ScanMalware.com

Security Scan Report: msoid.sivvi.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639084390740073617.YjhhNzU4OGQtMDJlOC00YjMwLWJiNTAtOWExZDg2ZDYxOTdjOTE4ODEyMzAtMjU3MS00NGNjLThlOTctM2ZkYjczOGRlMzk0&ui_locales=en-US&mkt=en-US&client-request-id=77380b84-82d0-417f-a7fb-8d8f7e840c89&state=yiIU5tjbmkFX0MTQijwi5qXou7xxbt7Zn56wkbm5HpjqWwnPLTRqOZmiJPdQGMobH9dzrs5vszVGTKGjbCs3c8NJ3dOdIBeaFB7AR0x_gcKclc3ssqdOloCweaszGaO5wii1ogMqQ3_53ZjmiO9CEzCJPxus2Xtuxpv7RcdQ_gRw3qIF1MW5m1V52IEm85norhDUTlpXucDyPC0wE425liqST6tjgyy0PCD7kMsoJScO1J5AxdbvFFnhM5G8ufnE9qX8k5R8er3DxyuGzI507CB_HIdzrE6Aoo-ltdo2AnveRkyFA3CRCfeuFpW0ynAWILIcBMgY4gN17LMA9KfiNm3HBiEMqyWLLZN-lIWQ_2_f3iR9kSUpL58vIy91QF-iFpYQT_vZrPrI1gJmbrUO5T7u5L-bhOP8NbUmsoDe2Ew&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=true

Site favicon
Submitted: Mar 7, 2026, 12:11:11 AMCompleted: Mar 7, 2026, 12:12:21 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://msoid.sivvi.com

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639084390740073617.YjhhNzU4OGQtMDJlOC00YjMwLWJiNTAtOWExZDg2ZDYxOTdjOTE4ODEyMzAtMjU3MS00NGNjLThlOTctM2ZkYjczOGRlMzk0&ui_locales=en-US&mkt=en-US&client-request-id=77380b84-82d0-417f-a7fb-8d8f7e840c89&state=yiIU5tjbmkFX0MTQijwi5qXou7xxbt7Zn56wkbm5HpjqWwnPLTRqOZmiJPdQGMobH9dzrs5vszVGTKGjbCs3c8NJ3dOdIBeaFB7AR0x_gcKclc3ssqdOloCweaszGaO5wii1ogMqQ3_53ZjmiO9CEzCJPxus2Xtuxpv7RcdQ_gRw3qIF1MW5m1V52IEm85norhDUTlpXucDyPC0wE425liqST6tjgyy0PCD7kMsoJScO1J5AxdbvFFnhM5G8ufnE9qX8k5R8er3DxyuGzI507CB_HIdzrE6Aoo-ltdo2AnveRkyFA3CRCfeuFpW0ynAWILIcBMgY4gN17LMA9KfiNm3HBiEMqyWLLZN-lIWQ_2_f3iR9kSUpL58vIy91QF-iFpYQT_vZrPrI1gJmbrUO5T7u5L-bhOP8NbUmsoDe2Ew&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=trueRedirected

AI Security Verdict

Confirmed Scam

Confidence: 93%

9
Risk Score

Phishing page impersonating Microsoft login; harvests credentials – do not enter any information.

Risk Factors
Brand impersonation (Microsoft) on unranked domain
Credential harvesting form (email + password)
Cross‑origin submission of credentials to Microsoft login endpoint
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Domain 'msoid.sivvi.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'msoid'. The core label 'sivvi' covers 5 characters holding two vowels versus three consonants. Tokenizing the label suggests 2 words: siv, vi. The median word length lands at 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://msoid.sivvi.com

Page Load Overview

0.77s
Total Load Time
31
HTTP Requests
6
Domains
503 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
723.207.210.132Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
420.50.73.9United States
AS8075
413.107.6.156United States
AS8068Microsoft Corporation
413.107.246.44United States
AS8075Microsoft Corporation
420.190.160.20UnknownUnknown
440.126.32.76UnknownUnknown
440.126.31.131UnknownUnknown
317--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T180936CEB7EA7193B834645B5B8B96E06AA3A59439C4CCC64F18CDC842FFB75E4423503

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jc5N518GLG2O0C0k5853aZBR5Ug0v0g0PU0mTFoIyEk77gx2xpTvPoMmCB9Efiiy:Q5N518y7k5853aZBR5q81PhwFJ32RAt+

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:92544:AJgMBLAHgAtMMBgQfDLGBAAESTGBgRSgggh6A0cJIACYN04+CAgJJEjwFUrCIalK4IAigbWhYwExCQhyDgk3mGAwIPg0vgwK

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#2dd24e

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data