ScanMalware.com

Security Scan Report: r.connect.ros.com

Redirected to: https://ross.okta.com/app/citrixnetscalergateway_saml/exkt3a45iiAOvgA4z0x7/sso/saml

Site favicon
Submitted: Feb 27, 2026, 11:00:04 PMCompleted: Feb 27, 2026, 11:01:28 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 3 domains to perform 55 HTTP transactions. The main domain is ross.okta.com and was registered NaN years ago.

Submitted URL: https://r.connect.ros.com

Effective URL: https://ross.okta.com/app/citrixnetscalergateway_saml/exkt3a45iiAOvgA4z0x7/sso/samlRedirected

The Cisco Umbrella rank of the primary domain is #229,561 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 85%

3
Risk Score

Legitimate corporate login page; no active threats but password‑only form is unusual.

Risk Factors
Password‑only form (potential credential harvesting pattern)
Cross‑origin password submission to a different domain
Safety Factors
Domain age: 7,931 days (well‑established)
No malicious Indicators of Compromise matches
No JavaScript malware or IDS alerts detected
Final destination is a legitimate Okta domain
Domain age information unavailable

Details

Page Title

Ross Stores - Prod - Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(70%)

Domain Information

The domain name 'r.connect.ros.com' uses the commercial generic top-level domain (.com) and includes subdomain 'r.connect'. The second-level label 'ros' is 3 characters long holding one vowel versus two consonants. Segmentation suggests 1 word: ros. The median word length lands at 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://r.connect.ros.com

Page Load Overview

10.44s
Total Load Time
26
HTTP Requests
1
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:441 chars
Detector Agreement:75%

Website Classification

Primary Category

documentation technical70% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

documentation technical
70%
corporate business
70%
technology software
62%
government public service
57%
e-commerce shopping
55%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
10192.247.36.219Lancaster, South Carolina, United States
AS21763Ross Stores Inc.
899.83.213.230United States
AS21763
83.171.214.122United States
AS21763
263--

Detected Technologies1

PasswordField
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FF637BD61A49CADE03C96D8C597B4109658282C7C7A4EEC07BDCCDC5EFA8E1F665E20C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:IKAY/yhwkEhVmjAbnS7DMCRbxmB+CuSmjAbnS7DMCRbxmB+CuShmjAbnS7DMCRb7:dAEybEt69u+CL69u+CDv69u+C8

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:68293:JIFtgCyNI4EiIIUyiEUBmQUEgZgyAiCAQgIJJJAKkGogBAWN2hgDBQCWKYNYYEo/E55KCEpwJEkDiwlYGkNCQVBKZUEZArA5

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7f7fffffffffffff
Perceptual Hash:81010303073fffff
Difference Hash:c0c0000000000000
Wavelet Hash:30303030f0f0f0f0
Color Hash:#409fbf

Other Hashes

Crop Resistant:c0c0000000000000

Scan History

Scan history not available

Unable to load historical scan data