ScanMalware.com

Security Scan Report: account.libertymutual.com

Redirected to:
https://lmidp.libertymutual.com/as/authorization.oauth2?client_id=ci_g...
Site favicon
Submitted: May 11, 2026, 9:22:33 PMCompleted: May 11, 2026, 9:24:15 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 4 HTTP transactions. The main domain is lmidp.libertymutual.com and was registered NaN years ago.

Submitted URL: https://account.libertymutual.com

Effective URL: https://lmidp.libertymutual.com/as/authorization.oauth2?client_id=ci_grsniidpgatewayprod_1&response_type=code&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Faccount.libertymutual.com%2FRedirected

The Cisco Umbrella rank of the primary domain is #31,836 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Critical IDS alerts and suspicious JavaScript suggest the site is being used for malware/C2 activity despite its legitimate brand domain; treat as high‑risk and avoid interaction.

Risk Factors
Critical IDS alerts indicating malware and command‑and‑control activity
Suspicious high‑obfuscation JavaScript
502 Bad Gateway response – site may be compromised
Domain age information unavailable

Details

Page Title

account.libertymutual.com

Scan Type

public

Language

🇺🇸

English

(43% confidence)

Category

technology software

(49%)

Domain Information

Domain 'account.libertymutual.com' uses the commercial generic top-level domain (.com), featuring subdomain 'account'. The second-level label 'libertymutual' is 13 characters long holding five vowels versus eight consonants. Tokenizing the label suggests 2 words: liberty, mutual. Expect 6.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://account.libertymutual.com

Page Load Overview

4.35s
Total Load Time
32
HTTP Requests
12
Domains
160 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:43%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:43%
Script Type:Latin
Text Length:1,140 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software49% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
49%
documentation technical
40%
blog personal website
31%
government public service
28%
cryptocurrency blockchain
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3223.67.133.81Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
321--

Detected Technologies3

Amazon Web Services
40%
Amazon CloudFront
40%
Akamai
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T183048F773296063986558498F05B43099F21B143F50AC8BCB9BCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:s/Qho9PKBb9Js3q9Jzbs6tlg1ySBKwdQ9gcoIsPr2bMy8Oldj:dhoC9JSqzzbs6okSjggcpsT2eA1

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:185268:ACRZb4ACADUgeAIwQ4OpFSqgxoESMKqIEBlNCIrguMAAUHGEBAhjWtUQECQ3g8CM6HLgAIGgDCBott5AQQkqYPgGYYyGUQ5U

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc7c7ffffffff
Perceptual Hash:b331cccccc663333
Difference Hash:00180c1400000000
Wavelet Hash:ffdfc3cf00000000
Color Hash:#ac5363

Other Hashes

Crop Resistant:00180c1400000000

Scan History

Scan history not available

Unable to load historical scan data