ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://gjj.xeog.cf/21600a69-0b39-46f6-8172-c59be2bc2eef

Site favicon
Submitted: Dec 11, 2025, 2:19:22 AMCompleted: Dec 11, 2025, 2:19:58 AMpubliccompleted
Loading additional data...

Summary

This website contacted 37 IPs in 3 countries across 7 domains to perform 10 HTTP transactions. The main domain is .

Submitted URL: https://t.co/kz6k3vLWXB

Effective URL: blob:https://gjj.xeog.cf/21600a69-0b39-46f6-8172-c59be2bc2eefRedirected

The Cisco Umbrella rank of the primary domain is #1,176 of the top 1 million websitesTop 10K Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing login page impersonating CapitalOne; confirmed scam.

Risk Factors
Disguised password fields (type=text with password placeholder)
Unicode evasion technique in form fields
Brand impersonation of CapitalOne on an untrusted domain
Newly registered domain (<7 days) collecting credentials
Redirect to blob URL on suspicious domain
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(27%)

Domain Information

Domain 't.co' uses the Colombian country-code top-level domain (.co) without a subdomain. The core label 't' covers 1 characters containing zero vowels alongside one consonant. Splitting it apart reveals 1 word: t. Average segment length settles at one character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://t.co/kz6k3vLWXB

Page Load Overview

2.66s
Total Load Time
10
HTTP Requests
7
Domains
147 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,565 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking27% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
27%
phishing/scam
20%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
10172.66.0.227United States
AS13335CLOUDFLARENET
063.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
092.122.215.25Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
0162.144.236.138United States
AS46606UNIFIEDLAYER-AS-1
0185.221.216.119London, England, United Kingdom
AS393960HOST4GEEKS-LLC
0142.250.74.202United States
AS15169GOOGLE
035.157.26.135Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
02.20.142.113Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
0216.58.206.74United States
AS15169GOOGLE
1037--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A9436636619341BA9CB3CAC857EB2B463E849887E0C9D12477AC9AD84F838D5D47D3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:s7FSF3FuWFzF+fs8utovnh8utovWX93mXTHarCt1WtXL/plyA7qvE6mw:GQl0WxMTvCvQ+KCt1WtXLRlyA7q86mw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:59348:zYTguJEMTUGBAQB0APQoeDAZknHYlFUgCBtkUaSGXQAB0HxoAJGAtAgpRwsZ0CNAoFAhFGulGJIJSVEhPBqBEwBAyCjoAfNg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fa5bde7c3ffcfff
Perceptual Hash:b3cbcc27639c8931
Difference Hash:e968704c4d2a2c00
Wavelet Hash:7f373c2c0424df00
Color Hash:#9e87c5

Other Hashes

Crop Resistant:e968704c4d2a2c00

Scan History

Scan history not available

Unable to load historical scan data