ScanMalware.com

Security Scan Report: belts-oxc.info

Redirected to: https://www.pbgc.gov/workers-retirees/transactions/direct-deposit

Submitted: Dec 11, 2025, 11:28:54 PMCompleted: Dec 11, 2025, 11:29:32 PMpubliccompleted
Loading additional data...

Summary

This website contacted 48 IPs in 2 countries across 15 domains to perform 60 HTTP transactions. The main domain is pbgc.gov and was registered NaN years ago.

Submitted URL: http://belts-oxc.info/

Effective URL: https://www.pbgc.gov/workers-retirees/transactions/direct-depositRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Phishing site using an old unranked domain to mimic the Pension Benefit Guaranty Corporation.

Risk Factors
Brand impersonation on an unranked, unrelated domain
Suspicious redirect from a non‑whitelisted domain
Unranked domain presenting government branding
Domain age information unavailable

Details

Page Title

Apply for or update direct deposit | Pension Benefit Guaranty Corporation

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(73%)

Domain Information

Domain 'belts-oxc.info' uses the informational generic top-level domain (.info) without a subdomain. Its registrable label 'belts-oxc' stretches across 9 characters with two vowels and six consonants, plus one hyphen. Breaking it apart gives 3 words: belts, ox, c. The median word length lands at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://belts-oxc.info/

Page Load Overview

4.76s
Total Load Time
60
HTTP Requests
15
Domains
999 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:4,936 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service73% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

government public service
73%
government
48%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
135.190.93.146United States
AS396982GOOGLE-CLOUD-PLATFORM
1172.65.90.25United States
AS13335CLOUDFLARENET
134.98.105.146Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
123.50.131.146Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
1172.64.147.188United States
AS13335CLOUDFLARENET
1172.67.142.245United States
AS13335CLOUDFLARENET
1147.182.143.196North Bergen, New Jersey, United States
AS14061DIGITALOCEAN-ASN
1142.250.185.104United States
AS15169GOOGLE
1104.18.40.68United States
AS13335CLOUDFLARENET
123.50.131.147Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
6048--

Detected Technologies2

MetaGenerator
100%
Drupal
50%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1021395215282113720B363C0BBF9BF28F1E29935DE565442D7F8A3FA67DBD903E26509

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:tM9mBZbSzewytt3owM2EhK+IbEXJfV3hAcichdeGhM6MLibYFDoUHfDaPo1xFbDz:tMObSzewytt3owM2EhZIbEXJfV36cicA

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:43528:SY1EEFwQQiSbANDKIgEKCJoRyCA5AIaACMqIA7AOFIgcWB8MiBwAABLEeBwEJARRMQpA2FmlPhJqCCC4CKRAPDGggQUCFFAh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:9f89cbd9cbcbcbcb
Perceptual Hash:b95616988cb6b6b2
Difference Hash:323b1a321b1b1b3b
Wavelet Hash:9f808389cbcb8bcb
Color Hash:#c58787

Other Hashes

Crop Resistant:323b1a321b1b1b3b

Scan History

Scan history not available

Unable to load historical scan data