ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://yoman168.net/26abc264-bcbd-4ee3-8e45-0a6bf93c28a2

Site favicon
Submitted: Nov 13, 2025, 1:24:21 AMCompleted: Nov 13, 2025, 1:24:50 AMpubliccompleted
Loading additional data...

Summary

This website contacted 28 IPs in 6 countries across 11 domains to perform 16 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://t.co/Nx7AaSF6uj

Effective URL: blob:https://yoman168.net/26abc264-bcbd-4ee3-8e45-0a6bf93c28a2Redirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing site impersonating American Express; high risk, do not enter credentials.

Risk Factors
Credential harvesting form on an untrusted domain
Disguised password fields (type='text' with password placeholder)
Unicode characters used to obscure field labels
Brand impersonation on a domain not associated with the brand
Use of a blob: URL as final destination
Domain age information unavailable

Details

Page Title

Log in to My Account | American Express US

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(30%)

Domain Information

Within the Colombian country-code top-level domain (.co), 't.co' is registered. Count 1 characters in 't' containing zero vowels alongside 1 consonant. Segmentation suggests 1 word: t. Expect one character per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://t.co/Nx7AaSF6uj

Page Load Overview

5.00s
Total Load Time
16
HTTP Requests
11
Domains
270 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,997 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking30% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
30%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1623.227.39.200Ottawa, Ontario, Canada
AS13335CLOUDFLARENET
0142.250.181.234United States
AS15169GOOGLE
0162.159.140.229United States
AS13335CLOUDFLARENET
0151.101.2.137San Francisco, California, United States
AS54113FASTLY
063.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
02.57.222.35Tallinn, Harjumaa, Estonia
AS207568Teleone OU
0154.205.158.24Jakarta, Jakarta, Indonesia
AS138915Kaopu Cloud HK Limited
0151.101.66.137San Francisco, California, United States
AS54113FASTLY
023.222.65.83Amsterdam, North Holland, Netherlands
AS16625AKAMAI-AS
0184.24.19.223Amsterdam, North Holland, Netherlands
AS16625AKAMAI-AS
1628--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1CB042A1715A655251C6F2CEA4FE73E4D7A94F483C802C650F4ED8ACCAF97B81899A3CC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:fdTO/YGu3iIob0mTbYkIOHLS0nRV+U1Y2AzEbtVcDrM3ZLhNS2kEO5Qw7qUr49iq:fdTOlGA0mTlLSiRV+cY3wbTuMQ5mwW9t

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:186557:coWGKLF4JwAyIAgJOgCyAQQtNDWciZiaDsrEogJ85wEMDk4CsAASQEISDJQECBAEDeTHBoyVDOAIHHkykVoARIAQEjQgJAkI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fd32324648baffff
Perceptual Hash:e464cb9b9b92c664
Difference Hash:596666949a661515
Wavelet Hash:bd3030300838ffff
Color Hash:#c587bd

Other Hashes

Crop Resistant:596666949a661515,b68cc181ae2ede2e

Scan History

Scan history not available

Unable to load historical scan data