ScanMalware.com

Security Scan Report: t.co

Redirected to: blob:https://forsalebyowner6.com/c0bbf13c-1a69-4bf0-bb44-70f27362055f

Submitted: Oct 10, 2025, 8:07:33 AMCompleted: Oct 10, 2025, 8:09:20 AMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 2 countries across 6 domains to perform 13 HTTP transactions. The main domain is .

Submitted URL: https://t.co/nDJJKGMlyJ

Effective URL: blob:https://forsalebyowner6.com/c0bbf13c-1a69-4bf0-bb44-70f27362055fRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed phishing scam harvesting Capital One credentials.

Risk Factors
Brand impersonation of Capital One on non‑official domain
Use of blob: URL scheme to host login page
Disguised password fields (type='text' with password placeholder)
Multiple forms harvesting credentials and personal data
New, unranked domain with no reputation
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(79%)

Domain Information

The domain name 't.co' uses the Colombian country-code top-level domain (.co) with no subdomain. The registrable portion 't' spans 1 characters holding 0 vowels versus 1 consonant. It segments into one word: t. 't' is most common in Chinese (Zhuyin) usage. Secondary signals appear in Catalan and Albanian.

Screenshot

Security scan screenshot of https://t.co/nDJJKGMlyJ

Page Load Overview

71.54s
Total Load Time
13
HTTP Requests
6
Domains
47 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,870 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking79% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
79%
documentation technical
53%
adult content
52%
corporate business
50%
technology software
44%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
13172.66.0.227United States
AS13335CLOUDFLARENET
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
035.157.26.135Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0216.250.119.246United States
AS8560IONOS SE
067.20.76.247United States
AS46606UNIFIEDLAYER-AS-1
063.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0162.159.140.229United States
AS13335CLOUDFLARENET
02a04:4e42:200::649United States
AS54113FASTLY
02a04:4e42:600::649United States
AS54113FASTLY
02a05:d014:58f:6200::258Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
1316--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FF63433561E301BAA8B389D857EB2B463E849887D0C9D12477AC9BD84F838D5D47D3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:0Ql0WSjLNMFv9vteVCrXWtcLRlyA7q86mLTlyA7KWtm:0QlfSjLNAVVe5

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:67514:B4EYLSDgCF4IQSqbAdUAQMAGQCWpRFWaARgypsRkweItYIFAI1kZABACalAogJSsyFOAAOZIdodCM1JAyiG4AMJVIgOqEIKA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fa4bde7c3ffcfff
Perceptual Hash:b38f8c27239d89b1
Difference Hash:e868704c4d2a2c00
Wavelet Hash:7f373c2c0424df00
Color Hash:#611f93

Other Hashes

Crop Resistant:e868704c4d2a2c00

Scan History

Scan history not available

Unable to load historical scan data