ScanMalware.com

Security Scan Report: msoid.transpay.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639108127311935537.ZmEzNThmZjgtMTRhZS00M2M1LTlkMGMtNmNkNThmNDM0YTk5OGE3YjBhMTAtNmFkOC00YjVjLWI0MDYtZDE1YmU5YWJjZjk0&ui_locales=en-US&mkt=en-US&client-request-id=27f164e0-43d0-4cfe-bc42-3f5ffd50edb6&state=FJE6WkkS47b4k6RBiY9PEncPJygmVij1165L1-ieWDRjVsLH9uX1lZEc0xB6cYfM65NNGvOsLYysW7Jt49Q9GSdo6lp_Tp_sIeZaoZwMs59Gx20sUFV8CB_x9-a-ZZ-uVw-P8sS2yCywh0S0Q8A1OUe6TOHYxoamIy0S4Yqt5u4EJG-tQMUhDtgAV3PrX7fM7SiHdIjotKQ_kQF7XDfP7beRpAYjv97qeoRf4gZrn7Gsf48OgkRVa9LX0i5S1mYgKmTi3hCZXVBdr_Ho_s_KkoJZUxG2jPf207orbVsFqB8ufyS-PYATH7m4L4pEWzgVFAaLYxzddN75p3F3VE8SHkdDeL6qLey3SA9AVV_lZgjJ0_ioAbE5gDoIBkgh66rj1RGAWYLn8HSUVOzwegMeNC4xegJzt-ZYP2Ma30B3WtE&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=true

Submitted: Apr 3, 2026, 11:32:08 AMCompleted: Apr 3, 2026, 11:33:17 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.transpay.com

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639108127311935537.ZmEzNThmZjgtMTRhZS00M2M1LTlkMGMtNmNkNThmNDM0YTk5OGE3YjBhMTAtNmFkOC00YjVjLWI0MDYtZDE1YmU5YWJjZjk0&ui_locales=en-US&mkt=en-US&client-request-id=27f164e0-43d0-4cfe-bc42-3f5ffd50edb6&state=FJE6WkkS47b4k6RBiY9PEncPJygmVij1165L1-ieWDRjVsLH9uX1lZEc0xB6cYfM65NNGvOsLYysW7Jt49Q9GSdo6lp_Tp_sIeZaoZwMs59Gx20sUFV8CB_x9-a-ZZ-uVw-P8sS2yCywh0S0Q8A1OUe6TOHYxoamIy0S4Yqt5u4EJG-tQMUhDtgAV3PrX7fM7SiHdIjotKQ_kQF7XDfP7beRpAYjv97qeoRf4gZrn7Gsf48OgkRVa9LX0i5S1mYgKmTi3hCZXVBdr_Ho_s_KkoJZUxG2jPf207orbVsFqB8ufyS-PYATH7m4L4pEWzgVFAaLYxzddN75p3F3VE8SHkdDeL6qLey3SA9AVV_lZgjJ0_ioAbE5gDoIBkgh66rj1RGAWYLn8HSUVOzwegMeNC4xegJzt-ZYP2Ma30B3WtE&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Phishing page impersonating Microsoft login; do not enter credentials.

Risk Factors
Brand impersonation (Microsoft) on an unranked domain
Cross‑origin credential form (email + password) to a different domain
Heavily obfuscated JavaScript (critical score)
Login form detected (email/password)
Domain not in Cisco Umbrella top 1 M (low reputation)
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'msoid.transpay.com' on the commercial generic top-level domain (.com); it also runs on subdomain 'msoid'. The registrable portion 'transpay' spans 8 characters containing two vowels alongside 6 consonants. It segments into two words: trans, pay. Average segment length settles at four characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.transpay.com

Page Load Overview

0.91s
Total Load Time
30
HTTP Requests
6
Domains
503 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
520.190.159.64Dublin, Leinster, Ireland
AS8075Microsoft Corporation
540.126.31.67Ireland
AS8075
520.190.160.14Netherlands
AS20940
513.107.246.44United States
AS8075Microsoft Corporation
552.178.17.234UnknownUnknown
513.107.6.156United States
AS8068Microsoft Corporation
306--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19F936CDA7EE22E3B878581B1F8B56D06AF765D43584DCC24F18CC8842FFA60D8267653

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lcy6ry6j8GLG2Yy6ay6GaejtRy6KwZ6ooIyEk77gx2xpTvPoMmCftEfIi7q2xC:adF8HMd+RWoJ32RAxnC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:90385:AIcRhrRgHSBRgSgAFAYAEAGkxBgDqQBAixg5ElYEGoSjoHxkAMdcgQQlA0FCIRCQFkIGmAY2sYCHJwpogDpAwgRRAgiMCjAC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#537dac

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data