ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://establishment.hpmfdc.in/aa455d3b-0a73-419a-8a70-e5e74d708d19

Site favicon
Submitted: Oct 11, 2025, 4:33:09 PMCompleted: Oct 11, 2025, 4:33:54 PMpubliccompleted
Loading additional data...

Summary

This website contacted 27 IPs in 4 countries across 11 domains to perform 16 HTTP transactions. The main domain is .

Submitted URL: https://t.co/DF6Ouzor3N

Effective URL: blob:https://establishment.hpmfdc.in/aa455d3b-0a73-419a-8a70-e5e74d708d19Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Phishing page impersonating American Express; confirmed scam.

Risk Factors
Brand impersonation on an untrusted domain
Blob URL scheme evading detection
Disguised password fields (type=text with password placeholder)
Unicode evasion in form fields
New/unranked domain with high‑risk reputation
Domain age information unavailable

Details

Page Title

Log in to My Account | American Express US

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(30%)

Domain Information

The domain name 't.co' uses the Colombian country-code top-level domain (.co) with no subdomain. Count 1 characters in 't' split between 0 vowels and 1 consonant. Segmentation suggests one word: t. Expect one character per word on average. 't' is most common in Chinese (Zhuyin) usage. It also appears in Catalan and Albanian contexts.

Screenshot

Security scan screenshot of https://t.co/DF6Ouzor3N

Page Load Overview

15.33s
Total Load Time
16
HTTP Requests
11
Domains
440 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,997 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking30% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
30%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16142.250.184.234United States
AS15169GOOGLE
023.227.60.200Canada
AS13335CLOUDFLARENET
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
063.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
023.197.140.100Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
0108.167.188.45United States
AS19871NETWORK-SOLUTIONS-HOSTING
0162.159.140.229United States
AS13335CLOUDFLARENET
0104.17.25.14United States
AS13335CLOUDFLARENET
023.45.100.32Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
0198.38.84.115Navi Mumbai, Maharashtra, India
AS199404WHG Hosting Services Ltd
1627--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C5042A1715A655251C6F2CEA4FE73E4D7A94F483C802C650F4ED8ACCAF97B81899A3CC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:fdTO/YGu3iIob0mTbYkIOHLS0nRV+U1Y2AzEbtVcDrM3ZLhNS2kEO5Qw7qUrepi6:fdTOlGA0mTlLSiRV+cY3wbTuMQ5mwW7P

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:186531:gWuMABoZMQXSQhuKkHrY8uKaFBByICAjS4hQlQkQQMzkiCBChimd3aYgErDAEQCwEI5AVBAMkEadAAG0UuIKhIESBCH1IITF

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fd32324648baffff
Perceptual Hash:e464cb9b9b92c664
Difference Hash:596666949a661515
Wavelet Hash:bd3030300838ffff
Color Hash:#78663a

Other Hashes

Crop Resistant:596666949a661515,b68cc181ae2ede2e

Scan History

Scan history not available

Unable to load historical scan data