ScanMalware.com

Security Scan Report: sp863481.sitebeat.crazydomains.com

Site favicon
Submitted: Nov 4, 2025, 7:24:45 PMCompleted: Nov 4, 2025, 7:26:25 PMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 2 countries across 4 domains to perform 31 HTTP transactions. The main domain is sp863481.sitebeat.crazydomains.com.

Submitted URL: https://sp863481.sitebeat.crazydomains.com/

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing site impersonating Outlook to harvest credentials; high confidence of scam.

Risk Factors
Brand impersonation on unranked domain
Credential harvesting form (password only)
Disguised password field (type=text with password placeholder)
Missing username field
Unicode evasion technique
Domain age information unavailable

Details

Page Title

Outlook

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate

(50%)

Domain Information

The domain name 'sp863481.sitebeat.crazydomains.com' uses the commercial generic top-level domain (.com), featuring subdomain 'sp863481.sitebeat'. Count 12 characters in 'crazydomains' split between four vowels and 8 consonants. Breaking it apart gives 2 words: crazy, domains. Median word length is 6 characters. 'crazy' is most common in English usage. You will also see it in Chinese (Pinyin) and French contexts.

Screenshot

Security scan screenshot of https://sp863481.sitebeat.crazydomains.com/

Page Load Overview

78.83s
Total Load Time
31
HTTP Requests
4
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:988 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate50% confidence
Type: static
Method: structural

All Detected Categories

corporate
50%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2104.20.37.91United States
AS13335CLOUDFLARENET
234.117.140.48Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
2103.67.235.120Perth, Western Australia, Australia
AS38719Dreamscape Networks Limited
2104.26.6.16United States
AS13335CLOUDFLARENET
22606:4700:10::6814:255bUnited States
AS13335CLOUDFLARENET
22606:4700:20::ac43:463cUnited States
AS13335CLOUDFLARENET
22606:4700:20::681a:610United States
AS13335CLOUDFLARENET
2172.66.160.115United States
AS13335CLOUDFLARENET
2172.67.70.60United States
AS13335CLOUDFLARENET
2104.26.7.16United States
AS13335CLOUDFLARENET
3112--

Detected Technologies2

X-UA-Compatible
100%
Open-Graph-Protocolvwebsite
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FD837161D4271412B28B1CEA37CFB629A15E934BA840DA567BFC578C4FCDE7A11B230D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:0YsknpRuWWWqtHjccUIQbt96KueSlvL0UocUX5BeGueSlvL0TGrgGbQC/ZrFe4q4:lybJFe4VNsNhRqio

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:80768:IYkkG5ealKAIABMkKgEDvE0+hklhogEAAAYlGQBUOEoEQU0ByEAABBASYIPpAQwMrVhkwioABAc6SZY2Nd0BkAAEiAoAJmOf

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff9f9f9f9f9f9fff
Perceptual Hash:bce6c3d9c318c23c
Difference Hash:0036363636343430
Wavelet Hash:fe868282868e8efe
Color Hash:#c579d2

Other Hashes

Crop Resistant:0036363636343430,f3c2a4b6b6b482f3,00608c62628c2000

Scan History

Scan history not available

Unable to load historical scan data