ScanMalware.com

Security Scan Report: msoid.zeberas.fi

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639038693571548786.NmQ3ZWExYTUtMzQ5YS00ZjhlLTljMjUtZWU5NGVlNTI0MjQ1OTc0ODcyNjItYjVlMS00YjA5LThlYWYtYWU5Y2ZiMGJjNTBk&ui_locales=en-US&mkt=en-US&client-request-id=de397f56-3192-4e59-8168-62b7279c16e1&state=IW5iYrB_dE33nwdODBDQZQVXSF_-5qNvCFXzEq46U8iyp4S_--Cf9AyNLmZESXmxa6MUche9edfFtLXRgONkfvHwB2c9kwCdLmkfbqhuKy9dP3INUhpWLvguVspNqTvcwO_mz1lbaHX3xSINwdyVR101iFf08AsSRJi3FV8SLWJz_TIxADP-SI36PUXd30A2faAwyakdvZLrbmTUgz65YjdLaVkRB59ePp3m-WSqkYqj6bYXiK7zOBbEduOJK5w6G6UFOHwmb8FDgy1I7iBsnDxgAvF-W0gwGm_CK7c-XMA&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=true

Site favicon
Submitted: Jan 13, 2026, 2:48:57 AMCompleted: Jan 13, 2026, 2:50:37 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.zeberas.fi

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639038693571548786.NmQ3ZWExYTUtMzQ5YS00ZjhlLTljMjUtZWU5NGVlNTI0MjQ1OTc0ODcyNjItYjVlMS00YjA5LThlYWYtYWU5Y2ZiMGJjNTBk&ui_locales=en-US&mkt=en-US&client-request-id=de397f56-3192-4e59-8168-62b7279c16e1&state=IW5iYrB_dE33nwdODBDQZQVXSF_-5qNvCFXzEq46U8iyp4S_--Cf9AyNLmZESXmxa6MUche9edfFtLXRgONkfvHwB2c9kwCdLmkfbqhuKy9dP3INUhpWLvguVspNqTvcwO_mz1lbaHX3xSINwdyVR101iFf08AsSRJi3FV8SLWJz_TIxADP-SI36PUXd30A2faAwyakdvZLrbmTUgz65YjdLaVkRB59ePp3m-WSqkYqj6bYXiK7zOBbEduOJK5w6G6UFOHwmb8FDgy1I7iBsnDxgAvF-W0gwGm_CK7c-XMA&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 90%

9
Risk Score

High‑risk phishing site impersonating Microsoft login; do not enter credentials.

Risk Factors
Brand impersonation on an unranked domain
Credential harvesting login form
Unranked domain claiming a major brand
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(85%)

Domain Information

Within the Finnish country-code top-level domain (.fi), 'msoid.zeberas.fi' is registered; it also runs on subdomain 'msoid'. The second-level label 'zeberas' is 7 characters long holding three vowels versus four consonants. It segments into two words: zeb, eras. Median word length is 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.zeberas.fi

Page Load Overview

17.00s
Total Load Time
12
HTTP Requests
6
Domains
294 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software85% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
85%
social media network
40%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
213.69.116.109Ireland
AS8068
240.126.32.72United States
AS8075
213.107.6.156United States
AS8068MICROSOFT-CORP-MSN-AS-BLOCK
240.126.31.73SwedenUnknown
213.107.246.44UnknownUnknown
220.190.160.3UnknownUnknown
126--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T18E835BDA7EE3293B860949B5F9B67E026A3A4D874C4CDD64F14C88842FFA72D4177143

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lc+BM+nk8GLGG6+B9+n1WXR+FoYozTEyqU6MVnvnaloMPbJEfii46znC:a+C+nk8J+L+n1WXR+KYXyS2S6bC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:84814:2uJlLxSdYY0QmnnACA5BQgQCDBAeXWvCBK0gixBkJGYBAFIYkgwwwALIgCAoKMrOBogkwTAQC7RF4X4oOsMaITD3iBEcgoQA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#812d86

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data