ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://forsalebyowner6.com/99f6347c-0e12-494f-afd9-ceb571b7eeb7

Submitted: Oct 10, 2025, 8:12:14 AMCompleted: Oct 10, 2025, 8:13:22 AMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main domain is .

Submitted URL: https://t.co/nDJJKGMlyJ

Effective URL: blob:https://forsalebyowner6.com/99f6347c-0e12-494f-afd9-ceb571b7eeb7Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed phishing scam impersonating Capital One; do not enter any credentials.

Risk Factors
Brand impersonation on unranked, newly‑registered domain
Blob URL usage to hide real content source
Disguised password fields (text inputs masquerading as passwords)
Unicode evasion in form fields
Multiple credential‑harvesting forms (username/password, OTP, security questions, etc.)
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(79%)

Domain Information

The domain 't.co' uses the Colombian country-code top-level domain (.co) while skipping any subdomain. Its registrable label 't' stretches across 1 characters holding 0 vowels versus 1 consonant. Splitting it apart reveals 1 word: t. Median word length is 1 character. 't' most often appears in Chinese (Zhuyin). Usage also turns up in Catalan and Albanian contexts. Overall, 't.co' reads as Chinese (Zhuyin) with single-word simplicity.

Screenshot

Security scan screenshot of https://t.co/nDJJKGMlyJ

Page Load Overview

37.06s
Total Load Time
13
HTTP Requests
6
Domains
47 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,870 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking79% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
79%
documentation technical
53%
adult content
52%
corporate business
50%
technology software
44%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1363.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0172.66.0.227United States
AS13335CLOUDFLARENET
035.157.26.135Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
067.20.76.247United States
AS46606UNIFIEDLAYER-AS-1
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
0216.250.119.246United States
AS8560IONOS SE
02a04:4e42::649United States
AS54113FASTLY
0151.101.130.137San Francisco, California, United States
AS54113FASTLY
02a05:d014:58f:6200::259Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0162.159.140.229United States
AS13335CLOUDFLARENET
1316--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FF63433561E301BAA8B389D857EB2B463E849887D0C9D12477AC9BD84F838D5D47D3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:0Ql0WSjLNMFv9vteVCrXWtcLRlyA7q86mLTlyA7KWtm:0QlfSjLNAVVe5

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:67514:B4EYLSDgCF4IQSqbAdUAQMAGQCWpRFWaARgypsRkweItYIFAI1kZABACalAogJSsyFOAAOZIdodCM1JAyiG4AMJVIgOqEIKA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fa5bde7c3ffcfff
Perceptual Hash:b38f8c27239d89b1
Difference Hash:e869704c4d2a2c00
Wavelet Hash:7f343c2c0424df0d
Color Hash:#78663a

Other Hashes

Crop Resistant:e869704c4d2a2c00

Scan History

Scan history not available

Unable to load historical scan data