ScanMalware.com

Security Scan Report: www.saa.gov.uk

Submitted: Jan 25, 2026, 3:17:17 AMCompleted: Jan 25, 2026, 3:18:16 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 19 HTTP transactions. The main domain is saa.gov.uk and was registered NaN years ago.

Submitted URL: https://www.saa.gov.uk/renfrewshire/

The Cisco Umbrella rank of the primary domain is #887,104 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 93%

9
Risk Score

Compromised WordPress page harvesting credentials – treat as confirmed phishing scam.

Risk Factors
Compromised WordPress site indicator
Hidden password field
Password field without username (credential harvesting)
Presence of password fields on a non‑login page
Domain age information unavailable

Details

Page Title

Renfrewshire – Scottish Assessors Association Sites

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

real estate property

(67%)

Domain Information

Domain 'www.saa.gov.uk' uses the United Kingdom country-code top-level domain (.gov.uk) and includes subdomain 'www'. The second-level label 'saa' is 3 characters long containing two vowels alongside 1 consonant. Splitting it apart reveals three words: s, a, a. Median word length is 1 character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.saa.gov.uk/renfrewshire/

Page Load Overview

4.02s
Total Load Time
65
HTTP Requests
4
Domains
419 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,220 chars
Detector Agreement:100%

Website Classification

Primary Category

real estate property67% confidence
Type: spa
Method: ml+structural

All Detected Categories

real estate property
67%
government
48%
government public service
27%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
17172.217.18.3United States
AS15169Google LLC
16142.251.140.170United States
AS15169Google LLC
16104.20.21.210United States
AS13335Cloudflare, Inc.
16104.16.174.226United States
AS13335Cloudflare, Inc.
654--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12B332BB368BCC53A515B56CCF0B0F72CCAAAE116C705D264B5FC12A85F91E9E09A370C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:H8SypczXqKo2bqFxOOckJtiA8ZRXo1v3xqPXeLYcDuD+EQTOWkSKwQ3Fht9sVG/x:H8Lez6Ko2W+OckJtiA8ZRXo1v3xqPXwU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:54097:oQJoAbJAlEYHGFOQAVyEuCDAqEGEkAgIiF4JqyYUKLJhuABIcbAUkdIkIoDIQPViU4ZQVEAqA2IBcABAgyhJDjKnICIAEFBB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffdc80ffffff00
Perceptual Hash:f39c418c737658c9
Difference Hash:e0c218082ae0c141
Wavelet Hash:feff8080b8ffe000
Color Hash:#93211f

Other Hashes

Crop Resistant:e0c218082ae0c141,48489384c0c40040,48c89c81c1d1070b,8185494949098961

Scan History

Scan history not available

Unable to load historical scan data