ScanMalware.com

Security Scan Report: cy191110-wordpress-vm0oc.tw1.ru

Site favicon
Submitted: Nov 27, 2025, 11:29:06 PMCompleted: Nov 27, 2025, 11:32:10 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 30 HTTP transactions. The main domain is cy191110-wordpress-vm0oc.tw1.ru.

Submitted URL: https://cy191110-wordpress-vm0oc.tw1.ru/wp-content/plugins/DSSDS/pages/region.php

The Cisco Umbrella rank of the primary domain is #163,229 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

High‑risk phishing site impersonating Crédit Agricole; do not trust.

Risk Factors
Compromised WordPress site used for brand impersonation
Brand impersonation of Crédit Agricole on a low‑ranking, likely new domain
Low Cisco Umbrella ranking for a domain claiming a reputable brand
Domain age information unavailable

Details

Page Title

Accès CR - Crédit Agricole

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

finance banking

(98%)

Domain Information

The domain 'cy191110-wordpress-vm0oc.tw1.ru' uses the Russian country-code top-level domain (.ru) with subdomain 'cy191110-wordpress-vm0oc'. Its registrable label 'tw1' stretches across 3 characters containing zero vowels alongside 2 consonants, plus 1 digit. Splitting it apart reveals two words: tw, 1. The median word length lands at 1.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://cy191110-wordpress-vm0oc.tw1.ru/wp-content/plugins/DSSDS/pages/region.php

Page Load Overview

0.87s
Total Load Time
30
HTTP Requests
1
Domains
419 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:4,921 chars
Detector Agreement:50%

Website Classification

Primary Category

finance banking98% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
98%
real estate property
91%
government public service
81%
blog personal website
65%
technology software
63%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3092.53.96.141Russia
AS9123Jsc timeweb
152a03:6f00:1::5c35:608dSt Petersburg, St.-Petersburg, Russia
AS9123Jsc timeweb
302--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1729002FEF46900055C2239851DD112576D14426821155B80198534648508215CC12188

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3:qVZxQXbZ6J67wtKHXz:qzxO965tmz

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:1:0:374b0a2fed80d24ff0f80253675b31a5

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3fffffffffffffff
Perceptual Hash:87070f0f0f0f0f1f
Difference Hash:c000000000000000
Wavelet Hash:30f0f0f0f0f0f0f0
Color Hash:#2d8633

Other Hashes

Crop Resistant:c000000000000000

Scan History

Scan history not available

Unable to load historical scan data