ScanMalware.com

Security Scan Report: t.co

Redirected to:
blob:https://l4.olwxes.today/07973860-6a98-460c-ba75-a4ac5e4495f0
Site favicon
Submitted: Oct 25, 2025, 10:57:00 PMCompleted: Oct 25, 2025, 10:58:03 PMpubliccompleted
Loading additional data...

Summary

This website contacted 14 IPs in 2 countries across 6 domains to perform 9 HTTP transactions. The main domain is .

Submitted URL: https://t.co/iD16mkJmAB

Effective URL: blob:https://l4.olwxes.today/07973860-6a98-460c-ba75-a4ac5e4495f0Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

High‑risk phishing site impersonating Capital One; confirmed scam.

Risk Factors
Brand impersonation on an unranked, likely brand‑new domain
Disguised password fields (type='text' with password placeholders)
Hidden password fields in the page source
Unicode character mixing for evasion
Multiple sequential verification steps collecting passwords and personal data
Use of a blob: URL as the final destination
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(79%)

Domain Information

The domain name 't.co' uses the Colombian country-code top-level domain (.co) while skipping any subdomain. The second-level label 't' is 1 characters long holding 0 vowels versus one consonant. Segmentation suggests one word: t. 't' most often appears in Chinese (Zhuyin). It also appears in Catalan and Albanian contexts.

Screenshot

Security scan screenshot of https://t.co/iD16mkJmAB

Page Load Overview

25.67s
Total Load Time
9
HTTP Requests
6
Domains
377 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,870 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking79% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
79%
documentation technical
53%
adult content
52%
corporate business
50%
technology software
44%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
992.123.104.48Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
092.123.104.28Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
0172.93.121.27Los Angeles, California, United States
AS393960HOST4GEEKS-LLC
0172.66.0.227United States
AS13335CLOUDFLARENET
092.123.104.58Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
0151.101.66.137San Francisco, California, United States
AS54113FASTLY
02a04:4e42:600::649United States
AS54113FASTLY
02a04:4e42:400::649United States
AS54113FASTLY
092.123.104.40Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
914--

Detected Technologies4

PasswordField
100%
HSTS
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10CE34C36619304BAA9A385885BEB2B4A3E545847D0CAD13477ACB7D80FC38D5D47E3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:1QlISjLbAqFbohxb1Mr39lGbocwruWNOTAH0:1QlISjLbn4xKeb40

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:144251:aiKTQIqJhRAADMmfjKgQgAQESAAiUoABRxIMIwfEGWAQQgQmRQKCUdcEpCeo+gGSBAKYFI6Ag0RGJoWQFwsgABkWOxFZJQAJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data