ScanMalware.com

Security Scan Report: action-dsp-prd.eu20.hcs.cloud.sap

Redirected to: https://fs.action.eu/adfs/ls/?SAMLRequest=jZJNb4JAEIb%2FClnP7C4LGtyAia2HmtjUCO2ht3VZlARmLbOU%2FvziR6OX2l4nz5t5n8wk887tYWM%2BOoPOmyOa1lUWHi1g15g2M%2B1npc3rZpWSvXMHlIwpDX25bcqQKq1tBw6phcI0CgqqbcNQNbVgVXEYSPyLJt66tc5qWz9UUFSwS0nXgrQKK5SgGoPSaZnNn1dSUC63ZwjlU56v%2FfVLlhNvMTSvQB1rX0uWOOw7jqjpmCpKZDUy4i0XKcl0OVGlCSZ%2BZFTkR7GK%2FTgOx34QBXysikKIKBxQxM4sAZ0ClxLBxcTngc%2BneRDKiMtxSAMxfSfem2nxtHroR7yvpga873C4CF9gCSjuB9TPVa6J6Gw6iPZ9T%2FuQ2nbHBOcB4xEbIAN6dKXDX2jO%2BPRIF1jtRmSWDE3kSbud%2FfPYCbvJJOz2mWbf&RelayState=__HOST-arc027e5e&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=B2oAjKSMRO6eaYYvVFqny017HTcpLByZw0kTShkrSsTlJQXZUmKAImkRJyZ7xOU9sCeb2V84hHMh6b%2F3Wi9f04%2FwngqucfPoYCbW%2FdzJ4TqI7XLGcE7tTOoHRriOem9YmBM%2FtcRRcpjla40Ms3hHZSwvLi6vvwd5MF6aEcnidEZabOUgQT6DVZHJuLVCjeXhGEh1PGuwu6gQoy32AD%2BZiSFqxW27lO5D8%2FTLeun3%2F0Vb9DvLZIAYUPSsTaea0lRg6y2sSEzQjHiGA1gXQfo7AuVAmGYvbQ5mihLp6Tb6jlr8OOsWxidIqMxVk1EptsYpgvdomQg4Obr3usNt3HnjpA%3D%3D

Submitted: Jan 9, 2026, 1:40:10 PMCompleted: Jan 9, 2026, 1:42:09 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 1 HTTP transaction. The main domain is fs.action.eu.

Submitted URL: https://action-dsp-prd.eu20.hcs.cloud.sap

Effective URL: https://fs.action.eu/adfs/ls/?SAMLRequest=jZJNb4JAEIb%2FClnP7C4LGtyAia2HmtjUCO2ht3VZlARmLbOU%2FvziR6OX2l4nz5t5n8wk887tYWM%2BOoPOmyOa1lUWHi1g15g2M%2B1npc3rZpWSvXMHlIwpDX25bcqQKq1tBw6phcI0CgqqbcNQNbVgVXEYSPyLJt66tc5qWz9UUFSwS0nXgrQKK5SgGoPSaZnNn1dSUC63ZwjlU56v%2FfVLlhNvMTSvQB1rX0uWOOw7jqjpmCpKZDUy4i0XKcl0OVGlCSZ%2BZFTkR7GK%2FTgOx34QBXysikKIKBxQxM4sAZ0ClxLBxcTngc%2BneRDKiMtxSAMxfSfem2nxtHroR7yvpga873C4CF9gCSjuB9TPVa6J6Gw6iPZ9T%2FuQ2nbHBOcB4xEbIAN6dKXDX2jO%2BPRIF1jtRmSWDE3kSbud%2FfPYCbvJJOz2mWbf&RelayState=__HOST-arc027e5e&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=B2oAjKSMRO6eaYYvVFqny017HTcpLByZw0kTShkrSsTlJQXZUmKAImkRJyZ7xOU9sCeb2V84hHMh6b%2F3Wi9f04%2FwngqucfPoYCbW%2FdzJ4TqI7XLGcE7tTOoHRriOem9YmBM%2FtcRRcpjla40Ms3hHZSwvLi6vvwd5MF6aEcnidEZabOUgQT6DVZHJuLVCjeXhGEh1PGuwu6gQoy32AD%2BZiSFqxW27lO5D8%2FTLeun3%2F0Vb9DvLZIAYUPSsTaea0lRg6y2sSEzQjHiGA1gXQfo7AuVAmGYvbQ5mihLp6Tb6jlr8OOsWxidIqMxVk1EptsYpgvdomQg4Obr3usNt3HnjpA%3D%3DRedirected

The Cisco Umbrella rank of the primary domain is #7,803 of the top 1 million websitesTop 10K Site

AI Security Verdict

Low Risk

Confidence: 82%

3
Risk Score

Site shows a hidden password field but otherwise appears legitimate and low risk.

Risk Factors
Hidden password field not visible in screenshot
Safety Factors
High Cisco Umbrella ranking (top 10k)
Domain appears to be part of SAP cloud infrastructure (hcs.cloud.sap)
No malicious Indicators of Compromise detected
Only one login form, no payment fields
Domain age information unavailable

Details

Page Title

The URL you requested has been blocked

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(46%)

Domain Information

You're looking at domain 'action-dsp-prd.eu20.hcs.cloud.sap' on the .sap top-level domain, featuring subdomain 'action-dsp-prd.eu20.hcs'. The registrable portion 'cloud' spans 5 characters with two vowels and 3 consonants. Breaking it apart gives one word: cloud. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://action-dsp-prd.eu20.hcs.cloud.sap

Page Load Overview

44.58s
Total Load Time
15
HTTP Requests
4
Domains
1.6 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:387 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software46% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
46%
corporate business
36%
documentation technical
34%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5130.214.144.214United States
AS35039SAP SE
513.95.105.51Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
540.119.153.88Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
153--

Detected Technologies3

X-UA-Compatible
100%
PasswordField
100%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E703D0999D017A0D51FD25165EE45BCB2C6538C34432CACB3C3E3E5EC6622B213F9A76

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:fHyM35YIbw94GQjtd+HyM35YIbw94GQjtdII:fSM35YFFQjtwSM35YFFQjt9

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:38648:gpqA4QGiEgYAMqlAYKYEQhJM+OQAWCTG0kS5LQKHIKAIEQxACKAtADE2CwqgoaQkLAjSUQwOKAQlAcICRCSEoGQWgeBISYwE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003fbfffffffffff
Perceptual Hash:87070070707c7f7f
Difference Hash:40e0500000000000
Wavelet Hash:000f3cfcf0f0f0f0
Color Hash:#5953ac

Other Hashes

Crop Resistant:40e0500000000000

Scan History

Scan history not available

Unable to load historical scan data