ScanMalware.com

Security Scan Report: elginil.gov

Site favicon
Submitted: Oct 19, 2025, 6:39:26 AMCompleted: Oct 19, 2025, 6:41:14 AMpubliccompleted
Loading additional data...

Summary

This website contacted 161 IPs in 6 countries across 39 domains to perform 185 HTTP transactions. The main domain is elginil.gov and was registered NaN years ago.

Submitted URL: https://elginil.gov/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site impersonates Google on a government domain, posing a high‑risk phishing threat.

Risk Factors
Brand impersonation / typosquatting (Google logo/text on a government .gov domain)
UNRANKED domain presenting a well‑known brand
Domain age information unavailable

Details

Page Title

City of Elgin, Illinois - Official Website | Official Website

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(59%)

Domain Information

Within the United States government-restricted top-level domain (.gov), 'elginil.gov' is registered without a subdomain. The second-level label 'elginil' is 7 characters long holding 3 vowels versus four consonants. Breaking it apart gives 2 words: elgin, il. The median word length lands at 3.5 characters. The linguistic tilt is Italian for 'elin'. You may catch it in Basque and French as well.

Screenshot

Security scan screenshot of https://elginil.gov/

Page Load Overview

66.73s
Total Load Time
185
HTTP Requests
39
Domains
19.5 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:7,615 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service59% confidence
Type: spa
Method: ml+structural

All Detected Categories

government public service
59%
forum community discussion
55%
government
48%
education learning
46%
e-commerce shopping
34%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
25142.250.186.131United States
AS15169GOOGLE
1208.90.191.31United States
AS393775IPP-AS
134.91.80.159Groningen, Groningen, Netherlands
AS396982GOOGLE-CLOUD-PLATFORM
146.228.174.117United Kingdom
AS56396Nexxen Group Ltd
113.35.58.85United States
AS16509AMAZON-02
134.1.242.226Groningen, Groningen, Netherlands
AS15169GOOGLE
135.204.89.238Groningen, Groningen, Netherlands
AS396982GOOGLE-CLOUD-PLATFORM
135.234.162.151Groningen, Groningen, Netherlands
AS396982GOOGLE-CLOUD-PLATFORM
134.254.143.3Dublin, Leinster, Ireland
AS16509AMAZON-02
144.206.108.102Ashburn, Virginia, United States
AS14618AMAZON-AES
185161--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T127243AD0E38D2437402331E5E06FA788A5BA857AF3069C65FD7E12709BD4CF1A1356BA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:pIbgm9d8syZ2nMvYhbyZ2ABHPtHf3QB5B0MPC7:pcg9YMvKsQdPC7

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:213291:RqEkGyACGKMAaSv6iAWEwRCiHyIEVOQAEAy4QSqFBoOCAjAEqgIRBJizAGUDwmLIgBKgIgMNxZQAQCYCIKFnAVpGVBUbCKcj

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data