ScanMalware.com

Security Scan Report: antai-gouv-paiement.it.com

Redirected to: https://www.lemonde.fr/

Site favicon
Submitted: Oct 13, 2025, 5:18:37 PMCompleted: Oct 13, 2025, 5:19:21 PMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 63 HTTP transactions. The main domain is lemonde.fr and was registered NaN years ago.

Submitted URL: https://antai-gouv-paiement.it.com/as.php

Effective URL: https://www.lemonde.fr/Redirected

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Suspicious brand impersonation via redirect; treat as high‑risk phishing.

Risk Factors
Brand impersonation on an unusual, unranked domain
Suspicious redirect from a non‑whitelisted domain
Domain name mimics government/payment service ("gouv-paiement") to add false legitimacy
Domain age information unavailable

Details

Page Title

Le Monde.fr - Actualités et Infos en France et dans le monde

Scan Type

public

Language

🇫🇷

French

(100% confidence)

Category

news media journalism

(81%)

Domain Information

The domain name 'antai-gouv-paiement.it.com' uses the commercial generic top-level domain (.com), featuring subdomain 'antai-gouv-paiement'. Its registrable label 'it' stretches across 2 characters containing 1 vowel alongside 1 consonant. Word splitting yields one word: it. 'it' is most common in English usage. Secondary signals appear in Chinese (Pinyin) and Chinese (Zhuyin).

Screenshot

Security scan screenshot of https://antai-gouv-paiement.it.com/as.php

Page Load Overview

7.99s
Total Load Time
63
HTTP Requests
7
Domains
1.3 MB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:100%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:100%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:51,532 chars
Detector Agreement:100%

Website Classification

Primary Category

news media journalism81% confidence
Type: spa
Method: ml+structural

All Detected Categories

news media journalism
81%
finance banking
74%
documentation technical
49%
corporate business
34%
government public service
29%

Detected Features

Articles
OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1318.245.86.4United States
AS16509AMAZON-02
588.221.169.246Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
5104.21.37.193United States
AS13335CLOUDFLARENET
5172.67.212.172United States
AS13335CLOUDFLARENET
545.87.43.93Amsterdam, North Holland, Netherlands
AS62068SpectraIP B.V.
5146.75.122.217Frankfurt am Main, Hesse, Germany
AS54113FASTLY
52606:4700:3034::ac43:d4acUnited States
AS13335CLOUDFLARENET
518.245.86.111United States
AS16509AMAZON-02
518.245.86.69United States
AS16509AMAZON-02
52606:4700:3037::6815:25c1United States
AS13335CLOUDFLARENET
6311--

Detected Technologies3

X-UA-Compatible
100%
Open-Graph-Protocolvwebsite
100%
Outbrain
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14EA449B1B5D02B3B518380EABFE1376995258816C2CA4A51F7FF97884BCBDC5938325C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:QFVn9SzbO/8j5rOUOcfBmRLCuDNDc7Ne/vLh1kBROyCfH6sIiwwGg58VhuvwvDYD:Y9Szb6qb1NH0J

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:466842:5gGKQAQi6kod10JAKZQuAMmtBxNNsCMoggIIiQxBYkkiJAUz+hQGYKEhQwgcgKEFICgcEkNiiMwDFAgKbISWGqxkRFEoHACQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00183c3c3c3c1c00
Perceptual Hash:98cf30e7339c6319
Difference Hash:0f7171717129399c
Wavelet Hash:e73c3c3c7c3c3c02
Color Hash:#c1e06c

Other Hashes

Crop Resistant:a262a292862a2b8c,0f7171717129399c

Scan History

Scan history not available

Unable to load historical scan data