ScanMalware.com

Security Scan Report: urlz.fr

Redirected to: https://xmsuemaneusmeb.duia.ro/ennuemsielmaunevsmemaun/pages/region.php?lca#1b141210624937e9e

Submitted: Nov 10, 2025, 10:26:16 PMCompleted: Nov 10, 2025, 10:26:50 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 0 countries across 2 domains to perform 24 HTTP transactions. The main domain is xmsuemaneusmeb.duia.ro.

Submitted URL: https://urlz.fr/uWEr

Effective URL: https://xmsuemaneusmeb.duia.ro/ennuemsielmaunevsmemaun/pages/region.php?lca#1b141210624937e9eRedirected

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

High‑risk phishing site impersonating PayPal and Crédit Agricole on a new, unranked domain.

Risk Factors
Brand impersonation on an unranked, likely newly‑registered domain
Redirect chain leading to a unrelated, suspicious domain
Presence of forms that could be used for data collection
Domain age information unavailable

Details

Page Title

Compte PayPal - Paiements et Transferts d'argent | PayPal FR

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

finance banking

(83%)

Domain Information

Domain 'urlz.fr' uses the French country-code top-level domain (.fr). The registrable portion 'urlz' spans 4 characters with 1 vowel and three consonants. Segmentation suggests two words: url, z. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://urlz.fr/uWEr

Page Load Overview

4.47s
Total Load Time
24
HTTP Requests
2
Domains
752 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:13,488 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking83% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
83%
government public service
58%
forum
25%

Detected Features

Search
Comments

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
438.133.142.42UnknownUnknown
4172.67.180.211UnknownUnknown
42606:4700:3037::ac43:b4d3UnknownUnknown
42606:4700:3031::6815:5bdfUnknownUnknown
4104.21.91.223UnknownUnknown
245--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12594C2786928EC7E4740858DE1CF3758B01F82478B4243ABB35A6D7F87A10B7796C663

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:xk75UWauujxB2MqGRrNJvqgUqbSgWErViXH:b2QQqbSgWErVG

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:413242:EMSrIQyA6DAqQlOChRgwAxgAAES50BAU9NiAIkYQKZgLpACQHrXoqYaegDYAXBgSgklSIKKQOCCId0MYABEBRMSARIs5YAYg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data