ScanMalware.com

Security Scan Report: bit.ly

Redirected to: https://www.emailmeform.com/builder/form/WnUFuL9aKbzc6t9

Submitted: Apr 1, 2026, 8:02:48 PMCompleted: Apr 1, 2026, 8:04:27 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 1 country across 8 domains to perform 11 HTTP transactions. The main domain is emailmeform.com and was registered NaN years ago.

Submitted URL: https://bit.ly/securemethod

Effective URL: https://www.emailmeform.com/builder/form/WnUFuL9aKbzc6t9Redirected

The Cisco Umbrella rank of the primary domain is #7,359 of the top 1 million websitesTop 10K Site

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

Impersonates AT&T to collect payment data on a third‑party form builder – high‑risk phishing.

Risk Factors
Brand impersonation (AT&T) on a third‑party form service
Payment collection for AT&T on an unrelated domain
Highly obfuscated JavaScript with multiple eval() calls
High‑severity IDS alert indicating unsafe Referrer‑Policy
Domain age information unavailable

Details

Page Title

EmailMe Form - Secure Payment Capture Form (AT&T Order)

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(69%)

Domain Information

Within the Libyan country-code top-level domain (.ly), 'bit.ly' is registered while skipping any subdomain. Its registrable label 'bit' stretches across 3 characters with 1 vowel and 2 consonants. Tokenizing the label suggests 1 word: bit. Average segment length settles at 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bit.ly/securemethod

Page Load Overview

1.30s
Total Load Time
11
HTTP Requests
8
Domains
261 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:96 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking69% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
69%
technology software
40%
documentation technical
39%
healthcare medical
38%
government public service
34%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
367.199.248.10United States
AS396982Google LLC
2142.251.20.97United States
AS15169Google LLC
2104.17.231.29United States
AS13335Cloudflare, Inc.
2104.17.230.29United States
AS13335Cloudflare, Inc.
2172.217.168.74United States
AS15169Google LLC
115--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10A51216F4D4BC96653714AC7F17BF628D042E11E9A41CCC4B9EC45A82FA4F9B8811BAC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24:hv+zVl3xzSspxw2RKLJxJt8dSNVvPdKDt20dqTlovPt8dUINVvPdAt20dqTDPoH6:d+zpvROJsEVKDt2aFk/VAt2amvmH6x8U

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2460:GBEAAAAwAAIAAAAQAAAAAiJAIFAkAEAYAogAQAAAAAYACAAIgEAEAABMABAACAcQAAAAQAIAKCAACAQAQQwAAAAAoAAAAQBA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:c3c3ffffffffffff
Perceptual Hash:e666666626999999
Difference Hash:0c0c000000000000
Wavelet Hash:03030f0ff0f0f0f0
Color Hash:#4c1f93

Other Hashes

Crop Resistant:0c0c000000000000

Scan History

Scan history not available

Unable to load historical scan data