ScanMalware.com

Security Scan Report: bnppnordicopen.ticketco.events

Redirected to: https://bnppnordicopen.ticketco.shop/

Site favicon
Submitted: Dec 4, 2025, 7:11:24 PMCompleted: Dec 4, 2025, 7:12:27 PMpubliccompleted
Loading additional data...

Summary

This website contacted 30 IPs in 2 countries across 7 domains to perform 34 HTTP transactions. The main domain is bnppnordicopen.ticketco.shop.

Submitted URL: https://bnppnordicopen.ticketco.events/

Effective URL: https://bnppnordicopen.ticketco.shop/Redirected

The Cisco Umbrella rank of the primary domain is #672,956 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed phishing site impersonating BNP Paribas Nordic Open

Risk Factors
Brand impersonation on a newly registered, low‑ranking domain
Domain age < 90 days while claiming a major financial brand
Use of .shop TLD for a financial event site
Low Cisco Umbrella ranking for a brand that should be top‑10k
Domain age information unavailable

Details

Page Title

Home - BNP Paribas Nordic Open

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'bnppnordicopen.ticketco.events' uses the .events top-level domain, featuring subdomain 'bnppnordicopen'. Its registrable label 'ticketco' stretches across 8 characters split between 3 vowels and five consonants. Splitting it apart reveals 2 words: ticket, co. Median word length is 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bnppnordicopen.ticketco.events/

Page Load Overview

0.91s
Total Load Time
34
HTTP Requests
7
Domains
275 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:699 chars
Detector Agreement:80%

Website Classification

Primary Category

unknown0% confidence
Type: dynamic
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2313.226.244.119United States
AS16509AMAZON-02
552.208.137.155Dublin, Leinster, Ireland
AS16509AMAZON-02
43.5.67.205Dublin, Leinster, Ireland
AS16509AMAZON-02
23.174.46.101United States
AS16509AMAZON-02
218.66.122.43United States
AS16509AMAZON-02
13.174.46.24United States
AS16509AMAZON-02
1108.138.26.114United States
AS16509AMAZON-02
113.226.244.28United States
AS16509AMAZON-02
13.5.69.61Dublin, Leinster, Ireland
AS16509AMAZON-02
152.92.32.18Dublin, Leinster, Ireland
AS16509AMAZON-02
3430--

Detected Technologies3

Amazon Web Services
50%
Ubuntu
40%
Amazon CloudFront
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A8720961D124B03B2573A6DCFFB2BF1D302A465BDF94C6A375AE41F486A2852DDB3018

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:PiUhtXtW6dCibzPzq1RU0zcMpqWQdtW6dCibz0EbsYz:PikB4i0zcMpQ

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:16293:BCGE4CYhEMAg0yCoZ3mTAEdESpgkAa2TQFA6oERIcIJYYkBJCAgAXABVJgAGCiVhIMQJak0AKQlgCsDtAiiQQafhWEvjLUaG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0018183c00c0c0c0
Perceptual Hash:f88778f007f2f803
Difference Hash:1030326928061410
Wavelet Hash:bfbf3f3f00c0c0c0
Color Hash:#64d22d

Other Hashes

Crop Resistant:b29a2aa07373338e,1030326928061410,4d32324d49b2b210

Scan History

Scan history not available

Unable to load historical scan data