ScanMalware.com

Security Scan Report: clavesegura.wpenginepowered.com

Site favicon
Submitted: Oct 16, 2025, 12:57:54 AMCompleted: Oct 16, 2025, 12:58:50 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 2 countries across 4 domains to perform 33 HTTP transactions. The main domain is clavesegura.wpenginepowered.com.

Submitted URL: https://clavesegura.wpenginepowered.com/cla/auth/billing.php

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Impersonates Correos.es to harvest personal data; high‑risk phishing site.

Risk Factors
Brand impersonation (Correos.es) on an unrelated, unranked domain
Collection of personally identifiable information on a low‑reputation site
Domain age unknown and likely very new
Domain age information unavailable

Details

Page Title

Localizar envíos, oficinas y códigos postales| Correos.es

Scan Type

public

Language

🇪🇸

Spanish

(50% confidence)

Category

government public service

(54%)

Domain Information

The domain 'clavesegura.wpenginepowered.com' uses the commercial generic top-level domain (.com) with subdomain 'clavesegura'. The registrable portion 'wpenginepowered' spans 15 characters with six vowels and nine consonants. Segmentation suggests three words: wp, engine, powered. Median word length comes out to 6 characters. 'engine' is most common in English usage. You will also see it in Chinese (Pinyin) and Indonesian contexts.

Screenshot

Security scan screenshot of https://clavesegura.wpenginepowered.com/cla/auth/billing.php

Page Load Overview

22.24s
Total Load Time
33
HTTP Requests
4
Domains
32 KB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:50%
Script Type:Latin
Text Length:741 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service54% confidence
Type: static
Method: ml+structural

All Detected Categories

government public service
54%
corporate business
50%
technology software
30%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2141.193.213.10United States
AS209242Cloudflare London, LLC
2104.16.174.226United States
AS13335CLOUDFLARENET
2142.250.181.234United States
AS15169GOOGLE
2104.18.11.207United States
AS13335CLOUDFLARENET
2141.193.213.11United States
AS209242Cloudflare London, LLC
22606:4700::6810:afe2United States
AS13335CLOUDFLARENET
22606:4700::6812:bcfUnited States
AS13335CLOUDFLARENET
22a00:1450:4001:82b::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
22606:4700::6812:acfUnited States
AS13335CLOUDFLARENET
22606:4700::6810:aee2United States
AS13335CLOUDFLARENET
3312--

Detected Technologies6

JQueryv3.5.1
100%
Cloudflare Bot Management
55%
WordPress
50%
WP Engine
40%
HTTP/3
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14532013048F9152B4182409A7E7DAA2A7DC2D007C76E670571ED1B9E1F86E87CD63F2C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:sGpEztfIc074py8ljq+acIijpeNpluzP5TllQODqCXOx4nx/I6:sAEzLk8a6lvXDnx/T

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:11149:DKKRIgi9AIABEJSdQBhOikYDYUoAIhCgNAwBMQjADBLLgmmTEI8RwMB4Q1AEW4oQmwQFKiIUQBkMAwEROgCAASGoG4EwAYwO

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data