ScanMalware.com

Security Scan Report: cn423114-wordpress-t2otc.tw1.ru

Redirected to: https://cn423114-wordpress-t2otc.tw1.ru/wp-content/plugins/nwca-ddcanw/pages/region.php?lca

Site favicon
Submitted: Oct 16, 2025, 9:01:15 AMCompleted: Oct 16, 2025, 9:02:00 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 23 HTTP transactions. The main domain is cn423114-wordpress-t2otc.tw1.ru.

Submitted URL: https://cn423114-wordpress-t2otc.tw1.ru/wp-content/plugins/nwca-ddcanw/pages/region.php?lca#e2b78fbbec8819e24

Effective URL: https://cn423114-wordpress-t2otc.tw1.ru/wp-content/plugins/nwca-ddcanw/pages/region.php?lcaRedirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site is a high‑risk phishing page impersonating Crédit Agricole; do not enter any data.

Risk Factors
URL manipulation (history.pushState/replaceState) used to spoof the address bar
Compromised WordPress site hosting phishing content
Impersonation of Crédit Agricole brand on a newly registered, unranked domain
Google Safe Browsing social engineering detection
Lack of legitimate ranking for a site claiming to be a major bank
Domain age information unavailable

Details

Page Title

Accès à votre caisse régionale - Crédit Agricole

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

finance banking

(83%)

Domain Information

You're looking at domain 'cn423114-wordpress-t2otc.tw1.ru' on the Russian country-code top-level domain (.ru) and includes subdomain 'cn423114-wordpress-t2otc'. The second-level label 'tw1' is 3 characters long containing 0 vowels alongside 2 consonants, plus 1 digit. Word splitting yields two words: tw, 1. Average segment length settles at 1.5 characters. 'tw' is most common in Albanian usage. Taken together, it feels Albanian with character flair.

Screenshot

Security scan screenshot of https://cn423114-wordpress-t2otc.tw1.ru/wp-content/plugins/nwca-ddcanw/pages/region.php?lca#e2b78fbbec8819e24

Page Load Overview

7.31s
Total Load Time
23
HTTP Requests
1
Domains
657 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:13,488 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking83% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
83%
government public service
58%
forum
25%

Detected Features

Search
Comments

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1292.53.96.105Russia
AS9123Jsc timeweb
112a03:6f00:1::5c35:6069St Petersburg, St.-Petersburg, Russia
AS9123Jsc timeweb
232--

Detected Technologies4

X-UA-Compatible
100%
Java
50%
Adobe Experience Manager
30%
jQuery
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13614623190F0053A427FB2C2A2649B126EABD70FC94E56904AA44BE56FF1D317E9F31D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:vaLaiafZy7Suv2LxIiObDauFfIM4poD8Z/AKWXR1hV+RQM/kfK0O2jvotaMMl6v+:V56QFU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:200877:QAqABFQgCKQOAYhggFqgRYhQyBhDECMKgyAYQNQgmAQS6IgIKGFIUgsBmIcFDgAiogYhegioHAEUAA2oQBBAAQIwwQAFUIgg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff0f0f0f0f0f0fff
Perceptual Hash:b1f1c616ce13c4d5
Difference Hash:b89b9b9b9b9a9af0
Wavelet Hash:3e0f0b090f0f0f3f
Color Hash:#2d8646

Other Hashes

Crop Resistant:b89b9b9b9b9a9af0,9c3c3abbf7e78eee,d3d1c4d6c661c0cc,8721818609298b0f

Scan History

Scan history not available

Unable to load historical scan data