ScanMalware.com

Security Scan Report: custserv.fepblue.org

Redirected to: https://www.fepblue.org/pilot/login?resume=%2Fidp%2FNzx5h8WDV7%2FresumeSAML20%2Fidp%2FSSO.ping&partnerId=SBP-CUSTSERV-PROD&timeStamp=2026-03-24%2006:40:52%20%2B0000&referer=https:%2F%2Fcustserv.fepblue.org%2F&ir=%2Fweb%2Fguest%2Fmyblue%3Fp_p_state%3Dnormal%26p_p_mode%3Dview%26saveLastPath%3D0%26_com_liferay_login_web_portlet_LoginPortlet_struts_action%3D%252Flogin%252Fsso_login%26p_p_id%3Dcom_liferay_login_web_portlet_LoginPortlet%26p_p_lifecycle%3D0%26_com_liferay_login_web_portlet_LoginPortlet_resume%3D%252Fidp%252FNzx5h8WDV7%252FresumeSAML20%252Fidp%252FSSO.ping%26_com_liferay_login_web_portlet_LoginPortlet_referer%3Dhttps%253A%252F%252Fcustserv.fepblue.org%252F%26_com_liferay_login_web_portlet_LoginPortlet_timeStamp%3D2026-03-24%2B06%253A40%253A52%2B%252B0000%26_com_liferay_login_web_portlet_LoginPortlet_partnerId%3DSBP-CUSTSERV-PROD

Submitted: Mar 24, 2026, 6:40:48 AMCompleted: Mar 24, 2026, 6:42:36 AMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 1 HTTP transaction. The main domain is fepblue.org and was registered NaN years ago.

Submitted URL: https://custserv.fepblue.org

Effective URL: https://www.fepblue.org/pilot/login?resume=%2Fidp%2FNzx5h8WDV7%2FresumeSAML20%2Fidp%2FSSO.ping&partnerId=SBP-CUSTSERV-PROD&timeStamp=2026-03-24%2006:40:52%20%2B0000&referer=https:%2F%2Fcustserv.fepblue.org%2F&ir=%2Fweb%2Fguest%2Fmyblue%3Fp_p_state%3Dnormal%26p_p_mode%3Dview%26saveLastPath%3D0%26_com_liferay_login_web_portlet_LoginPortlet_struts_action%3D%252Flogin%252Fsso_login%26p_p_id%3Dcom_liferay_login_web_portlet_LoginPortlet%26p_p_lifecycle%3D0%26_com_liferay_login_web_portlet_LoginPortlet_resume%3D%252Fidp%252FNzx5h8WDV7%252FresumeSAML20%252Fidp%252FSSO.ping%26_com_liferay_login_web_portlet_LoginPortlet_referer%3Dhttps%253A%252F%252Fcustserv.fepblue.org%252F%26_com_liferay_login_web_portlet_LoginPortlet_timeStamp%3D2026-03-24%2B06%253A40%253A52%2B%252B0000%26_com_liferay_login_web_portlet_LoginPortlet_partnerId%3DSBP-CUSTSERV-PRODRedirected

The Cisco Umbrella rank of the primary domain is #151,478 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 70%

7
Risk Score

Suspicious login page with credential forms and a critical IDS alert; treat as high‑risk and do not submit credentials.

Risk Factors
Cross‑origin credential form submissions
Low Cisco Umbrella ranking for a brand‑related domain
Critical Network IDS alert indicating possible data exfiltration
Domain age information unavailable

Details

Page Title

MyBlue Log In: MyBlue

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'custserv.fepblue.org' uses the non-profit oriented generic top-level domain (.org), featuring subdomain 'custserv'. The second-level label 'fepblue' is 7 characters long containing 3 vowels alongside 4 consonants. Segmentation suggests 3 words: f, ep, blue. The median word length lands at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://custserv.fepblue.org

Page Load Overview

5.26s
Total Load Time
86
HTTP Requests
9
Domains
2.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,698 chars
Detector Agreement:75%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
14142.251.140.163United States
AS15169
9146.75.121.55Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
923.36.162.211Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
9142.250.186.35United States
AS20940
98.25.26.62United States
AS203Level 3 Parent, LLC
935.171.231.6United States
AS16509
9142.251.151.119United StatesUnknown
9172.217.16.200United StatesUnknown
923.36.162.212Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
869--

Detected Technologies4

PasswordField
100%
HSTS
40%
Google Tag Manager
20%
AppDynamics
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17C549371D200242FBAD2CABF80D5BE565AD4CCE2CA075BEBF1505D0C86CDBBA628D751

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:LoXGFa0vBu+EDvZPKSX+xP4//psivCnTRi4nVgAhAHscECCviNwgw9d0E3tvfmva:IEiZtHuGS3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:280202:WcVcALCKAsJEASCWmRlYLqBSVuLwdSQBgCii1NUoAiaAAgpAwZJogQMZEBUSAYFBEYkEIAQAQLaKqEBiNRSNwwgBLDYzMNUA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffff3070707000
Perceptual Hash:c7b83847394738c7
Difference Hash:402833c1c1c1c1d3
Wavelet Hash:00ffff7878707028
Color Hash:#d29279

Other Hashes

Crop Resistant:402833c1c1c1c1d3,7270c2c040402060,01f1c4c119016969,33c1c1c1e1e5c313

Scan History

Scan history not available

Unable to load historical scan data