ScanMalware.com

Security Scan Report: eu.amp.sourcefire.com

Redirected to:
https://sign-on.security.cisco.com/
Site favicon
Submitted: May 7, 2026, 11:59:33 AMCompleted: May 7, 2026, 12:00:53 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main domain is sign-on.security.cisco.com and was registered NaN years ago.

Submitted URL: https://eu.amp.sourcefire.com

Effective URL: https://sign-on.security.cisco.com/Redirected

The Cisco Umbrella rank of the primary domain is #28,325 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 80%

7
Risk Score

The site is legitimate in branding and age, but a critical IDS alert and heavily obfuscated JavaScript raise high risk of malicious activity.

Risk Factors
Critical IDS alert indicating possible data exfiltration
JavaScript code heavily obfuscated (base64, unescape, high entropy)
Cross‑origin POST request flagged by IDS
Domain age information unavailable

Details

Page Title

Security Cloud Sign On - Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(54%)

Domain Information

The domain name 'eu.amp.sourcefire.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'eu.amp'. The core label 'sourcefire' covers 10 characters holding five vowels versus 5 consonants. Segmentation suggests two words: source, fire. Median word length is five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://eu.amp.sourcefire.com

Page Load Overview

5.81s
Total Load Time
19
HTTP Requests
6
Domains
289 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:479 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software54% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
54%
documentation technical
47%
government public service
28%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
73.161.82.77United States
AS16509Amazon.com, Inc.
315.197.151.86United States
AS16509Amazon.com, Inc.
352.30.160.113Dublin, Leinster, Ireland
AS16509Amazon.com, Inc.
318.245.46.39United States
AS16509Amazon.com, Inc.
3192.111.5.5United States
AS16509Amazon.com, Inc.
195--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10C04C605A6730835A16348AD6BABF380772451036446ED693F9CC74CCFCA9A66BB33DD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:HUsU39TM770KjtcO3JgERAEjOEJX1Oxm4l0zp5fsb/Hjof:E9TM770KZ7JgERAEjOEJX1Oxm4l0zp5l

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:187220:EbwIguikCEHARBwHhpwCFEqjqiQwSATRQBELCAKEOAmCEAgCZJqX2tA0IRQPZNR2yFWTCCEAI2dwEYDRCBOigJs4DQ4ZBUiV

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3f3fffffffffffff
Perceptual Hash:87070707f0f8f8f8
Difference Hash:c0c0000000000000
Wavelet Hash:3030f0f0f0f0f0f0
Color Hash:#406cbf

Other Hashes

Crop Resistant:c0c0000000000000

Scan History

Scan history not available

Unable to load historical scan data