ScanMalware.com

Security Scan Report: benefitsdirect.palig.com

Redirected to: https://attest.palig.com/as/authorization.oauth2?client_id=cf7770f3699048ca9c61358b4dff25f5&redirect_uri=https%3A%2F%2Fbenefitsdirect.palig.com%2FInicio%2FLogin.aspx&response_type=code%20id_token&scope=openid%20profile%20email%20phone&state=OpenIdConnect.AuthenticationProperties%3D77Xz_pbTwspPtnit2tS__V9q-1hgWeugjfCZBF75xwUBaByVP2_guGME5W8Ubj4VUpw2GSrZhq9RtRItOQkJH9lqxMPCrKNQRGjc2XFM-Axsa9d0MJjjDMF83Nzj-N7cE34bE7SwRU_YDLYTZn7Oyywd44vsUQ0eiSaqu4_DSa9-zzdhetv1g6JsRLRP7zuAVAQAA8rstAi50tsLjKsN5Pxgp8ZMVbE8XxUa_CctVmRy1ZIb-tZNT3nroV_BXx5GfGmGm2UYOgDet7K0UyHmSVCLn8Kl9kqhGyIhDyc417G7buDK32NAdxaaHG9UzvUx&response_mode=form_post&nonce=639027473986987250.MDk2NWIyODgtMjI5MC00YzdiLWE0MWUtN2JmZjA2NTY0NjY2MjdkNTMxMDMtMDQ3ZC00MWI1LWFkMDktYWE1MzE2ZGFkOTI5&x-client-SKU=ID_NET451&x-client-ver=5.6.0.0

Site favicon
Submitted: Dec 31, 2025, 3:09:55 AMCompleted: Dec 31, 2025, 3:11:04 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 2 domains to perform 24 HTTP transactions. The main domain is attest.palig.com and was registered NaN years ago.

Submitted URL: https://benefitsdirect.palig.com

Effective URL: https://attest.palig.com/as/authorization.oauth2?client_id=cf7770f3699048ca9c61358b4dff25f5&redirect_uri=https%3A%2F%2Fbenefitsdirect.palig.com%2FInicio%2FLogin.aspx&response_type=code%20id_token&scope=openid%20profile%20email%20phone&state=OpenIdConnect.AuthenticationProperties%3D77Xz_pbTwspPtnit2tS__V9q-1hgWeugjfCZBF75xwUBaByVP2_guGME5W8Ubj4VUpw2GSrZhq9RtRItOQkJH9lqxMPCrKNQRGjc2XFM-Axsa9d0MJjjDMF83Nzj-N7cE34bE7SwRU_YDLYTZn7Oyywd44vsUQ0eiSaqu4_DSa9-zzdhetv1g6JsRLRP7zuAVAQAA8rstAi50tsLjKsN5Pxgp8ZMVbE8XxUa_CctVmRy1ZIb-tZNT3nroV_BXx5GfGmGm2UYOgDet7K0UyHmSVCLn8Kl9kqhGyIhDyc417G7buDK32NAdxaaHG9UzvUx&response_mode=form_post&nonce=639027473986987250.MDk2NWIyODgtMjI5MC00YzdiLWE0MWUtN2JmZjA2NTY0NjY2MjdkNTMxMDMtMDQ3ZC00MWI1LWFkMDktYWE1MzE2ZGFkOTI5&x-client-SKU=ID_NET451&x-client-ver=5.6.0.0Redirected

The Cisco Umbrella rank of the primary domain is #746,314 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High risk phishing site impersonating Pan‑American Life Insurance Group.

Risk Factors
Brand impersonation on a low‑ranking, unrelated domain
Credential harvesting form with password fields
Mismatched final URL (attest.palig.com) does not match the advertised brand
Low Cisco Umbrella ranking for a site claiming a major brand
Domain age information unavailable

Details

Page Title

Pan-American Life Insurance Group - Private Access

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'benefitsdirect.palig.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'benefitsdirect'. The registrable portion 'palig' spans 5 characters holding two vowels versus three consonants. Tokenizing the label suggests 2 words: pali, g. Median word length comes out to 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://benefitsdirect.palig.com

Page Load Overview

2.41s
Total Load Time
9
HTTP Requests
2
Domains
289 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,045 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
313.33.187.21United States
AS14618
352.201.162.164Ashburn, Virginia, United States
AS14618AMAZON-AES
352.55.199.54Ashburn, Virginia, United States
AS14618AMAZON-AES
93--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T175129524A9F508710163207922DEA6457F78C623A60F4C19B9EC47847FA3C518E77FAC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:Hyd+PojqrHF58kHHajPbpmmyhdTlGL7yFopbiocnV+VZd:Hy4w6FOsHa3pmmyhogk

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:9637:hLfJyMiVoiuAGMZEAISQAlE4jECqAANBIGua0AAEgQkhYEFBQsKp6UCAWAKgBQCQVwUIgSIrwyRycZERKMQXwDGEiQRIIRCr

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:6f7f5dfdd9c1fffd
Perceptual Hash:e9938369de83609d
Difference Hash:aaaabaaa338fc115
Wavelet Hash:5a5a59dcd80179f1
Color Hash:#931f80

Other Hashes

Crop Resistant:aaaabaaa338fc115

Scan History

Scan history not available

Unable to load historical scan data