ScanMalware.com

Security Scan Report: pmaapps.pmagroup.com

Redirected to: https://pmacinchsetup.pmagroup.com/app/citrixnetscalergateway_saml/exk6t1ta0urzMZFF0697/sso/saml

Submitted: Mar 26, 2026, 8:04:45 AMCompleted: Mar 26, 2026, 8:05:59 AMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 3 HTTP transactions. The main domain is pmacinchsetup.pmagroup.com and was registered NaN years ago.

Submitted URL: https://pmaapps.pmagroup.com

Effective URL: https://pmacinchsetup.pmagroup.com/app/citrixnetscalergateway_saml/exk6t1ta0urzMZFF0697/sso/samlRedirected

The Cisco Umbrella rank of the primary domain is #406,180 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 80%

3
Risk Score

Likely a legitimate corporate login page, but IDS alerts warrant caution.

Risk Factors
Critical network IDS alert for possible data exfiltration
Highly obfuscated JavaScript (score 100) suggests attempt to hide behavior
Safety Factors
Domain is 29 years old, indicating long‑standing legitimate ownership
Authentication handled by reputable Okta SAML service
No password or payment fields on the page
No malicious Indicators of Compromise detected in threat intelligence
Standard corporate login UI with clear usage disclaimer
Domain age information unavailable

Details

Page Title

pmaapps.pmagroup.com

Scan Type

public

Language

🇺🇸

English

(48% confidence)

Category

government public service

(32%)

Domain Information

Domain 'pmaapps.pmagroup.com' uses the commercial generic top-level domain (.com), featuring subdomain 'pmaapps'. The core label 'pmagroup' covers 8 characters holding 3 vowels versus five consonants. Word splitting yields 3 words: pm, a, group. Average segment length settles at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://pmaapps.pmagroup.com

Page Load Overview

4.26s
Total Load Time
18
HTTP Requests
4
Domains
257 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:48%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:48%
Script Type:Latin
Text Length:639 chars
Detector Agreement:67%

Website Classification

Primary Category

government public service32% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

government public service
32%
technology software
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1840.142.94.68Norristown, Pennsylvania, United States
AS17378TierPoint, LLC
181--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T163048F77329A063986558498E05B830D9F20B143F506C9BC79BCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:rfQho9PKBb9Js3q9Jzbs6tlg3SBKwdQWgceIsz42bMy8OldB:UhoC9JSqzzbs6o3Sj3gcrsU2eAn

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:187178:orEAgqx5EOmggBLgOAh1AIAANESBG0fKptBFEBcIGYSKBOwGFtoGg6BAEkBiK4MggA5rZIFFYGxhAwTQ46jSAAEh4bAR+4JA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffc7c7c3d3ffffff
Perceptual Hash:b1339acccc93b364
Difference Hash:0018181616000000
Wavelet Hash:fcdcc4c4003c3c3c
Color Hash:#2d8086

Other Hashes

Crop Resistant:0018181616000000

Scan History

Scan history not available

Unable to load historical scan data