ScanMalware.com

Security Scan Report: phishing-test7.scanmalware.com

Redirected to: https://un5nu885wq5t1nyda79cugcxxttg.phishing-test7.scanmalware.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639104930427987953.OWY0ZTQ1MmEtOTRlOS00NDE4LWFmYzAtYTY2NDM1YmMzMjRiNThhYTMxMjUtMGUwMi00MjU4LTg3NGQtMTJkOWMzOTdlNTUx&ui_locales=en-US&mkt=en-US&client-request-id=5ae63fe5-fb4f-4fa6-9216-172efe29bb39&state=8VhzAV-8gT2_swL06Im8xzB_t7lErCPDte2BgjpInEp628KkAuWFToH31rivm83OHy5t-AR2ZQCUSpHOYGtuhLSXBundoYJI7cSBSDZ0muewWyX4Rq6r1T-02nvhqGx3gv4kjXijGtNPfdnDnJB9woPlwJCApYXMhs417OIqVclkdf9yxICyvh-gw5eI4REnGKCiuU8tqdeKyPacWaxqp11UfKEcfP-jNXiPT_dex6TfRI-H21CYtksGC0r36xt9mLMPvnLOgOH1jHYgpAomV_kQ4I6tYQmVbKTeSuKe2sIqiGO6wJcSaNtttWv7SB0CE-Ml36p4fcuyF5Mz8EWust9KCws1sZLahoP1rYzy8CptyR5Jr8M31m-C8NwRvrfFWAwR9EseqocYZbcNcoeamAE-F3qEX-aF9GLPcYEQkAo&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0

Submitted: Mar 30, 2026, 6:43:54 PMCompleted: Mar 30, 2026, 6:45:34 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 6 domains to perform 1 HTTP transaction. The main domain is un5nu885wq5t1nyda79cugcxxttg.phishing-test7.scanmalware.com and was registered NaN years ago.

Submitted URL: https://phishing-test7.scanmalware.com

Effective URL: https://un5nu885wq5t1nyda79cugcxxttg.phishing-test7.scanmalware.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639104930427987953.OWY0ZTQ1MmEtOTRlOS00NDE4LWFmYzAtYTY2NDM1YmMzMjRiNThhYTMxMjUtMGUwMi00MjU4LTg3NGQtMTJkOWMzOTdlNTUx&ui_locales=en-US&mkt=en-US&client-request-id=5ae63fe5-fb4f-4fa6-9216-172efe29bb39&state=8VhzAV-8gT2_swL06Im8xzB_t7lErCPDte2BgjpInEp628KkAuWFToH31rivm83OHy5t-AR2ZQCUSpHOYGtuhLSXBundoYJI7cSBSDZ0muewWyX4Rq6r1T-02nvhqGx3gv4kjXijGtNPfdnDnJB9woPlwJCApYXMhs417OIqVclkdf9yxICyvh-gw5eI4REnGKCiuU8tqdeKyPacWaxqp11UfKEcfP-jNXiPT_dex6TfRI-H21CYtksGC0r36xt9mLMPvnLOgOH1jHYgpAomV_kQ4I6tYQmVbKTeSuKe2sIqiGO6wJcSaNtttWv7SB0CE-Ml36p4fcuyF5Mz8EWust9KCws1sZLahoP1rYzy8CptyR5Jr8M31m-C8NwRvrfFWAwR9EseqocYZbcNcoeamAE-F3qEX-aF9GLPcYEQkAo&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0Redirected

AI Security Verdict

Confirmed Scam

Confidence: 93%

9
Risk Score

High‑risk phishing page that attempts to capture Microsoft credentials; avoid and report.

Risk Factors
Malicious Indicators of Compromise (known attacker IP)
Critical network IDS alert indicating possible data exfiltration
Brand impersonation – Microsoft login flow on a non‑official domain
Unranked domain with suspicious sub‑domain
Redirect chain (3 redirects) ending on a phishing‑style OAuth endpoint
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🏳️

UNKNOWN

(0% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'phishing-test7.scanmalware.com' uses the commercial generic top-level domain (.com) and includes subdomain 'phishing-test7'. The core label 'scanmalware' covers 11 characters containing four vowels alongside seven consonants. Breaking it apart gives 3 words: s, can, malware. Median word length is 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://phishing-test7.scanmalware.com

Page Load Overview

6.28s
Total Load Time
12
HTTP Requests
5
Domains
11 KB
Total Size

Language Analysis

Primary Language

🏳️UNKNOWN
Code: unknown
Confidence:0%

Detection Details

Language Code:unknown
Detection Confidence:0%
Text Length:11 chars
Detector Agreement:0%

Website Classification

Primary Category

unknown0% confidence
Type: dynamic
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
12206.189.1.124Amsterdam, North Holland, Netherlands
AS14061DigitalOcean, LLC
121--

Detected Technologies3

X-UA-Compatible
100%
jQuery
20%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T106436DCA7FC010164ED745A9DCB67A0A423C68E36690DC98F0CDACC92EF959B536770B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:m6RC8GLG2svsI3heawByEk77qx2xpTvPoMfCBt5:LRC8zvsI3gaKJ2RAp

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:57319:AiTHpAKKmYGAghBQQoYEAEY4oDMQGA9FRo2AgIYpBLYErH6gOiwAKZiiQLQk+KKMjKKMgAQQAAVIjGEFADYCYSYRAsyMiQCM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000000000
Perceptual Hash:8000000000000000
Difference Hash:0000000000000000
Wavelet Hash:0000000000000000
Color Hash:#2dd27a

Other Hashes

Crop Resistant:0000000000000000

Scan History

Scan history not available

Unable to load historical scan data