ScanMalware.com

Security Scan Report: cr664244-wordpress-m6any.tw1.ru

Submitted: Oct 15, 2025, 6:22:45 AMCompleted: Oct 15, 2025, 6:25:36 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 24 HTTP transactions. The main domain is cr664244-wordpress-m6any.tw1.ru.

Submitted URL: https://cr664244-wordpress-m6any.tw1.ru/wp-content/plugins/nwca-ddcanw/nwca-ddcanw/pages/region.php

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page impersonating Crédit Agricole; high risk due to compromised WordPress site and social engineering warning.

Risk Factors
Brand impersonation of Crédit Agricole on a suspicious domain
Compromised WordPress site (wp‑content path) used for phishing
Google Safe Browsing social engineering detection
UNRANKED/low‑reputation domain with unknown age
Potentially new domain (age not established)
Domain age information unavailable

Details

Page Title

Accès à votre caisse régionale - Crédit Agricole

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

finance banking

(83%)

Domain Information

Within the Russian country-code top-level domain (.ru), 'cr664244-wordpress-m6any.tw1.ru' is registered and includes subdomain 'cr664244-wordpress-m6any'. The core label 'tw1' covers 3 characters holding 0 vowels versus 2 consonants; it also includes 1 digit. Word splitting yields 2 words: tw, 1. Median word length comes out to 1.5 characters. The linguistic tilt is Albanian for 'tw'. Net impression: Albanian phrase with character flair.

Screenshot

Security scan screenshot of https://cr664244-wordpress-m6any.tw1.ru/wp-content/plugins/nwca-ddcanw/nwca-ddcanw/pages/region.php

Page Load Overview

0.80s
Total Load Time
24
HTTP Requests
1
Domains
657 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:13,488 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking83% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
83%
government public service
58%
forum
25%

Detected Features

Search
Comments

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2492.53.96.105Russia
AS9123Jsc timeweb
122a03:6f00:1::5c35:6069St Petersburg, St.-Petersburg, Russia
AS9123Jsc timeweb
242--

Detected Technologies4

X-UA-Compatible
100%
Java
50%
Adobe Experience Manager
30%
jQuery
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13614623190F0053A427FB2C2A2649B126EABD70FC94E56904AA44BE56FF1D317E9F31D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:vaLaiafZy7Suv2LxIiObDauFfIM4poD8Z/AKWXR1hV+RQM/kfK0O2jvotaMMl6v+:V56QFU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:200877:QAqABFQgCKQOAYhggFqgRYhQyBhDECMKgyAYQNQgmAQS6IgIKGFIUgsBmIcFDgAiogYhegioHAEUAA2oQBBAAQIwwQAFUIgg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff0f0f0f0f0f0fff
Perceptual Hash:b1f1c616ce13c4d5
Difference Hash:b89b9b9b9b9a9af0
Wavelet Hash:3e0f0b090f0f0f3f
Color Hash:#2dd29b

Other Hashes

Crop Resistant:b89b9b9b9b9a9af0,9c3c3abbf7e78eee,d3d1c4d6c661c0cc,8721818609298b0f

Scan History

Scan history not available

Unable to load historical scan data