ScanMalware.com

Security Scan Report: www.clevelandfire.gov.uk

Site favicon
Submitted: May 6, 2026, 12:41:43 PMCompleted: May 6, 2026, 12:43:26 PMpubliccompleted
Loading additional data...

Summary

This website contacted 18 IPs in 1 country across 12 domains to perform 86 HTTP transactions. The main domain is clevelandfire.gov.uk and was registered NaN years ago.

Submitted URL: https://www.clevelandfire.gov.uk/?fbclid=IwZXh0bgNhZW0CMTEAc3J0YwZhcHBfaWQMMjU2MjgxMDQwNTU4AAEe8Hd5Y5iZ7kWtOv3soMDY0cvNIAYY3hL9xcfUUPR1mCaeFz6efx8ApBxgkhM_aem_4jMvQ8lTYp9zfo7tV5LeEg

AI Security Verdict

High Risk

Confidence: 80%

7
Risk Score

The site shows a critical C2 beacon alert and multiple high‑severity IDS warnings, indicating malware activity despite being a long‑standing government domain.

Risk Factors
Critical IDS alert indicating possible command‑and‑control activity
High‑severity network alerts for suspicious POST traffic
Unranked domain reputation despite long registration
Domain age information unavailable

Details

Page Title

Home - Cleveland Fire Brigade

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(75%)

Domain Information

Domain 'www.clevelandfire.gov.uk' uses the United Kingdom country-code top-level domain (.gov.uk), featuring subdomain 'www'. Its registrable label 'clevelandfire' stretches across 13 characters with five vowels and eight consonants. Word splitting yields two words: cleveland, fire. Average segment length settles at 6.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.clevelandfire.gov.uk/?fbclid=IwZXh0bgNhZW0CMTEAc3J0YwZhcHBfaWQMMjU2MjgxMDQwNTU4AAEe8Hd5Y5iZ7kWtOv3soMDY0cvNIAYY3hL9xcfUUPR1mCaeFz6efx8ApBxgkhM_aem_4jMvQ8lTYp9zfo7tV5LeEg

Page Load Overview

6.15s
Total Load Time
86
HTTP Requests
12
Domains
1.7 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-GB
Text Length:4,125 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service75% confidence
Type: spa
Method: ml+structural

All Detected Categories

government public service
75%
corporate business
55%
government
48%
news/blog
35%
corporate
35%

Detected Features

Search
Articles
Comments
OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
18192.178.183.95United States
AS15169Google LLC
43.174.46.32United States
AS16509Amazon.com, Inc.
4104.26.8.123United States
AS13335Cloudflare, Inc.
413.226.244.100United States
AS16509Amazon.com, Inc.
43.174.46.26United States
AS16509Amazon.com, Inc.
4172.67.142.245United States
AS13335Cloudflare, Inc.
4104.26.9.123United States
AS13335Cloudflare, Inc.
4172.67.75.33United States
AS13335Cloudflare, Inc.
413.226.244.91United States
AS16509Amazon.com, Inc.
4188.114.96.3United States
AS13335Cloudflare, Inc.
8618--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DA34C6E2EC71513D711BA3A825AFE614F362A0D0DC049EA07BFD2198DBD07EC266D54B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:Nn9dLGn66whbLgfzalgbVybVtbVpH+BNaNJNwNg3NB24:R9dan66whbLgfzalgbVybVtbVyOTYmQ4

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:236387:hzAABLChmgC4AYDLBCIQgcFA4oBuMkAjWQgMwAAoYCiBE92RnC4QEIxBF1QMhQgLaEJAgQh5vEhhAAoAATUgcIJAA0kEAAeD

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data