ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://pub-00af7a36cce44ef6a3d27bd2424408a4.r2.dev/64fb11f2-4eaa-46b5-aaae-fb9e707cfdc2#

Submitted: Jan 22, 2026, 3:37:16 PMCompleted: Jan 22, 2026, 3:37:56 PMpubliccompleted
Loading additional data...

Summary

This website contacted 10 IPs in 4 countries across 11 domains to perform 18 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://t.co/j9kEhy0TTN

Effective URL: blob:https://pub-00af7a36cce44ef6a3d27bd2424408a4.r2.dev/64fb11f2-4eaa-46b5-aaae-fb9e707cfdc2#Redirected

The Cisco Umbrella rank of the primary domain is #1,176 of the top 1 million websitesTop 10K Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed phishing scam: fake American Express login hosted via blob URL on cloud storage.

Risk Factors
Use of blob: URL scheme to serve credential‑harvesting page
Obfuscated password fields that appear as regular text inputs
Credential collection on a cloud storage domain
Impersonation of American Express on a non‑official domain
Presence of WordPress system paths indicating a compromised site
Domain age information unavailable

Details

Page Title

Log in to My Account | American Express US

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(30%)

Domain Information

The domain 't.co' uses the Colombian country-code top-level domain (.co) with no subdomain. Its registrable label 't' stretches across 1 characters with zero vowels and one consonant. Splitting it apart reveals 1 word: t. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://t.co/j9kEhy0TTN

Page Load Overview

2.66s
Total Load Time
18
HTTP Requests
11
Domains
471 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,997 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking30% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
30%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
963.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
1151.101.130.137United States
AS54113FASTLY
1162.159.140.229United States
AS13335CLOUDFLARENET
123.52.181.182Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
1104.17.24.14United States
AS13335CLOUDFLARENET
1172.217.18.10United States
AS15169GOOGLE
1101.200.56.102Beijing, Beijing, China
AS37963Hangzhou Alibaba Advertising Co.,Ltd.
123.227.39.200Ottawa, Ontario, Canada
AS13335CLOUDFLARENET
123.197.140.100Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
1104.18.54.45United States
AS13335CLOUDFLARENET
1810--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T146042A1715A655251C6F2CEA4FE73E4D7A94F483C802C650F4ED8ACCAF97B81899A3CC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:DdTO/YGu3iIob0mTbYkIOHLS0nRV+U1Y2AzEbtVcDrM3ZLhNS2kEO5Qw7qUreHiq:DdTOlGA0mTlLSiRV+cY3wbTuMQ5mwW7f

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:186604:kEkQCA8IiCTwAF2s2RKWlAgIJJAOWHLdpxggoZSAICBGwCoBgwA2ABVvYgwYkrCEkSQSgCEBFCiDIBDTAAAJ4AG6WKcvJSkZ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:bd32324648baffff
Perceptual Hash:e464cb9b9b92c664
Difference Hash:796666949a669595
Wavelet Hash:bd3030300838ffff
Color Hash:#862d34

Other Hashes

Crop Resistant:796666949a669595,b68cc181ae2ede2e

Scan History

Scan history not available

Unable to load historical scan data