ScanMalware.com

Security Scan Report: benecon.tfaforms.net

Site favicon
Submitted: Jun 24, 2026, 2:22:07 AMCompleted: Jun 24, 2026, 2:23:16 AMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 2 HTTP transactions. The main domain is benecon.tfaforms.net and was registered NaN years ago.

Submitted URL: https://benecon.tfaforms.net

The Cisco Umbrella rank of the primary domain is #37,088 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 78%

7
Risk Score

Site hosts a credential login form on an old, self‑branded domain without malicious indicators; classified as HIGH_RISK due to potential credential harvesting.

Risk Factors
Login form collecting credentials on a public website
Domain age information unavailable

Details

Page Title

FormAssembly: Enterprise | The Benecon Group, Inc. : Users

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate business

(32%)

Domain Information

You're looking at domain 'benecon.tfaforms.net' on the network infrastructure generic top-level domain (.net) and includes subdomain 'benecon'. Its registrable label 'tfaforms' stretches across 8 characters split between 2 vowels and six consonants. Splitting it apart reveals 2 words: tfa, forms. Median word length comes out to 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://benecon.tfaforms.net

Page Load Overview

2.09s
Total Load Time
15
HTTP Requests
4
Domains
318 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:451 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate business32% confidence
Type: webapp
Method: ml+structural

All Detected Categories

corporate business
32%
technology software
30%
government public service
29%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1598.89.208.251Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
151--

Detected Technologies5

PasswordField
100%
HSTS
40%
reCAPTCHA
30%
jQuery
20%
Pendo
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12F13B79631A220749A3B891293CE5A1C76386C935D074EB9B5AF500D9FC5FF8238372F

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:fVUmSmemSm8mSmRmSmNXmSm4mSmkmSmewspOy6hQr7BWVfH9wIed/u8SYv6:dUmSmemSm8mSmRmSmNXmSm4mSmkmSmeK

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:42604:JIKEUoqmkyTAyDRACCaQohI7ADTqmEg8EQLED2YyRCD2AWCCKgAstnYwMABWjBI/EgSpAwEIxEoEDCQUSSdJgpFJgDBcIUQ8

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff0018181800ffe7
Perceptual Hash:884eb346b9c48bf5
Difference Hash:f433b3b333f09416
Wavelet Hash:ff1818181800ffff
Color Hash:#536bac

Other Hashes

Crop Resistant:f433b3b333f09416,82b6b0e080331784,33b3b2b2b2b233f0,246426243434a42c

Scan History

Scan history not available

Unable to load historical scan data