ScanMalware.com

Security Scan Report: msoid.umiloans.com.au

Redirected to:
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_...
Site favicon
Submitted: Jun 22, 2026, 12:00:53 AMCompleted: Jun 22, 2026, 12:02:03 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 2 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.umiloans.com.au

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639176832561927214.NDg3MGVjYjgtNTM3ZC00ODA1LTlhZmItNjY2N2E0NjZkODNkNTk5YWNiYjUtMGQ2ZC00ZTc0LTgxNDktMDAzMGZhYTZiYmJk&ui_locales=en-US&mkt=en-US&client-request-id=999cc975-6f5d-49c9-8bbb-f04aec8dc71b&state=uGgVZaZyWo9LOI70aDKwYiRjtHUsMGTvSNcbD3Uuo28xeHUuW0ApwgsRL_XJG5QcWFDRMsC4Sk9tKytZYJ0l8j7uHTQ9FDUQ4G4ATEYgeL24AjoVk-Oj7e3dZ0Ibw6iCwGLincqfPxjE_hqABWDh3r2oTnUbiaM4H2pu8vrGCKMkb2EYuvSRiPGU7TqgqVt3WrTA8lT4NKbup21VDvVqPIbsKIdtHXVGslPYLuLr0JBLSE3ycjCkWdZ-snn7KtxVO1bmnYZaJyZSMADJbAQ209K26QRGx3FB0LmAxfKS4DzBaKQhM7dvJfAmXkzROClBC1SSQ8nbdL-bFhjgLtp4kTTZIFLE4Wn31eaMba7NKTI5fhKNKvOiiPh59cUlglqPCydxZWrjvzPCAXOuf18tMmSJC3TIdyXuaNmyMNcPREE&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 95%

2
Risk Score

Page impersonates Microsoft, collects credentials via a cross‑origin login form, and uses heavily obfuscated JavaScript – confirmed phishing scam.

Risk Factors
Brand impersonation of a major brand
Credential collection form
Cross‑origin form submission to external login service
Unranked / low‑reputation domain
Highly obfuscated JavaScript
Safety Factors
Domain age is well‑established (≈24 years)
No IoC, YARA, or IDS alerts detected
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 10 to 2
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Domain 'msoid.umiloans.com.au' uses the Australian country-code top-level domain (.com.au) with subdomain 'msoid'. The registrable portion 'umiloans' spans 8 characters holding four vowels versus four consonants. Splitting it apart reveals 2 words: umi, loans. Median word length comes out to four characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.umiloans.com.au

Page Load Overview

1.16s
Total Load Time
30
HTTP Requests
5
Domains
473 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
613.107.6.156United States
AS8068Microsoft Corporation
620.190.159.68Dublin, Leinster, Ireland
AS8075Microsoft Corporation
613.107.246.44United States
AS8075Microsoft Corporation
640.126.32.138Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
640.126.31.0Dublin, Leinster, Ireland
AS8075Microsoft Corporation
305--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T18A936BE97EA3197B86CA44F1B5B93E076E3758438C48CC68F54CC9842FEAB5C9167603

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:Fcr+8GLG2kbfa1ARS674MSmyDoFIZ9Tjuokmap5vPoMLuf0G0fiiiuZkC:6r+8Lbfa1ARf7dSHDZa/A5uCC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:91424:BKigEagwlgjWpAIlA3IBDJUiaFoIIvCUIEQCgGsO9BAUBB0xCDAx3ZrEmNJQUGAmApABjBQAYyUAwScVQAQBhEAFSoTkABIq

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f3737
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#ac5372

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data