ScanMalware.com

Security Scan Report: msoid.clearpoolgroup.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639101588536873017.Y2VjMzEwM2UtM2I2ZC00NWIzLTkxMWEtOGRkNThhZTNjNGVlY2Q4NTcwY2MtYTEyMC00Nzk0LTg3ZGQtZDliNGY2YjIyOWE5&ui_locales=en-US&mkt=en-US&client-request-id=68aeafae-33f6-4da3-87e0-21edb34adbbd&state=Y7PWR_8DrvvDRCuzqVqYA0so1lnJfMuw6VUjsAr7C95ZnNBqx4XsfJO7hNAfayRSh0Aez9MdcOfpbxxV6f5b2dgfZtiHH1zjNq5tS0QKP9UBuQlQo9p_lTkddmRJTN5W-VqI9Po73OpmpG_ZegMf47eJ2c1HGL29qhzh4Nxt-mgpDFmXhiAXgvq1rQAjx_CDHqNNRxnw72zrRudP4_Cim8tgg79V-2VXJH_6uKB0Hmk6WoupUjwDs5gq9U_NekC4zttW2JF6M2RCAIfpil7YL5KviNs46m1C5n_weXTkdQrrZ7HR_8Zs-GqQG5XLff3pdAIYxLYCBi0OFFKMyfPW9GsH9tIimDK9slHowYA_zc8s2FXvkyW7BuMJJX7GC52JN1r1uXcD_RcD04U4zWN6kkc_R9KkOw7S821QXgLa7Hc&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=true

Submitted: Mar 26, 2026, 9:54:11 PMCompleted: Mar 26, 2026, 9:55:24 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 46 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.clearpoolgroup.com

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639101588536873017.Y2VjMzEwM2UtM2I2ZC00NWIzLTkxMWEtOGRkNThhZTNjNGVlY2Q4NTcwY2MtYTEyMC00Nzk0LTg3ZGQtZDliNGY2YjIyOWE5&ui_locales=en-US&mkt=en-US&client-request-id=68aeafae-33f6-4da3-87e0-21edb34adbbd&state=Y7PWR_8DrvvDRCuzqVqYA0so1lnJfMuw6VUjsAr7C95ZnNBqx4XsfJO7hNAfayRSh0Aez9MdcOfpbxxV6f5b2dgfZtiHH1zjNq5tS0QKP9UBuQlQo9p_lTkddmRJTN5W-VqI9Po73OpmpG_ZegMf47eJ2c1HGL29qhzh4Nxt-mgpDFmXhiAXgvq1rQAjx_CDHqNNRxnw72zrRudP4_Cim8tgg79V-2VXJH_6uKB0Hmk6WoupUjwDs5gq9U_NekC4zttW2JF6M2RCAIfpil7YL5KviNs46m1C5n_weXTkdQrrZ7HR_8Zs-GqQG5XLff3pdAIYxLYCBi0OFFKMyfPW9GsH9tIimDK9slHowYA_zc8s2FXvkyW7BuMJJX7GC52JN1r1uXcD_RcD04U4zWN6kkc_R9KkOw7S821QXgLa7Hc&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 93%

8
Risk Score

Phishing page impersonating Microsoft login; avoid and report.

Risk Factors
Brand impersonation (Microsoft branding on unrelated domain)
Credential harvesting form (email + password)
Cross‑origin credential submission to login.microsoftonline.com
Domain mismatch (msoid.clearpoolgroup.com vs official Microsoft domains)
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'msoid.clearpoolgroup.com' uses the commercial generic top-level domain (.com), featuring subdomain 'msoid'. Its registrable label 'clearpoolgroup' stretches across 14 characters with 6 vowels and 8 consonants. Splitting it apart reveals 3 words: clear, pool, group. The median word length lands at five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.clearpoolgroup.com

Page Load Overview

0.76s
Total Load Time
30
HTTP Requests
5
Domains
472 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
613.107.246.44United States
AS8075Microsoft Corporation
420.190.159.131United States
AS8075
420.190.160.14Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
423.103.241.59Germany
AS8075
440.126.32.134Unknown
AS8075
423.207.210.137Unknown
AS8075
413.69.116.104Unknown
AS8075
307--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19C936BEA7EE3193BC64641B1B47A6E026E3A99038C88DC64F14CC8C42FFA76D4577953

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jcRe8GLG2cvtQ83RA+Yd9BhXoIyEk77gx2xpTvPoMmCB/Efii7oztC:QRe8HQ83RAzXJ32RATCtC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:92308:imAKhxQmhRiWAgABSksgsLGGahaYaZ0AZIl4oAuYYAgRELRXgCiIgAigbAqkR2gDYKVGEK9RPDTBUA8ZBAp4CAEAApDWAGBr

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#2d6286

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data