ScanMalware.com

Security Scan Report: ecp.yusercontent.com

Submitted: Oct 30, 2025, 9:09:53 PMCompleted: Oct 30, 2025, 9:11:15 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 1 domain to perform 3 HTTP transactions. The main domain is ecp.yusercontent.com.

Submitted URL: https://ecp.yusercontent.com/mail?url=https%3A%2F%2Fcdaas-dev.americanexpress.com%2Fakamai%2Faxp%2Fcomms%2Ficons%2Fhl-info-icon1.png

AI Security Verdict

High Risk

Confidence: 92%

10
Risk Score

High‑risk phishing page using URL manipulation; do not trust or interact.

Risk Factors
URL manipulation (history.pushState/replaceState) used to spoof the address bar
Unranked domain with unknown registration date
Content loads from chrome-error://chromewebdata/ instead of the displayed URL
Domain age information unavailable

Details

Page Title

ecp.yusercontent.com

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(72%)

Domain Information

The domain 'ecp.yusercontent.com' uses the commercial generic top-level domain (.com) with subdomain 'ecp'. The second-level label 'yusercontent' is 12 characters long with four vowels and 8 consonants. It segments into three words: y, user, content. Median word length is four characters. The linguistic tilt is Spanish for 'y'. It also appears in French and Chinese (Zhuyin) contexts. Net impression: Spanish phrase.

Screenshot

Security scan screenshot of https://ecp.yusercontent.com/mail?url=https%3A%2F%2Fcdaas-dev.americanexpress.com%2Fakamai%2Faxp%2Fcomms%2Ficons%2Fhl-info-icon1.png

Page Load Overview

25.84s
Total Load Time
3
HTTP Requests
1
Domains
13 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:526 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software72% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
72%
cryptocurrency blockchain
70%
news media journalism
65%
government public service
65%
adult content
64%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
387.248.114.16London, England, United Kingdom
AS43428Yahoo-UK Limited
087.248.116.217Amsterdam, North Holland, Netherlands
AS203219Yahoo-UK Limited
087.248.114.15London, England, United Kingdom
AS43428Yahoo-UK Limited
087.248.116.76Amsterdam, North Holland, Netherlands
AS203219Yahoo-UK Limited
02a00:1288:84:801::4000United Kingdom
AS203219Yahoo-UK Limited
02a00:1288:84:802::4000United Kingdom
AS203219Yahoo-UK Limited
02a00:1288:7c:800::6001United Kingdom
AS43428Yahoo-UK Limited
02a00:1288:7c:800::6000United Kingdom
AS43428Yahoo-UK Limited
38--

Detected Technologies1

HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T197048F77329A063D96458498E057430D9F20B143B50AC9BC7ABCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:BfQho9PKBb9JsE9RHCbZgRjFtSBaw9QWgceIszo2bMy8OldH:mhoC9J395CbZgLtSL3gcrsE2eAR

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:183887:c2BUQKuOAiDGl4QA5BoEEcrgIdhBApBCAgEA6YgLhAlEYhYFEOkBLLQag4kqCzpUQAAQDAWsoO5BqIQWHYxBjA8hKEBlCCKE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc3c3ffffffff
Perceptual Hash:b333cccccc333323
Difference Hash:00100c1c00000000
Wavelet Hash:3f1f03030f0f0f0f
Color Hash:#4048bf

Other Hashes

Crop Resistant:00100c1c00000000

Scan History

Scan history not available

Unable to load historical scan data