Security Scan Report: www.saa.gov.uk

Submitted: Oct 15, 2025, 8:39:20 AMCompleted: Oct 15, 2025, 8:41:55 AMpubliccompleted
Loading additional data...

Summary

This website contacted 15 IPs in 2 countries across 4 domains to perform 66 HTTP transactions. The main domain is saa.gov.uk and was registered NaN years ago.

Submitted URL: https://www.saa.gov.uk/grampian/

AI Security Verdict

High Risk

Confidence: 78%

7
Risk Score

Site contains hidden password fields indicative of credential harvesting; treat as phishing.

Risk Factors
Hidden password field in the page source
Password field without accompanying username field
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Grampian – Scottish Assessors Association Sites

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

real estate property

(56%)

Domain Information

Domain 'www.saa.gov.uk' uses the United Kingdom country-code top-level domain (.gov.uk); it also runs on subdomain 'www'. The second-level label 'saa' is 3 characters long containing two vowels alongside one consonant. Splitting it apart reveals 3 words: s, a, a. Median word length comes out to 1 character. 'a' is most common in Hungarian usage. Secondary signals appear in Portuguese and Galician.

Screenshot

Security scan screenshot of https://www.saa.gov.uk/grampian/

Page Load Overview

1.55s
Total Load Time
66
HTTP Requests
4
Domains
445 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,737 chars
Detector Agreement:100%

Website Classification

Primary Category

real estate property56% confidence
Type: spa
Method: ml+structural

All Detected Categories

real estate property
56%
government public service
49%
government
48%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
61104.20.21.210United States
AS13335CLOUDFLARENET
4104.16.175.226United States
AS13335CLOUDFLARENET
4216.58.206.42United States
AS15169GOOGLE
4142.250.185.163United States
AS15169GOOGLE
4172.66.158.152United States
AS13335CLOUDFLARENET
42a00:1450:4001:813::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
42606:4700:10::ac42:9e98United States
AS13335CLOUDFLARENET
42a00:1450:4001:80f::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
42606:4700::6810:afe2United States
AS13335CLOUDFLARENET
42606:4700:10::6814:15d2United States
AS13335CLOUDFLARENET
6615--

Detected Technologies11

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D53317F368AC953A019B56CC90B4F729DAE6D217CB04C264B7FC53AC1B91F9E486321D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:+S5apQ8LKKwS3q8ZGOckJtiA0ZRXo1v3xqPX//RVu6aVy+Yraujxv70bd5xIrT3d:+SYe8uKwSaxOckJtiA0ZRXo1v3xqPX7J

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:54403:wESD2EJ5qVFFWZKFgAaggwjcCXAzkE1ZYS8AAFgASaIThAd4AxosWFyAURIBACTngByoWAQBAIJJBiOlulCgg7AmAQCBQAaR

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffff80e6ffe000
Perceptual Hash:f79c418c73f28985
Difference Hash:c862700808e0c549
Wavelet Hash:7ebfbe8080ffe000
Color Hash:#6cc9e0

Scan History

Scan history not available

Unable to load historical scan data