ScanMalware.com

Security Scan Report: hill-rom.file.force.com

Redirected to:
https://iam.baxter.com/
Site favicon
Submitted: May 8, 2026, 10:24:16 AMCompleted: May 8, 2026, 10:25:28 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 9 HTTP transactions. The main domain is iam.baxter.com and was registered NaN years ago.

Submitted URL: https://hill-rom.file.force.com

Effective URL: https://iam.baxter.com/Redirected

The Cisco Umbrella rank of the primary domain is #1,491 of the top 1 million websitesTop 10K Site

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

The site presents a login page impersonating Baxter on a non‑Baxter domain, has critical IDS alerts and heavily obfuscated JavaScript, indicating a high‑risk phishing attempt.

Risk Factors
Critical IDS alerts (malware/data exfiltration)
Brand impersonation via login form on unrelated domain
High JavaScript obfuscation score
Cross‑origin credential submission to a different brand domain
Domain age information unavailable

Details

Page Title

Baxter - Sign In

Scan Type

public

Language

🇺🇸

English

(51% confidence)

Category

technology software

(69%)

Domain Information

The domain 'hill-rom.file.force.com' uses the commercial generic top-level domain (.com) with subdomain 'hill-rom.file'. Count 5 characters in 'force' with two vowels and three consonants. Tokenizing the label suggests one word: force. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://hill-rom.file.force.com

Page Load Overview

3.17s
Total Load Time
20
HTTP Requests
5
Domains
269 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:51%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:51%
Script Type:Latin
Text Length:289 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software69% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
69%
finance banking
41%
government public service
31%
corporate business
31%
documentation technical
27%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5155.226.145.205Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
534.223.206.17Boardman, Oregon, United States
AS16509Amazon.com, Inc.
518.66.147.97United States
AS16509Amazon.com, Inc.
5155.226.145.207Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
204--

Detected Technologies2

PasswordField
100%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F2D28C169C820D3BE153BC0DD4AE331525058107EA96DDDCFFACA24CEFEAF1514A669C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:VnNzMLm9o11N/tfxSLm9o11N/tfxeZjLm9o11N/tfxCLxz0jB8o0W5e:LzM/rN/pY/rN/pg/rN/p4LxzUB8o0W5e

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:30953:MAAEnWIoIFNCkQkCSgADUC6bUihRgQARCGI0AKALCqEAQKbYQOCClQYCuAWTmAZYYEJBv8IENMCIACrBUECmgCCCBIbARqBc

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7f3fffffffffffff
Perceptual Hash:80000000f7ffffff
Difference Hash:c0c0408000000000
Wavelet Hash:4000c0c000000000
Color Hash:#2d8676

Other Hashes

Crop Resistant:c0c0408000000000

Scan History

Scan history not available

Unable to load historical scan data