ScanMalware.com

Security Scan Report: my.mspyonline.com

Redirected to: https://my.mspyonline.com/login

Site favicon
Submitted: Dec 5, 2025, 5:37:02 PMCompleted: Dec 5, 2025, 5:38:50 PMpubliccompleted
Loading additional data...

Summary

This website contacted 33 IPs in 3 countries across 12 domains to perform 39 HTTP transactions. The main domain is my.mspyonline.com and was registered NaN years ago.

Submitted URL: https://my.mspyonline.com/

Effective URL: https://my.mspyonline.com/loginRedirected

AI Security Verdict

High Risk

Confidence: 82%

7
Risk Score

Likely phishing login page impersonating mSpy on an unrelated domain.

Risk Factors
Brand impersonation (mSpy) on a non‑official domain
Credential harvesting form (email + password)
Unranked domain in Cisco Umbrella
Domain age information unavailable

Details

Page Title

Sign in to your mSpy account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

suspicious phishing

(36%)

Domain Information

Domain 'my.mspyonline.com' uses the commercial generic top-level domain (.com), featuring subdomain 'my'. Count 10 characters in 'mspyonline' with three vowels and seven consonants. Segmentation suggests three words: m, spy, online. Median word length is 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://my.mspyonline.com/

Page Load Overview

1.01s
Total Load Time
39
HTTP Requests
12
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:273 chars
Detector Agreement:100%

Website Classification

Primary Category

suspicious phishing36% confidence
Type: webapp
Method: ml+structural

All Detected Categories

suspicious phishing
36%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7172.67.70.114United States
AS13335CLOUDFLARENET
7142.250.186.131United States
AS15169GOOGLE
7104.26.4.35United States
AS13335CLOUDFLARENET
5172.217.18.4United States
AS15169GOOGLE
4172.217.18.3United States
AS15169GOOGLE
352.242.103.142Boydton, Virginia, United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
3216.239.34.36United States
AS15169GOOGLE
3172.217.208.95United States
AS15169GOOGLE
2104.26.6.46United States
AS13335CLOUDFLARENET
1142.251.140.168United States
AS15169GOOGLE
3933--

Detected Technologies4

PasswordField
100%
HSTS
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T160A34BFB13143608B55B4A1AB9A7826B35075A070C33CE09F89FF38847DDFBD95A1929

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:AZPGVVgZSYhIjTO0TAuM4+o+6O9oGEPxbigQuEz6BDx8pPQ1OpLK4CwdfXf+s:AZPGVH9rsE4jfXf+s

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:105035:Ax5UboEQIspOgAkAYQqZEIjFegmBDAVDIAOxQSooB2ml3E3IUxmqGBCD4CMglqAMQoIpkaBlAQc8KFyCIcSUvSIQSMIcEqUQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffe7e7e7e7ffff
Perceptual Hash:b399cc32cccc3333
Difference Hash:001008080c0c0008
Wavelet Hash:3f3f272724243c3c
Color Hash:#483a78

Other Hashes

Crop Resistant:001008080c0c0008

Scan History

Scan history not available

Unable to load historical scan data