ScanMalware.com

Security Scan Report: mwplay9.com

Redirected to: https://jl55ph.vip/?host=https://gbr96c.com?ch=64284

Site favicon
Submitted: Dec 10, 2025, 6:54:06 PMCompleted: Dec 10, 2025, 6:54:41 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 1 country across 2 domains to perform 26 HTTP transactions. The main domain is jl55ph.vip.

Submitted URL: https://mwplay9.com/zjy1mw

Effective URL: https://jl55ph.vip/?host=https://gbr96c.com?ch=64284Redirected

AI Security Verdict

High Risk

Confidence: 80%

7
Risk Score

Site appears to be a financial recruitment scam; treat as high risk.

Risk Factors
Newly registered, unranked domain with no reputation
Unranked domain not in Cisco Umbrella top 1M
Financial‑gain promises typical of recruitment/ponzi scams
Domain age information unavailable

Details

Page Title

JL55PH

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate

(50%)

Domain Information

You're looking at domain 'mwplay9.com' on the commercial generic top-level domain (.com) and has no subdomain. Its registrable label 'mwplay9' stretches across 7 characters holding one vowel versus 5 consonants; bonus characters include one digit. Word splitting yields three words: mw, play, 9. Median word length is 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mwplay9.com/zjy1mw

Page Load Overview

8.76s
Total Load Time
26
HTTP Requests
2
Domains
762 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,310 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate50% confidence
Type: static
Method: structural

All Detected Categories

corporate
50%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5104.21.41.73United States
AS13335CLOUDFLARENET
3172.67.215.208United States
AS13335CLOUDFLARENET
3104.21.53.171United States
AS13335CLOUDFLARENET
32606:4700:3033::6815:35abUnited States
AS13335CLOUDFLARENET
32606:4700:3033::6815:2949United States
AS13335CLOUDFLARENET
32606:4700:3035::ac43:d7d0United States
AS13335CLOUDFLARENET
32606:4700:3035::ac43:a20bUnited States
AS13335CLOUDFLARENET
3172.67.162.11United States
AS13335CLOUDFLARENET
268--

Detected Technologies4

Open-Graph-Protocolvwebsite
100%
HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FB526372D28E6ABF121342D075367BA8B19F0C79EE2A4491D5FF02D487E6ED2C873164

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:cvjUrleTlHlAxrTrqEiVydOAuWdLORB+vDEOG5WSUdr4:cbUrmHlAxrTrqXAOcd6RB+vDhgWZ0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:13416:BmULAxgRCAkDIAesBMB2FDJs0YgHAIGzQhgRMDzAAAgACoLYhCVhhh04oGVIBTsJZA4NQXWygAwIUAYwQpgTBkCWegAArQBk

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:1819191919191918
Perceptual Hash:8875669933333bcc
Difference Hash:11b3b3b1b3b3b3b1
Wavelet Hash:19ffdb1919191919
Color Hash:#e06cb1

Other Hashes

Crop Resistant:cbcbcbe0c3c0c8c6,11b3b3b3b3b3b3b3

Scan History

Scan history not available

Unable to load historical scan data