ScanMalware.com

Security Scan Report: www.myncretirement.gov

Submitted: Dec 11, 2025, 7:25:03 PMCompleted: Dec 11, 2025, 7:25:54 PMpubliccompleted
Loading additional data...

Summary

This website contacted 64 IPs in 3 countries across 14 domains to perform 159 HTTP transactions. The main domain is myncretirement.gov and was registered NaN years ago.

Submitted URL: https://www.myncretirement.gov/

The Cisco Umbrella rank of the primary domain is #454,883 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 82%

10
Risk Score

Site likely impersonates NC Retirement; high risk of phishing despite lack of forms.

Risk Factors
Circular redirect indicates possible URL manipulation
Brand impersonation on an unusual, low‑rank domain
Very new .gov domain suggests possible spoofing
Poorly written OCR content (typos, garbled text) typical of phishing lures
Domain age information unavailable

Details

Page Title

MyNCRetirement | My NC Retirement

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government

(48%)

Domain Information

Within the United States government-restricted top-level domain (.gov), 'www.myncretirement.gov' is registered, featuring subdomain 'www'. The second-level label 'myncretirement' is 14 characters long holding 4 vowels versus 10 consonants. Segmentation suggests 3 words: my, nc, retirement. Median word length comes out to two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.myncretirement.gov/

Page Load Overview

11.23s
Total Load Time
159
HTTP Requests
14
Domains
4.5 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:5,453 chars
Detector Agreement:100%

Website Classification

Primary Category

government48% confidence
Type: spa
Method: ml+structural

All Detected Categories

government
48%
government public service
40%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
33151.101.1.229San Francisco, California, United States
AS54113FASTLY
2216.58.206.72United States
AS15169GOOGLE
2142.250.185.238United States
AS15169GOOGLE
266.102.1.155United States
AS15169GOOGLE
2151.101.129.229San Francisco, California, United States
AS54113FASTLY
265.9.175.71United States
AS16509AMAZON-02
2142.251.140.163United States
AS15169GOOGLE
299.84.152.26United States
AS16509AMAZON-02
2151.101.193.229San Francisco, California, United States
AS54113FASTLY
2157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
15964--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17D93E7125DE0107E014B24CA6AA0F659EDE79187E7024849F3FE57AC4FE3E85A933B1D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:VlIokKFnYJthq8jx6dvPKe9vvWvEcC9PR7ZeVywhcYI73UcUV1wti4ty5HbnEJIZ:VlIR2wqERLq8zfYwZs8TN6vgl/DTiZyz

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:89449:QMIuDoIPJQScoBcS2ABKgoQCJDAIDiAOGWgNygi4GGAwAcdACpGIIYAkwVGBhEhZaHIDYiU0T4CAVSx8A0lIMGEjJJBRkEJJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data