ScanMalware.com

Security Scan Report: msoid.gemfinance.co.nz

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639041697373511570.MzMwOGFjMTctMmI0ZC00ODU5LWEyNTgtMDY2YzFlYzRiNGE1ZWIzMzM2ZGQtMzQ5Mi00MDViLThiN2MtNzk1N2M5MDA5OWNk&ui_locales=en-US&mkt=en-US&client-request-id=c0e500c3-c2c2-4c1d-85d8-f5fec9f7de62&state=clz2oLAcxbCVtfsMG_bzRQi8aibD1JDqLh1ps-ZYBYsCfZTogDuFdtJ-Sc92SI8bz-iKrJR-RWlLCRTEJdl43fkKjudtDBH4bu-ViGJkiMUWeGSIJ1Kb2VcXAO8oevF98rGnJnqsIA-OnLYB1F9-0KpT9SFXdaNKpGXjGAnjyG4doB1lq3ZLdZWQvMZPWWbfBKFJxPtyG-zrVCOlXE1I6HCTFHWx7kfJRL-HY80drx7CBh8ARK3BrDXySSRNzVUGEMrzuFpciGT_9TDOJPKaXS1WN4DAIAVgz8gbTrD3duI&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=true

Site favicon
Submitted: Jan 16, 2026, 2:15:34 PMCompleted: Jan 16, 2026, 2:16:46 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.gemfinance.co.nz

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639041697373511570.MzMwOGFjMTctMmI0ZC00ODU5LWEyNTgtMDY2YzFlYzRiNGE1ZWIzMzM2ZGQtMzQ5Mi00MDViLThiN2MtNzk1N2M5MDA5OWNk&ui_locales=en-US&mkt=en-US&client-request-id=c0e500c3-c2c2-4c1d-85d8-f5fec9f7de62&state=clz2oLAcxbCVtfsMG_bzRQi8aibD1JDqLh1ps-ZYBYsCfZTogDuFdtJ-Sc92SI8bz-iKrJR-RWlLCRTEJdl43fkKjudtDBH4bu-ViGJkiMUWeGSIJ1Kb2VcXAO8oevF98rGnJnqsIA-OnLYB1F9-0KpT9SFXdaNKpGXjGAnjyG4doB1lq3ZLdZWQvMZPWWbfBKFJxPtyG-zrVCOlXE1I6HCTFHWx7kfJRL-HY80drx7CBh8ARK3BrDXySSRNzVUGEMrzuFpciGT_9TDOJPKaXS1WN4DAIAVgz8gbTrD3duI&x-client-SKU=ID_NET8_0&x-client-ver=8.5.0.0&sso_reload=trueRedirected

AI Security Verdict

Safe Website

Confidence: 92%

0
Risk Score

Legitimate Microsoft sign‑in redirect; no immediate security concerns.

Safety Factors
Established domain (registered 2002)
Redirect leads to official Microsoft login page
Standard Microsoft sign‑in form (email + password) hosted on Microsoft domain
No payment or sensitive personal data collection beyond credentials
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'msoid.gemfinance.co.nz' uses the New Zealand country-code top-level domain (.co.nz) with subdomain 'msoid'. Count 10 characters in 'gemfinance' with four vowels and 6 consonants. Tokenizing the label suggests two words: gem, finance. Expect five characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.gemfinance.co.nz

Page Load Overview

1.47s
Total Load Time
30
HTTP Requests
5
Domains
469 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
540.126.31.69Netherlands
AS8075
520.50.73.4Ireland
AS8068
520.190.160.64United StatesUnknown
513.107.246.44FranceUnknown
520.190.160.4UnknownUnknown
513.107.6.156United States
AS8068MICROSOFT-CORP-MSN-AS-BLOCK
306--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T129837DE67FA7293BC74A41B5B8B47D01AA3A5903984CDD68F54CCC842FFB20E8127657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lcuu8GLGGAgg3BNRkpTR93e5s/ozTEyqU6MVnvnaloMPbJEfii4m8C:auu8V3BNRGh/XyS2SvC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:84795:04eCAdQIAMSWGQIAWAMbkHAJlfIDACgME6IRIWTKJSBAkgiAGFAAgjfJR+oD0IASAMgPMFAsGTMHBwKimxCAJTEEAEACNAUg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#6b931f

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data