ScanMalware.com

Security Scan Report: demant.fuseuniversal.com

Redirected to:
https://login.microsoftonline.com/9bf8c7a8-e008-49a7-9e43-ab76976c4bf8...
Site favicon
Submitted: Jun 27, 2026, 7:18:28 AMCompleted: Jun 27, 2026, 7:19:39 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://demant.fuseuniversal.com

Effective URL: https://login.microsoftonline.com/9bf8c7a8-e008-49a7-9e43-ab76976c4bf8/saml2?sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #108,953 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 80%

2
Risk Score

High‑risk credential phishing site impersonating Demant; avoid interaction and report.

Risk Factors
Brand impersonation of a different entity
Credential collection form on non‑official domain
Low domain ranking for brand claim
Highly obfuscated JavaScript
Safety Factors
Domain age >20 years (well‑established)
No IoC matches or IDS alerts
Form posts to legitimate Microsoft login endpoint
Page served from an identity-provider sign-in endpoint (login.microsoftonline.com); a relying-party brand and login form here are normal SSO, not impersonation — risk clamped from 8 to 2
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'demant.fuseuniversal.com' uses the commercial generic top-level domain (.com) and includes subdomain 'demant'. The second-level label 'fuseuniversal' is 13 characters long with six vowels and seven consonants. Tokenizing the label suggests two words: fuse, universal. The median word length lands at 6.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://demant.fuseuniversal.com

Page Load Overview

1.24s
Total Load Time
27
HTTP Requests
6
Domains
837 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9146.75.122.132Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
918.200.57.232Dublin, Leinster, Ireland
AS16509Amazon.com, Inc.
940.126.32.72Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
273--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F5932AEA7EA71E77424993AAA135BE417F3A2A53C84CDDB5F79C89803FD521C4437802

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:F28GLG2ufH4DxH5RoAIZ9Tjuokmap5vPoMLuF204INiiC:08PfH4DxZR6a/AlC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:95073:goPGiFgS1xwAggzSAUAUgBn1AQUCQjIiBoTpTE2AMNVFEwCMSxCBUhQbWNATiSEA0Ak6MTSqkIAHDRWTJOQ6YCwJpASACDoz

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000181818188060
Perceptual Hash:cd0d6236ccd989dc
Difference Hash:030f333232320c83
Wavelet Hash:8181999b9a9afcf8
Color Hash:#2d863e

Other Hashes

Crop Resistant:e858787131000183,a2904034344080a2,030f333232320c83

Scan History

Scan history not available

Unable to load historical scan data