DANGEROUS

Critical risk detected

19 of 92 antivirus engines flag this page (17 outright malicious). Our security review flagged this site as high-risk. Don't enter personal information, deposit money, or download files.

Security Review

Is srva.closer.website legit or a scam?

Yes — this is almost certainly a scam.

Do this now:close this page. Don't enter passwords or card details, and don't download anything.

Fake Outlook login page on a 3.9-year-old domain that harvests Microsoft credentials and shows 17 malicious detections.

Cross-checked against 10 completed checks 3 raised a concern
Open-web research was partially available; the verdict uses the other completed checks.
srva.closer.websiteScanned Jul 16, 2026
1/100
Trust score
0 = danger · 100 = safe
DANGEROUS
Score breakdown
Heuristics 0·MT 12
Category tags
phishingHow sure we are: High
Technical red flags (1)
19 of 92 engines flagged
Warning signals (1)
Scam-network signals (35/100)
Positive signals (4)
No Google Safe Browsing matchDomain is 4 years oldEncrypted connectionNo significant IP abuse signal

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

At a glance

The most useful evidence from this scan, separated from the final verdict so you can judge the signals yourself.

10 checks completed
Antivirus engines
19/92
Engines flagged this URL
Domain Age
4 years old
Registered Aug 5, 2022
Browser blocklists
Clear
No Google Safe Browsing warning
Encryption
Valid
TLS TLSv1.3
Visual inspection
65/100
Visual risk score
Open-web research
Partial
Only validated claims are shown

Website Preview

Visual analysis

Intelligence

Advanced threat intelligence
Analysis
Critical scam likelihoodengineMT · Guardiantrust12/100
MT AgentLive web researchVisual inspectionNetwork correlation
92%
Confidence
The page presents a login form requesting username, email, and password under the exact title Outlook Web App. Seventeen antivirus engines flagged the URL as phishing or malicious, including alphaMountain.ai, CyRadar, and CRDF. The domain srva.closer.website is part of a documented cluster of Outlook phishing pages on closer.website that share the same Hetzner IP and GoDaddy registration. External domains microsoft.com, submit-form.com, and closer.ws are loaded, and the form lacks any legitimate Microsoft security indicators or support links. Three independent sources in our research explicitly label the site as malicious or phishing, with sinkholing by multiple DNS providers. The combination of credential harvesting, confirmed clone behavior, and engine detections outweighs the domain's age.
Risk Factors
5
  • Seventeen antivirus engines flag the URL as phishing or malicious.
  • Page contains a credential-harvesting login form mimicking Outlook Web App.
  • Domain belongs to a documented cluster of Outlook phishing sites on closer.website.
  • Loads external scripts from submit-form.com, a known data-collection endpoint.
  • No contact details, business registration, or legitimate Microsoft security elements present.
Positive Signals
3
  • Domain registered 3.9 years ago through GoDaddy.
  • Hosting IP shows zero abuse reports.
  • Browser blocklist feeds returned clean.
The full analysis

Page Content

The page displays an Outlook Web App login form with redundant Username and E-Mail fields plus a Password prompt. No contact information, business address, or legitimate Microsoft footer appears anywhere on the page. The body text explicitly states the site is built with CLOSER and includes a cookie-enablement message typical of phishing templates.

Infrastructure

The site is hosted on IP 94.130.129.186 at Hetzner with a clean abuse score but shared with multiple sibling phishing domains. SSL is issued by Let's Encrypt R12 and valid for another 39 days. The page loads scripts from submit-form.com and closer.ws, indicating data exfiltration to third-party endpoints.

Domain History

The domain srva.closer.website was registered on 2022-08-05 through GoDaddy.com, LLC and is 3.9 years old. Privacy protection is disabled, yet no verifiable business registration in the checked sources or legitimate operator details are present. Multiple subdomains on the same parent (ssra.closer.website, srbe.closer.website) have been documented as Outlook credential theft pages.

Web Reputation

Seventeen of 92 engines flagged the URL, with specific detections from alphaMountain.ai, Chong Lua Dao, Cluster25, CRDF, Criminal IP, and CyRadar. Our research found three separate reports labeling the domain as malicious or phishing, including sinkholing by Cloudflare DNS, OpenDNS, Hagezi, DNS4EU, and Quad9. No positive reviews or legitimate business listings were located.

What this means for you

Entering any credentials on this page sends them directly to attackers. Do not use the login form or click any links from this domain.

AI Recommendation
Do not enter any credentials on this page. Close the tab and visit outlook.office.com directly if you need to access Microsoft services.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Domain Timeline

Threat Detection

Scam Network

Cross-site correlation

This site shares signals with a broader cluster

Moderate correlation

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
35/100
ClearLowModerateHighCritical
Evidence (1)
  • Evidence confirms this site is a clone of office.com.
Linked signals (1)
Clone of office.com

Antivirus Engines

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗

Technical Details

The plumbing behind the site — who registered it, how it’s encrypted, where it’s hosted, and where it links out. A valid certificate or a calm server doesn’t mean the business is honest — scam sites pass these checks too. Use this to corroborate the verdict, not to overturn it.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Domain History
Age4 years old
RegistrarGoDaddy.com, LLC
RegisteredAug 5, 2022
ExpiresAug 5, 2026
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · R12
ExpiresAug 24, 2026 (39d)
Self-signedNo
Hosting & Technology
HostingHetzner Online GmbH
Server locationDE
Web servernginx

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://srva.closer.website/
  • 2200https://srva.closer.website/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPHetzner Online GmbH
Usage typeData Center/Web Hosting/Transit

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

What to do

Final Verdict

1
Trust / 100
Final Verdict·srva.closer.website
DANGEROUS

Why we rated srva.closer.website dangerous

This is a fake Outlook login page designed to steal Microsoft credentials. The domain hosts a credential-harvesting form that mimics the official Outlook Web App interface and loads external scripts from submit-form.com.

Do not enter any credentials on this page. Close the tab and visit outlook.office.com directly if you need to access Microsoft services.

AV engines
92
Domain age
4 yrs
Flagged
19
Scan another URL
Security review completemalwaretips.com/url-scan

Safety FAQ

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.