ScanMalware.com

Security Scan Report: cx718554-wordpress-f7iuo.tw1.ru

Submitted: Oct 15, 2025, 9:03:14 AMCompleted: Oct 15, 2025, 9:04:11 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 20 HTTP transactions. The main domain is cx718554-wordpress-f7iuo.tw1.ru.

Submitted URL: https://cx718554-wordpress-f7iuo.tw1.ru/wp-content/plugins/nwca-ddcanw/pages/region.php

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

Phishing page impersonating Crédit Agricole on a compromised WordPress site; high risk.

Risk Factors
Brand impersonation of Crédit Agricole on a non‑official domain
Compromised WordPress site indicators (wp‑content/plugins path)
Google Safe Browsing social engineering detection
Unranked/low‑reputation domain (tw1.ru subdomain)
Likely newly registered domain with no established reputation
Domain age information unavailable

Details

Page Title

Accès à votre caisse régionale - Crédit Agricole

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

finance banking

(83%)

Domain Information

The domain 'cx718554-wordpress-f7iuo.tw1.ru' uses the Russian country-code top-level domain (.ru) with subdomain 'cx718554-wordpress-f7iuo'. The registrable portion 'tw1' spans 3 characters containing 0 vowels alongside 2 consonants, notching 1 digit. Breaking it apart gives two words: tw, 1. The median word length lands at 1.5 characters. Most frequently, 'tw' shows up in Albanian.

Screenshot

Security scan screenshot of https://cx718554-wordpress-f7iuo.tw1.ru/wp-content/plugins/nwca-ddcanw/pages/region.php

Page Load Overview

25.22s
Total Load Time
20
HTTP Requests
1
Domains
347 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:13,488 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking83% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
83%
government public service
58%
forum
25%

Detected Features

Search
Comments

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1092.53.96.105Russia
AS9123Jsc timeweb
102a03:6f00:1::5c35:6069St Petersburg, St.-Petersburg, Russia
AS9123Jsc timeweb
202--

Detected Technologies4

X-UA-Compatible
100%
Java
50%
Adobe Experience Manager
30%
jQuery
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15614623190F0053A427FB2C2A2649B126EABD70FC94E56904AA44BE56FF1D317E9F31D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:vaLaiafZy7Suv2LxIiObDauFfIM4poD8Z/AKWXR1hV+RQM/kfK0O2jvotaMMl6vy:V56QFM

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:200477:gIAGUiIggPMKEJ0gQBg1QIMAAAQAwsVBDgANDkZgmAI1hAQANAN0IBKpFKCpqgUAlloBBA5KQgEFLKREQATnhSAyQAA0CgSG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data