ScanMalware.com

Security Scan Report: qrco.de

Site favicon
Submitted: Nov 5, 2025, 6:40:32 PMCompleted: Nov 5, 2025, 6:41:16 PMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 3 countries across 4 domains to perform 14 HTTP transactions. The main domain is qrco.de and was registered NaN years ago.

Submitted URL: https://qrco.de/bgQgxR

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed phishing scam impersonating BT on a newly registered unranked domain.

Risk Factors
Brand impersonation on a newly registered, unranked domain
Very new domain (<30 days) with brand claim
Unranked domain lacking reputation
Absence of legitimate brand verification in final URL
Domain age information unavailable

Details

Page Title

App Page

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

other

(67%)

Domain Information

The domain 'qrco.de' uses the German country-code top-level domain (.de). The core label 'qrco' covers 4 characters containing one vowel alongside three consonants. Word splitting yields two words: qr, co. Median word length is two characters. 'co' most strongly signals Czech. You will also see it in Polish and Galician contexts. Taken together, it feels Czech.

Screenshot

Security scan screenshot of https://qrco.de/bgQgxR

Page Load Overview

13.70s
Total Load Time
14
HTTP Requests
4
Domains
126 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:341 chars
Detector Agreement:100%

Website Classification

Primary Category

other67% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

other
67%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
143.174.46.27United States
AS16509AMAZON-02
0142.250.185.227United States
AS15169GOOGLE
03.174.46.87United States
AS16509AMAZON-02
03.174.46.58United States
AS16509AMAZON-02
0142.250.181.234United States
AS15169GOOGLE
052.218.90.96Dublin, Leinster, Ireland
AS16509AMAZON-02
03.174.46.6United States
AS16509AMAZON-02
052.92.32.226Dublin, Leinster, Ireland
AS16509AMAZON-02
03.5.72.33Dublin, Leinster, Ireland
AS16509AMAZON-02
052.92.33.138Dublin, Leinster, Ireland
AS16509AMAZON-02
1416--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T18603B434B9F311330123647D6BAF9508BB74650B920A9B007EAC17E85FD0D7596AFABC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:K+d+qaYTbkeOFH7v7VgCEhunoDvTgQRzibh/teMhmJagEK6JDYXpg:KpgweOFbTVghA8gQRwKEzJUXpg

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:41246:Bbo6TC+CIZCEEA0uIUkBAIAVTE+jYQoFrojNoZaijYAC5DBCwQAtVVKABlAEYIIQIkEAaOKLJspUJBh6DAIAAwEY1EKIIwAA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffffe7e7ffffff
Perceptual Hash:e662996266d99966
Difference Hash:0c08000c0d000800
Wavelet Hash:81e3202424240c0c
Color Hash:#c5c187

Other Hashes

Crop Resistant:0c08000c0d000800

Scan History

Scan history not available

Unable to load historical scan data