb4kBItOq8eHU55W9H6MUD4vmLWVtIs0yCi67bjfzURVTI4qx3ycukvCYFEZbp04I08OLVb2ZQ1jwgRqHK2Awgt8U0g7493pgRQKDRz2DDyH1Gx3EkmWqi999BAYJyGcjmtExR1gmpqubZOhDZjtsoeTDUlu9DE93Z85NCrQwStxuug0__RuJSq13McVmvXP8ddiWWc1_i8zgrYr959di3Yr361BhBWIlCE97eKNC7YEY3qbt7mc9Ll0rVyj1J17IBi1SlPE&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=true

Submitted: Mar 20, 2026, 5:15:13 AMCompleted: Mar 20, 2026, 5:16:23 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 40 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.dk.pandasecurity.com

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639095805162878068.MjQxY2QyMDktOTYzMS00N2FiLWEwZWEtOTM4YjI0ZjdhZDE1MzU2YThlYjctZDBiNi00MWYzLWEzYTEtMDZkM2M2MDBkYjdm&ui_locales=en-US&mkt=en-US&client-request-id=cbe4621b-1dea-42d7-beed-29471be03f15&state=jpUdpr5Mb-Z6IsHHp7q5Trb4hrTFNXAZ5X6gmcQybDOfjw1LwiD03u0QvW1BpN2YgKrmJAEC-L0t9wZklh6_hbva_iuFaDszHV0hHLasurakx2u8l7R_t0Wrd9UAO4XRUFFuqGs515V-v9AC_c97JkqqVyFD-I8yuu-Rb4kBItOq8eHU55W9H6MUD4vmLWVtIs0yCi67bjfzURVTI4qx3ycukvCYFEZbp04I08OLVb2ZQ1jwgRqHK2Awgt8U0g7493pgRQKDRz2DDyH1Gx3EkmWqi999BAYJyGcjmtExR1gmpqubZOhDZjtsoeTDUlu9DE93Z85NCrQwStxuug0__RuJSq13McVmvXP8ddiWWc1_i8zgrYr959di3Yr361BhBWIlCE97eKNC7YEY3qbt7mc9Ll0rVyj1J17IBi1SlPE&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #20,783 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 94%

8
Risk Score

Phishing page mimicking Microsoft login, harvesting credentials via cross‑origin form.

Risk Factors
Brand impersonation on unrelated domain
Credential harvesting form (email + password)
Cross‑origin submission of credentials to Microsoft login endpoint
Highly obfuscated JavaScript
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'msoid.dk.pandasecurity.com' on the commercial generic top-level domain (.com), featuring subdomain 'msoid.dk'. Its registrable label 'pandasecurity' stretches across 13 characters with 5 vowels and eight consonants. Word splitting yields 2 words: panda, security. Median word length comes out to 6.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.dk.pandasecurity.com

Page Load Overview

0.80s
Total Load Time
30
HTTP Requests
6
Domains
472 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
523.103.241.21United States
AS8075
520.190.159.2Dublin, Leinster, Ireland
AS8075Microsoft Corporation
520.190.160.67GermanyUnknown
540.79.150.123NetherlandsUnknown
520.190.159.73Dublin, Leinster, Ireland
AS8075Microsoft Corporation
513.107.246.44United States
AS8075Microsoft Corporation
306--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12A936BDA7EA71D3B878A85B1F4762E02AE7699478C4C9C64F54CC8882FFA70D4237153

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lcTGT/8GLG2ZxZxATPTTOFjbRTQxyxK6xIWxKus7oIyEk77gx2xpTvPoMmCfuEfM:aTGT/88vATPTTOFjbRTIO7IaLs7J32Rm

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:90364:KAUOBooADZDSQkhQcAh0UKHA5ABaqIEcECAAACKABIQjAsFCUGMKAQQAKbIb2IwDY8kGmweUJlATXAAUiQogJKWwouIQKKBM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#bf40aa

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data