ScanMalware.com

Security Scan Report: www.domstol.se

Site favicon
Submitted: May 9, 2026, 3:48:55 AMCompleted: May 9, 2026, 3:50:11 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 22 HTTP transactions. The main domain is domstol.se and was registered NaN years ago.

Submitted URL: https://www.domstol.se/norrtalje-tingsratt/

The Cisco Umbrella rank of the primary domain is #778,263 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 78%

4
Risk Score

Site appears to be a legitimate government page but shows a critical IDS alert and heavily obfuscated JavaScript, suggesting possible compromise; treat cautiously.

Risk Factors
Critical IDS alert indicating possible malware activity
Heavily obfuscated JavaScript (high‑entropy, charcode manipulation)
Low Cisco Umbrella ranking for a site claiming to be an official court
Potential server compromise suggested by large POST traffic
Safety Factors
Domain age >25 years (9122 days) – well‑established
Official government domain (domstol.se) matching page content
No malicious Indicators of Compromise found
No credential or payment collection forms
Content classified as government public service with 82% confidence
Domain age information unavailable

Details

Page Title

Norrtälje tingsrätt

Scan Type

public

Language

🇸🇪

Swedish

(80% confidence)

Category

government public service

(82%)

Domain Information

The domain 'www.domstol.se' uses the Swedish country-code top-level domain (.se) and includes subdomain 'www'. The registrable portion 'domstol' spans 7 characters containing two vowels alongside five consonants. Breaking it apart gives two words: dom, stol. Average segment length settles at 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.domstol.se/norrtalje-tingsratt/

Page Load Overview

1.27s
Total Load Time
19
HTTP Requests
4
Domains
206 KB
Total Size

Language Analysis

Primary Language

🇸🇪Swedish
Code: sv
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:sv
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:sv
Text Length:2,064 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service82% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

government public service
82%
adult content
58%
technology software
46%
corporate business
45%
government
40%

Detected Features

Search
OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7159.190.0.45Stockholm, Stockholm County, Sweden
AS1257Tele2 SWIPnet
6103.81.140.95Sweden
AS42695Cleura AB
6159.60.158.251United States
AS35280F5 Networks SARL
193--

Detected Technologies3

X-UA-Compatible
100%
Open-Graph-Protocolvwebsite
100%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DD93C630C2106C3B52978ADAA8917F5591DD910BCA920E54F7DCCF2D4BEBDF8B62250B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:JnKOXfi5BTRBum4WpAOxk9986dUiFLcLjUJalo3DWd3QquGDQ3EfRADY7/0DaA3+:JKkqLOOxk9986dUiFLcvUJalo3DWlRDX

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:90707:BAUigkCClhgEgoBUI0BCGGiIoqkqL1ABJCA2qfBFkDYJPZLzOiCWIsQU4gAQEQlBgVJABbkFWjgOTCyBDCw5CQaJAWKIhPjU

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffe3e3f1e1e1ff
Perceptual Hash:ef1c9a631c65171c
Difference Hash:750b4747474b4b60
Wavelet Hash:00e1e1e1e1e1e1ff
Color Hash:#a240bf

Other Hashes

Crop Resistant:750b4747474b4b60,0101259494842185,798fafcc8e8b2919,aea634bab4241988

Scan History

Scan history not available

Unable to load historical scan data