ScanMalware.com

Security Scan Report: offre-carte-avantage-connect.info

Redirected to: https://offre-carte-avantage-connect.info/as.php

Submitted: Nov 5, 2025, 7:54:17 PMCompleted: Nov 5, 2025, 7:56:06 PMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main domain is offre-carte-avantage-connect.info and was registered NaN years ago.

Submitted URL: https://offre-carte-avantage-connect.info/

Effective URL: https://offre-carte-avantage-connect.info/as.phpRedirected

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

High‑risk phishing page impersonating SNCF Connect on a brand‑new domain

Risk Factors
Brand impersonation of SNCF Connect
Critical‑age domain (<7 days)
Unranked, low‑reputation domain
Human verification form that could be used for credential harvesting
Domain age information unavailable

Details

Page Title

offre-carte-avantage-connect.info

Scan Type

public

Language

🇫🇷

French

(54% confidence)

Category

suspicious phishing

(26%)

Domain Information

The domain 'offre-carte-avantage-connect.info' uses the informational generic top-level domain (.info) with no subdomain. The second-level label 'offre-carte-avantage-connect' is 28 characters long split between 10 vowels and 15 consonants, plus three hyphens. It segments into 6 words: off, re, carte, a, vantage, connect. The median word length lands at 4 characters. 'off' most often appears in Hungarian. You will also see it in Portuguese and Galician contexts. Net impression: Hungarian phrase with character flair.

Screenshot

Security scan screenshot of https://offre-carte-avantage-connect.info/

Page Load Overview

76.02s
Total Load Time
7
HTTP Requests
3
Domains
89 KB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:54%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:54%
Script Type:Latin
Text Length:254 chars
Detector Agreement:100%

Website Classification

Primary Category

suspicious phishing26% confidence
Type: static
Method: ml+structural

All Detected Categories

suspicious phishing
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7151.101.2.137San Francisco, California, United States
AS54113FASTLY
0142.250.185.202United States
AS15169GOOGLE
0102.135.91.226SeychellesUnknown
02a04:4e42::649United States
AS54113FASTLY
0151.101.130.137San Francisco, California, United States
AS54113FASTLY
0151.101.66.137San Francisco, California, United States
AS54113FASTLY
02a04:4e42:600::649United States
AS54113FASTLY
02a00:1450:4001:82f::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
02a04:4e42:400::649United States
AS54113FASTLY
02a04:4e42:200::649United States
AS54113FASTLY
711--

Detected Technologies2

JQueryv3.6.4
100%
jQuery CDN
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T160048F77329A063D86558498E057430D9F20B143B50AC9BC7ABCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:qfQho9PKBb9JsE9RHCbZgRjFtSBaw9QWgceIszc2bMy8OldM:xhoC9J395CbZgLtSL3gcrsI2eA6

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:183659:SAsYzBMGCI5pGKBSCYaIJIgQAeKvZAAAjKKACQgEkdCkEUzMOXRxCBCUUiEwQgAYBACIkMZMkJA+sNQlnQAc43BAoRAMeUkI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc3c7ffffffff
Perceptual Hash:b131cccccc673333
Difference Hash:00180c1400000000
Wavelet Hash:3f1f030f00000000
Color Hash:#931f6d

Other Hashes

Crop Resistant:00180c1400000000

Scan History

Scan history not available

Unable to load historical scan data