ScanMalware.com

Security Scan Report: ce780417-wordpress-ndmcg.tw1.ru

Redirected to: https://ce780417-wordpress-ndmcg.tw1.ru/wp-content/plugins/nwca-ddcanw/nwca-ddcanw/pages/region.php?lca

Submitted: Oct 15, 2025, 6:50:25 AMCompleted: Oct 15, 2025, 6:53:22 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 24 HTTP transactions. The main domain is ce780417-wordpress-ndmcg.tw1.ru.

Submitted URL: https://ce780417-wordpress-ndmcg.tw1.ru/wp-content/plugins/nwca-ddcanw/nwca-ddcanw/pages/region.php?lca#5a61a70a295b08195

Effective URL: https://ce780417-wordpress-ndmcg.tw1.ru/wp-content/plugins/nwca-ddcanw/nwca-ddcanw/pages/region.php?lcaRedirected

AI Security Verdict

High Risk

Confidence: 95%

9
Risk Score

Phishing page impersonating Crédit Agricole; high risk

Risk Factors
URL manipulation (phishing technique)
Compromised WordPress site used for phishing
Impersonation of Crédit Agricole brand
Unranked/low‑reputation domain
Social engineering detection by Google Safe Browsing
Domain age information unavailable

Details

Page Title

Accès à votre caisse régionale - Crédit Agricole

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

finance banking

(83%)

Domain Information

You're looking at domain 'ce780417-wordpress-ndmcg.tw1.ru' on the Russian country-code top-level domain (.ru) and includes subdomain 'ce780417-wordpress-ndmcg'. The second-level label 'tw1' is 3 characters long containing zero vowels alongside two consonants, notching 1 digit. Word splitting yields 2 words: tw, 1. Median word length is 1.5 characters. 'tw' is most common in Albanian usage.

Screenshot

Security scan screenshot of https://ce780417-wordpress-ndmcg.tw1.ru/wp-content/plugins/nwca-ddcanw/nwca-ddcanw/pages/region.php?lca#5a61a70a295b08195

Page Load Overview

1.75s
Total Load Time
24
HTTP Requests
1
Domains
657 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:13,488 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking83% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
83%
government public service
58%
forum
25%

Detected Features

Search
Comments

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2492.53.96.105Russia
AS9123Jsc timeweb
122a03:6f00:1::5c35:6069St Petersburg, St.-Petersburg, Russia
AS9123Jsc timeweb
242--

Detected Technologies4

X-UA-Compatible
100%
Java
50%
Adobe Experience Manager
30%
jQuery
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13614623190F0053A427FB2C2A2649B126EABD70FC94E56904AA44BE56FF1D317E9F31D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:vaLaiafZy7Suv2LxIiObDauFfIM4poD8Z/AKWXR1hV+RQM/kfK0O2jvotaMMl6v+:V56QFU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:200877:QAqABFQgCKQOAYhggFqgRYhQyBhDECMKgyAYQNQgmAQS6IgIKGFIUgsBmIcFDgAiogYhegioHAEUAA2oQBBAAQIwwQAFUIgg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff0f0f0f0f0f0fff
Perceptual Hash:b1f1c616ce13c4d5
Difference Hash:b89b9b9b9b9a9af0
Wavelet Hash:3e0f0b090f0f0f3f
Color Hash:#42783a

Other Hashes

Crop Resistant:b89b9b9b9b9a9af0,9c3c3abbf7e78eee,d3d1c4d6c661c0cc,8721818609298b0f

Scan History

Scan history not available

Unable to load historical scan data