ScanMalware.com

Security Scan Report: amerisure.sumtotal.host

Redirected to: https://amerisure.okta.com/app/amerisureinsurancecompany_sumtotalproduction_1/exkow5jcjqwIQNdER0x7/sso/saml

Site favicon
Submitted: Mar 7, 2026, 4:39:46 AMCompleted: Mar 7, 2026, 4:41:06 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 1 HTTP transaction. The main domain is amerisure.okta.com and was registered NaN years ago.

Submitted URL: https://amerisure.sumtotal.host

Effective URL: https://amerisure.okta.com/app/amerisureinsurancecompany_sumtotalproduction_1/exkow5jcjqwIQNdER0x7/sso/samlRedirected

The Cisco Umbrella rank of the primary domain is #41,887 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 78%

8
Risk Score

Page mimics Amerisure login, harvests passwords, and triggers a critical IDS alert – treat as phishing.

Risk Factors
Password field without username (credential harvesting pattern)
Cross‑origin credential submission to a different domain
Critical network IDS alert indicating possible data exfiltration
Brand impersonation on a third‑party domain
Domain age information unavailable

Details

Page Title

Amerisure Insurance Company - Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(69%)

Domain Information

You're looking at domain 'amerisure.sumtotal.host' on the .host top-level domain; it also runs on subdomain 'amerisure'. Its registrable label 'sumtotal' stretches across 8 characters containing three vowels alongside five consonants. Breaking it apart gives two words: sum, total. Median word length comes out to 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://amerisure.sumtotal.host

Page Load Overview

3.59s
Total Load Time
24
HTTP Requests
3
Domains
299 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:419 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical69% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

documentation technical
69%
corporate business
63%
technology software
61%
finance banking
56%
healthcare medical
55%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8108.138.7.126Germany
AS20940
899.83.213.230United States
AS16509Amazon.com, Inc.
823.50.131.158GermanyUnknown
243--

Detected Technologies2

PasswordField
100%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1CA1317D1080AC8DD46D69DC956BB96062242A2D3CAA1DEC477FCCEC99FE8D0B712D64C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:IT3m/dhzpe0WHtPjKsIxctPjKsIxm/tPjKsIx+c:q36dhpe0WJjK4jKwxjKf

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:43524:5CiMNEgbig0dwIkWMqsUgZARphY2QiAJFIGJgYUUFgAyMFALAVqBVTFAEDQhDZ+ssSkEbMAgoBlTmEmRJhQbMoAzBURWAQZh

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff181818002418ff
Perceptual Hash:93cce466a699a666
Difference Hash:4d3032324c4c30cc
Wavelet Hash:ff1c181800001aff
Color Hash:#931f42

Other Hashes

Crop Resistant:4d3032324c4c30cc

Scan History

Scan history not available

Unable to load historical scan data