ScanMalware.com

Security Scan Report: sa-qa.ep.com

Redirected to: https://auth-uat.ep.com/signon/?error=%7B%22id%22:%222c6cae98-fb40-4e40-b126-5e49aa82f908%22,%22code%22:%22INVALID_DATA%22,%22message%22:%22ErrorCode:%20INVALID_SIGNATURE%20-%20Unable%20to%20verify%20the%20signature%20authenticity%20for%20AuthnRequest:%20%27INVALID%27%22,%22details%22:[%7B%22code%22:%22INVALID_SIGNATURE%22,%22target%22:%22ds:Signature%22,%22message%22:%22Signature%20could%20not%20be%20verified%22%7D]%7D

Submitted: Jan 18, 2026, 12:52:35 PMCompleted: Jan 18, 2026, 12:53:56 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 34 HTTP transactions. The main domain is auth-uat.ep.com and was registered NaN years ago.

Submitted URL: https://sa-qa.ep.com

Effective URL: https://auth-uat.ep.com/signon/?error=%7B%22id%22:%222c6cae98-fb40-4e40-b126-5e49aa82f908%22,%22code%22:%22INVALID_DATA%22,%22message%22:%22ErrorCode:%20INVALID_SIGNATURE%20-%20Unable%20to%20verify%20the%20signature%20authenticity%20for%20AuthnRequest:%20%27INVALID%27%22,%22details%22:[%7B%22code%22:%22INVALID_SIGNATURE%22,%22target%22:%22ds:Signature%22,%22message%22:%22Signature%20could%20not%20be%20verified%22%7D]%7DRedirected

The Cisco Umbrella rank of the primary domain is #220,414 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

High‑risk phishing site impersonating Citrix Workspace login; do not enter credentials.

Risk Factors
Brand impersonation of Citrix Workspace on a low‑ranking domain
Excessive redirects (5) suggesting URL manipulation
Login‑oriented page title without a clear legitimate source
Domain age information unavailable

Details

Page Title

Citrix Workspace

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(50%)

Domain Information

Within the commercial generic top-level domain (.com), 'sa-qa.ep.com' is registered; it also runs on subdomain 'sa-qa'. The second-level label 'ep' is 2 characters long with 1 vowel and 1 consonant. Breaking it apart gives one word: ep. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://sa-qa.ep.com

Page Load Overview

6.55s
Total Load Time
32
HTTP Requests
4
Domains
4.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:287 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical50% confidence
Type: static
Method: ml+structural

All Detected Categories

documentation technical
50%
government public service
48%
news media journalism
45%
adult content
37%
healthcare medical
34%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
834.111.138.51Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
8172.169.3.240Des Moines, Iowa, United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
835.186.247.156United States
AS396982GOOGLE-CLOUD-PLATFORM
813.107.246.44United StatesUnknown
324--

Detected Technologies2

X-UA-Compatible
100%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17E836CA34980383AE6170537F9CB934F530BA0272D628949F0ED6D66C7C9D4E1BB172E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:n49lm6H6q/uORll6RsfdFr+g2ornmlRFuN6WMSZbf0ejNFHHdUzFp:ni/IsfGv8x9HdUzFp

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:84016:YgVOAkwjbEgSMQAwQtCWQWMUhkFMGGAmFSDmAJoXQBaFAORGqSeAIv4hQIAQwUJAGkIgGQIMiJU6nASZBjqQJgAgYKWiKRGE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffffe7e7ffffff
Perceptual Hash:b3338ccc663399cc
Difference Hash:0000000c0c000000
Wavelet Hash:3f3f3f27041c0c0c
Color Hash:#73bf40

Other Hashes

Crop Resistant:0000000c0c000000

Scan History

Scan history not available

Unable to load historical scan data