ScanMalware.com

Security Scan Report: msoid.seawheeze.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639018340854541513.MmZiNmRiMjItNjZlNS00YjdkLWIwMWUtZDkzZTM4NGU3ZDMxOTg0N2I1YTctYTllNy00NzM4LWExNmEtODFlN2E3YjEzNjMz&ui_locales=en-US&mkt=en-US&client-request-id=d1dfb367-3cee-4838-a6bf-dca57d687976&state=BZ8VGOWaVt9XvEDMVOox1iARKt89qz7xCSv3aL2vqMHy6XOBa-xEJO3UELaf4ZngWAMC6mI39LKTsdPaAhzZBTJDVM0jafiNVICO54cgo4fIQJh8ia8fb99CoFvJCmDjltICTdZ12fir5W_82XKVRp4WoqR1xGPQrJZ1Wk4Lk1jiErn9CoRX2QZMviXflFiO26B_lxTEnrzAPZ7iSdHvZQ2JfSSzUPkqMDUicBKn46cbxsDsyUQ40ievJN0IEnqb17-vj4u0-DZhjSlPVc95ZrDZA-irGZ1m5wGhQdNgJas&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=true

Submitted: Dec 20, 2025, 1:27:38 PMCompleted: Dec 20, 2025, 1:29:04 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 31 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.seawheeze.com

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639018340854541513.MmZiNmRiMjItNjZlNS00YjdkLWIwMWUtZDkzZTM4NGU3ZDMxOTg0N2I1YTctYTllNy00NzM4LWExNmEtODFlN2E3YjEzNjMz&ui_locales=en-US&mkt=en-US&client-request-id=d1dfb367-3cee-4838-a6bf-dca57d687976&state=BZ8VGOWaVt9XvEDMVOox1iARKt89qz7xCSv3aL2vqMHy6XOBa-xEJO3UELaf4ZngWAMC6mI39LKTsdPaAhzZBTJDVM0jafiNVICO54cgo4fIQJh8ia8fb99CoFvJCmDjltICTdZ12fir5W_82XKVRp4WoqR1xGPQrJZ1Wk4Lk1jiErn9CoRX2QZMviXflFiO26B_lxTEnrzAPZ7iSdHvZQ2JfSSzUPkqMDUicBKn46cbxsDsyUQ40ievJN0IEnqb17-vj4u0-DZhjSlPVc95ZrDZA-irGZ1m5wGhQdNgJas&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page impersonating Microsoft login; high risk due to brand spoofing and invalid certificate.

Risk Factors
Brand impersonation (Microsoft) on a non‑Microsoft domain
Invalid SSL certificate (connection not private warning)
Credential‑harvesting login form on a suspicious domain
Unranked domain presenting a major brand
Domain age information unavailable

Details

Page Title

Privacy error

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(78%)

Domain Information

The domain name 'msoid.seawheeze.com' uses the commercial generic top-level domain (.com) with subdomain 'msoid'. Its registrable label 'seawheeze' stretches across 9 characters with five vowels and four consonants. Tokenizing the label suggests two words: sea, wheeze. Median word length is 4.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.seawheeze.com

Page Load Overview

34.33s
Total Load Time
31
HTTP Requests
6
Domains
469 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam78% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

phishing scam
78%
technology software
73%
documentation technical
37%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1013.107.246.45United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
313.107.6.156United States
AS8068MICROSOFT-CORP-MSN-AS-BLOCK
320.190.160.64Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
320.190.159.71Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
320.190.160.131Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
340.126.32.72Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
320.50.80.210Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
320.190.160.65Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
318--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A6D3BF6215E50A7F091B44D773EB35483B686083A603ED93F6BCB8409F8F67524A2BDD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:BmqWZAdOo9La2g+nfKBb7N7w9oMq5pchzJGu4lWQK3EUPh+MTdN:TWWxAzU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:141763:GEUghhQUQRoVAAqolRBCdgiwIFmwG1awCCvIJq3EACCBDAEiMFDgCwc0rQA1gI2LUByEAIgOITCqQTypIYA2KkRUUJMhBKww

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff3f0501ff81fdfc
Perceptual Hash:8aa5c2a5da7c7ad0
Difference Hash:c0d06f7330174149
Wavelet Hash:7f3f01011f00ff3c
Color Hash:#86931f

Other Hashes

Crop Resistant:c0d06f7330174149

Scan History

Scan history not available

Unable to load historical scan data