ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://halsavita.com/d5a49207-d746-43ef-af76-82d38f9f35f3

Site favicon
Submitted: Dec 30, 2025, 2:24:37 PMCompleted: Dec 30, 2025, 2:25:55 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main domain is .

Submitted URL: https://t.co/gpumFhDu4o

Effective URL: blob:https://halsavita.com/d5a49207-d746-43ef-af76-82d38f9f35f3Redirected

The Cisco Umbrella rank of the primary domain is #1,176 of the top 1 million websitesTop 10K Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Site is a confirmed phishing scam harvesting credentials via a compromised WordPress login page.

Risk Factors
Compromised WordPress site used for phishing
Disguised password fields (type='text' with password placeholders)
Hidden password fields collecting credentials
Unicode evasion technique in form fields
Login form on a domain with unknown/very recent registration
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(63%)

Domain Information

You're looking at domain 't.co' on the Colombian country-code top-level domain (.co). The second-level label 't' is 1 characters long with zero vowels and 1 consonant. It segments into one word: t. The median word length lands at 1 character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://t.co/gpumFhDu4o

Page Load Overview

2.62s
Total Load Time
8
HTTP Requests
5
Domains
82 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,982 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking63% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
63%
documentation technical
47%
adult content
47%
social media network
43%
corporate business
43%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1108.179.234.88United States
AS19871NETWORK-SOLUTIONS-HOSTING
123.36.162.212Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
123.50.131.136Germany
AS13335
123.50.131.150Unknown
AS8473
194.254.38.20Lund, Skåne County, Sweden
AS8473Bahnhof AB
1151.101.194.137United States
AS54113FASTLY
1151.101.66.137UnknownUnknown
1162.159.140.229United States
AS13335CLOUDFLARENET
88--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T142E34C36619304BAA9A385885BEB2B4A3E545847D0CAD13477ACB7D80FC38D5D4BE3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:ZQlISjLbAqFbohxb1Ma39lGbocwruWNOTAH/:ZQlISjLbn4xKnb4/

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:144421:B64QCF4igFDTQdB6hQEhFgwgAoFQxYEEEIeBUywlASEgsdHhoBCAjIBU8HMISgSAwCmALBSSAAJcpQQ8BEChIpOg1Q6CAqwJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data