ScanMalware.com

Security Scan Report: mougin.transit-clients-fr.com

Redirected to: https://www.lemonde.fr/

Submitted: Nov 21, 2025, 5:51:04 AMCompleted: Nov 21, 2025, 5:56:35 AMpubliccompleted
Loading additional data...

Summary

This website contacted 14 IPs in 2 countries across 7 domains to perform 100 HTTP transactions. The main domain is lemonde.fr.

Submitted URL: https://mougin.transit-clients-fr.com/as.php

Effective URL: https://www.lemonde.fr/Redirected

AI Security Verdict

High Risk

Confidence: 85%

7
Risk Score

High‑risk phishing attempt using a fake domain to lure users to Le Monde.

Risk Factors
Brand impersonation on an unranked, suspicious domain
Use of a non‑whitelisted redirect domain to forward to a legitimate brand
Unclear domain age (appears newly registered)
Garbled on‑screen text suggesting deceptive tactics
Domain age information unavailable

Details

Page Title

Le Monde in English – World news, culture and opinion

Scan Type

public

Language

🇫🇷

French

(80% confidence)

Category

corporate business

(52%)

Domain Information

The domain name 'mougin.transit-clients-fr.com' uses the commercial generic top-level domain (.com) with subdomain 'mougin'. The registrable portion 'transit-clients-fr' spans 18 characters split between 4 vowels and 12 consonants, notching two hyphens. Breaking it apart gives 3 words: transit, clients, fr. The median word length lands at seven characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mougin.transit-clients-fr.com/as.php

Page Load Overview

0.69s
Total Load Time
100
HTTP Requests
7
Domains
1.9 MB
Total Size

Language Analysis

Primary Language

🇫🇷French
Code: fr
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:fr
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:fr
Text Length:63,529 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate business52% confidence
Type: static
Method: ml+structural

All Detected Categories

corporate business
52%
news media journalism
42%
adult content
28%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
91146.75.122.217Frankfurt am Main, Hesse, Germany
AS54113FASTLY
7104.21.37.193United States
AS13335CLOUDFLARENET
7104.21.90.149United States
AS13335CLOUDFLARENET
718.245.86.4United States
AS16509AMAZON-02
718.245.86.101United States
AS16509AMAZON-02
72606:4700:3034::ac43:d4acUnited States
AS13335CLOUDFLARENET
72606:4700:3030::6815:5a95United States
AS13335CLOUDFLARENET
718.245.86.111United States
AS16509AMAZON-02
72606:4700:3037::6815:25c1United States
AS13335CLOUDFLARENET
72606:4700:3033::ac43:9dddUnited States
AS13335CLOUDFLARENET
10014--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1ED543A3279942B3A519384EABFE5375896115816C3C64E46FBA7AB9C87CFDC143A330C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:7IB4l49Schlzij5rOUOcfBmRLCuDNDc7Ne/vLh1kBROyCfH6sIiwwGg58VhuvwvE:Q9Schlzfay9l

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:298833:IBCpDSMVQJCmIyZIYAgTIB9CKLUAMoqBAxMweQjAgAbtAIkiJrSYBIBUDhD/BHAAQCsIRGChA0AkYBkHO4AgTwMMgUkEJgA6

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003c3c3c383c1c00
Perceptual Hash:99cb36346536a6c9
Difference Hash:0f7171737329290c
Wavelet Hash:e73c3c3c3c3c3e02
Color Hash:#c5bb87

Other Hashes

Crop Resistant:622a8a2ab2a2332f,0f7171737329290c

Scan History

Scan history not available

Unable to load historical scan data