ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://pepperjuan.ph/73833dfb-10b7-4350-bac4-2f4e937a38af

Submitted: Oct 12, 2025, 11:37:09 AMCompleted: Oct 12, 2025, 11:40:02 AMpubliccompleted
Loading additional data...

Summary

This website contacted 27 IPs in 3 countries across 11 domains to perform 16 HTTP transactions. The main domain is .

Submitted URL: https://t.co/4CreQEWFLe

Effective URL: blob:https://pepperjuan.ph/73833dfb-10b7-4350-bac4-2f4e937a38afRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Phishing page masquerading as American Express; high‑risk, confirmed scam.

Risk Factors
Brand impersonation on an unranked, likely newly registered domain
Credential harvesting forms with password fields
Disguised password fields (type='text' with password placeholder)
Unicode evasion in form inputs
Suspicious redirect chain ending in a blob URL
Domain age information unavailable

Details

Page Title

Log in to My Account | American Express US

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(30%)

Domain Information

The domain 't.co' uses the Colombian country-code top-level domain (.co) and has no subdomain. The core label 't' covers 1 characters split between zero vowels and 1 consonant. Splitting it apart reveals 1 word: t. The median word length lands at 1 character. 't' most often appears in Chinese (Zhuyin). You may catch it in Catalan and Albanian as well. Overall, 't.co' reads as Chinese (Zhuyin) with single-word simplicity.

Screenshot

Security scan screenshot of https://t.co/4CreQEWFLe

Page Load Overview

2.65s
Total Load Time
16
HTTP Requests
11
Domains
440 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,997 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking30% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
30%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16151.101.194.137San Francisco, California, United States
AS54113FASTLY
323.45.100.32Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
3151.101.130.137San Francisco, California, United States
AS54113FASTLY
263.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
150.116.112.97United States
AS19871NETWORK-SOLUTIONS-HOSTING
1142.250.186.106United States
AS15169GOOGLE
1104.17.24.14United States
AS13335CLOUDFLARENET
123.227.60.200Canada
AS13335CLOUDFLARENET
1162.159.140.229United States
AS13335CLOUDFLARENET
123.197.140.100Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
1627--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T18F042A1715A655251C6F2CEA4FE73E4D7A94F483C802C650F4ED8ACCAF97B81899A3CC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:fdTO/YGu3iIob0mTbYkIOHLS0nRV+U1Y2AzEbtVcDrM3ZLhNS2kEO5Qw7qUreEiq:fdTOlGA0mTlLSiRV+cY3wbTuMQ5mwW72

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:186551:DEEEWQHAcYSRICAyNJfsBoQAEqBBiAox8JhEAI9dKgjlGwwDj8IBECgRIodBQgFCgghBQwZTRgiASJIGAsMAIQHAZGgmmA0K

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fd32324648baffff
Perceptual Hash:e464cb9b9b92c664
Difference Hash:596666949a661515
Wavelet Hash:bd3030300838ffff
Color Hash:#3b783a

Other Hashes

Crop Resistant:596666949a661515,b68cc181ae2ede2e

Scan History

Scan history not available

Unable to load historical scan data