ScanMalware.com

Security Scan Report: baltimore.org

Submitted: Mar 21, 2026, 6:48:34 AMCompleted: Mar 21, 2026, 6:49:34 AMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 25 HTTP transactions. The main domain is baltimore.org and was registered NaN years ago.

Submitted URL: https://baltimore.org

The Cisco Umbrella rank of the primary domain is #552,835 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 85%

4
Risk Score

Official Baltimore tourism site appears legitimate but contains a disguised password field and Unicode evasion, warranting moderate caution.

Risk Factors
Disguised password field (type='text' with password‑like placeholder)
Unicode evasion detected in form fields
Safety Factors
Established domain (registered 1997)
No payment or credential‑harvesting forms
No YARA malware matches
No network IDS alerts
Low Cisco Umbrella ranking is typical for local tourism sites
Domain age information unavailable

Details

Page Title

Visit Baltimore | Official Travel Website for Baltimore Maryland

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate

(70%)

Domain Information

Within the non-profit oriented generic top-level domain (.org), 'baltimore.org' is registered. The registrable portion 'baltimore' spans 9 characters split between 4 vowels and five consonants. Tokenizing the label suggests one word: baltimore. Median word length is nine characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://baltimore.org

Page Load Overview

5.44s
Total Load Time
185
HTTP Requests
13
Domains
33.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:40,195 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate70% confidence
Type: spa
Method: structural

All Detected Categories

corporate
70%
news/blog
40%

Detected Features

OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
25141.193.213.20United States
AS209242Cloudflare London, LLC
162.19.126.209Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
16172.67.68.68Germany
AS14618
1699.84.152.69Germany
AS13335
16104.20.23.25Germany
AS209242
16162.159.128.61United States
AS13335Cloudflare, Inc.
1634.234.196.126Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
16142.250.201.168GermanyUnknown
1618.172.114.101United States
AS16509Amazon.com, Inc.
16192.0.76.3San Francisco, California, United States
AS2635Automattic, Inc
18511--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15E64E5B024F45872019745FDA1B14F5AABB4D307C95B9988B2ADABE19FC3CE4CD131AC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:SI0cXEMIxg/n+8Is/5ZEka+dMYSIW72/45wcTiv9kcVWSTylQPfRKfB/ovLkKSAJ:qUdMR72/4ycOv9kcV1PN

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:321680:CjiAvmokEuhoIHYJAkq4RIbklQIAgDDwSCBQBCThDVLBBOCOQhXACCENUTBo7xpqASjaiNiQYAFwAnzECATQgUDkSoQecAgA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:f8fc7c782000001c
Perceptual Hash:cbc9fe3c070b9232
Difference Hash:5191d1cbcf5fd769
Wavelet Hash:fdfc7d7d2001013c
Color Hash:#e0726c

Other Hashes

Crop Resistant:3333b0b5b434f4b3,c404c2d2e26a6ae6,d49492d0d0c86462,5191d1cbcf5fd769

Scan History

Scan history not available

Unable to load historical scan data