ScanMalware.com

Security Scan Report: r.brevo.etailment.de

Redirected to:
https://x.com/i/flow/login?redirect_after_login=%2Fintent%2Ftweet%3Fur...
Submitted: Apr 28, 2026, 5:26:42 AMCompleted: Apr 28, 2026, 5:27:56 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 3 HTTP transactions. The main domain is x.com and was registered NaN years ago.

Submitted URL: https://r.brevo.etailment.de/mk/cl/f/sh/7nVU1aA2ng7flknlNz0ivWXNu5r2ZZG/SapB2-g26_XR

Effective URL: https://x.com/i/flow/login?redirect_after_login=%2Fintent%2Ftweet%3Furl%3Dhttps%3A%2F%2Ftwitter.com%2FetailmentRedirected

AI Security Verdict

Moderate Risk

Confidence: 82%

5
Risk Score

The page impersonates X (Twitter) using mismatched, unranked domain and redirects to a login page, posing a high‑risk phishing threat.

Risk Factors
Brand impersonation via meta tags
Domain mismatch with major brand
Unranked / low‑reputation domain
Redirect to brand login page
Highly obfuscated JavaScript
Safety Factors
No credential or payment forms present
No malicious Indicators of Compromise detected
No JavaScript malware YARA matches
No network IDS alerts
Domain age is very old (over 30 years)
Established domain (12079 days old) with no strong malicious indicators — risk clamped from 8 to 5
Domain age information unavailable

Details

Page Title

X. It’s what’s happening / X

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(51%)

Domain Information

The domain 'r.brevo.etailment.de' uses the German country-code top-level domain (.de) and includes subdomain 'r.brevo'. Count 9 characters in 'etailment' split between four vowels and 5 consonants. Tokenizing the label suggests 2 words: et, ailment. Median word length comes out to 4.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://r.brevo.etailment.de/mk/cl/f/sh/7nVU1aA2ng7flknlNz0ivWXNu5r2ZZG/SapB2-g26_XR

Page Load Overview

4.53s
Total Load Time
85
HTTP Requests
9
Domains
2.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,312 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software51% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
51%
corporate business
26%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
17172.246.243.65Paris, Île-de-France, France
AS200484Sendinblue SAS
17162.159.140.229United States
AS13335Cloudflare, Inc.
17141.101.90.106United States
AS13335Cloudflare, Inc.
17172.64.148.197United States
AS13335Cloudflare, Inc.
17172.66.0.227United States
AS13335Cloudflare, Inc.
855--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FB448502BD0464FB51D5D20ABB657E572224CE7A35018FE366B4E6EC7C9DEAC1203DE2

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:UZfpa+T4Lgg6sY9StD/4ika6H4ka6R8FHqbJz8:yfpa+T40g6B6T4ika6Yka6R8NqVz8

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:255623:N1TqEBHAoAVoxAAQpqCECVglEAMJkvARGUwBNQQgoEAIYCpBHAYQY1RQJeAAlaCoGQCJXN4CBUAA0CAikgEL8JkFKgZBKROQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0101011919010101
Perceptual Hash:aa267399cc267399
Difference Hash:0101011111010101
Wavelet Hash:0303031b1b030f0f
Color Hash:#5359ac

Other Hashes

Crop Resistant:1e5050505050501e,0101011111010101

Scan History

Scan history not available

Unable to load historical scan data