ScanMalware.com

Security Scan Report: lucas.transit-clients-fr.com

Redirected to: https://www.lemonde.fr/

Submitted: Nov 21, 2025, 6:57:07 AMCompleted: Nov 21, 2025, 6:59:34 AMpubliccompleted
Loading additional data...

Summary

This website contacted 14 IPs in 3 countries across 7 domains to perform 101 HTTP transactions. The main domain is lemonde.fr.

Submitted URL: https://lucas.transit-clients-fr.com/as.php

Effective URL: https://www.lemonde.fr/Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Phishing site using a brand‑new domain to impersonate Le Monde; confirmed scam.

Risk Factors
Brand impersonation on a suspicious, newly registered domain
Unranked domain with no reputation
Potential malicious redirect from a non‑whitelisted domain
Garbage OCR text indicating social‑engineering tactics
Domain age information unavailable

Details

Page Title

Le Monde.fr - Actualités et Infos en France et dans le monde

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

corporate business

(52%)

Domain Information

Within the commercial generic top-level domain (.com), 'lucas.transit-clients-fr.com' is registered; it also runs on subdomain 'lucas'. The core label 'transit-clients-fr' covers 18 characters with 4 vowels and twelve consonants, notching 2 hyphens. Segmentation suggests 3 words: transit, clients, fr. Expect seven characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://lucas.transit-clients-fr.com/as.php

Page Load Overview

0.67s
Total Load Time
101
HTTP Requests
7
Domains
1.9 MB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:63,441 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate business52% confidence
Type: static
Method: ml+structural

All Detected Categories

corporate business
52%
news media journalism
42%
adult content
28%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
92146.75.122.217Frankfurt am Main, Hesse, Germany
AS54113FASTLY
7104.21.37.193United States
AS13335CLOUDFLARENET
7104.21.90.149United States
AS13335CLOUDFLARENET
718.245.86.4United States
AS16509AMAZON-02
718.245.86.69United States
AS16509AMAZON-02
72606:4700:3037::6815:25c1United States
AS13335CLOUDFLARENET
718.245.86.101United States
AS16509AMAZON-02
72606:4700:3033::ac43:9dddUnited States
AS13335CLOUDFLARENET
72606:4700:3034::ac43:d4acUnited States
AS13335CLOUDFLARENET
72606:4700:3030::6815:5a95United States
AS13335CLOUDFLARENET
10114--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B8944A71B5C02B3B518380EAFFA2776995298416C3D68A41F7FF97984BCBDC4928325C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:DFmG9SzbC/gj5rOUOcfBmRLCuDNDc7Ne/vLh1kBROyCfH6sIiwwGg58VhuvwvDYT:L9Szb9SayqH0H

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:437310:hCB4JRUHIAigBJNCtIoVKmHgQXLEhKBGTkEisdILA7ER4OgCZSgmiTSIhQpQNqi6mMA4AADCgwBJ8EoKLmAYAAEAgSoVOxyC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00183c3c3c3c1c00
Perceptual Hash:99cf34e7328c6718
Difference Hash:0f7171717169310c
Wavelet Hash:e73c3c3c7c3c3c02
Color Hash:#9479d2

Other Hashes

Crop Resistant:a262a292863a2b8c,0f7171717169310c

Scan History

Scan history not available

Unable to load historical scan data