ScanMalware.com

Security Scan Report: fsr.my.salesforce.com

Redirected to: https://login.microsoftonline.com/3ac94b33-9135-4821-9502-eafda6592a35/saml2?sso_reload=true

Site favicon
Submitted: Mar 5, 2026, 1:08:16 PMCompleted: Mar 5, 2026, 1:09:26 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 36 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://fsr.my.salesforce.com

Effective URL: https://login.microsoftonline.com/3ac94b33-9135-4821-9502-eafda6592a35/saml2?sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #1,775 of the top 1 million websitesTop 10K Site

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Page mimics Johnson & Johnson login, collects credentials via cross‑origin form; treat as high‑risk phishing.

Risk Factors
Cross‑origin credential form to external domain
Brand impersonation of Johnson & Johnson on unrelated domain
Critical network IDS alert indicating possible data exfiltration
Credential‑harvesting login form (email + password)
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate business

(27%)

Domain Information

The domain 'fsr.my.salesforce.com' uses the commercial generic top-level domain (.com) and includes subdomain 'fsr.my'. Its registrable label 'salesforce' stretches across 10 characters with 4 vowels and six consonants. Segmentation suggests 2 words: sales, force. Expect five characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://fsr.my.salesforce.com

Page Load Overview

1.50s
Total Load Time
19
HTTP Requests
5
Domains
1.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:790 chars
Detector Agreement:67%

Website Classification

Primary Category

corporate business27% confidence
Type: webapp
Method: ml+structural

All Detected Categories

corporate business
27%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
713.107.246.44United States
AS8075Microsoft Corporation
320.190.160.65United States
AS20940
335.158.127.52Frankfurt am Main, Hesse, Germany
AS16509Amazon.com, Inc.
323.207.210.132Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
320.190.160.4UnknownUnknown
195--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T181835CD9BFA22937838A40B5B5793D02AA7B59078D4CDC60F05CC9882FEB75E8137617

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jy8GLGG+6l6866Y6/xu6N6jYR5IyEk77gx2xpTvPoMmCy5ENT5iZ6+xkC:G8Z6l6866Y6/o6N6cRQ32RA16+yC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:85183:CIzwgQmxabZjMQHBGgAEKlAwpCKg8EVgahlLNSAooaTZBoOCQBIJIRXCACIigchAQSACyxygBhE64QBXcvNshSgiwjUACFQh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3effdf1f18181800
Perceptual Hash:cdb0664f22b77c60
Difference Hash:68b23272f272726e
Wavelet Hash:beffdf1f18181800
Color Hash:#93271f

Other Hashes

Crop Resistant:aebcb2a2aeaaaaba,cd00c03034708090,68b23272f272726e

Scan History

Scan history not available

Unable to load historical scan data