Our automated security review found no threat indicators on last.fm. The site appears legitimate based on the signals we checked, but always stay alert for phishing emails that spoof real domains.

Is last.fm safe to use?

last.fm passed our automated security checks with a trust score of 82/100. No antivirus engines or major blacklists flagged the site at the time of the last scan.

Does last.fm have a valid SSL certificate?

Yes. last.fm presents a valid TLSv1.3 certificate issued by Sectigo Limited · Sectigo Public Server Authentication CA OV R36, expiring in 262 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

How old is the last.fm domain?

last.fm is 24.2 years old, registered on 3/20/2002 through MarkMonitor Inc.. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.

Has last.fm been flagged by antivirus engines?

No. All 91 antivirus engines in our malware network report last.fm as clean.

Is last.fm on any phishing or malware blacklists?

No. last.fm is not currently listed on the major browser blocklist feeds that modern browsers use.

Where is last.fm hosted?

last.fm resolves to an IP operated by Google LLC in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the last.fm report updated?

We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

SAFE

No threats detected

All checks passed. This site appears legitimate — but always stay alert for phishing even on trusted domains.

Security Review

Is last.fm legit or a scam?

Name: Is last.fm legit or a scam?
Item: last.fm
Rating: 5
Author: MalwareTips

Our verdict:Safe· 82/100

SafeSuspiciousDangerous

Last.fm is an established music-discovery platform with 24-year history, clean security scan, and active UK business registration.

Why we trust it

24-year operational history with documented corporate ownership and acquisition timeline.Registered as Last.fm Limited (Company No. 4569646) in England & Wales; active business registration confirmed.Zero detections across 91 antivirus engines; clean browser blocklists and sandbox results.

last.fmScanned 3h ago

Post Facebook

Trust score

SAFE

Heuristics 82·MT 82

Category tags

music & entertainment95% MT confidence

Warning signals (1)

Redirects to another domain

Positive signals (5)

Antivirus clear Not on major blacklists Domain is 24 years old Encrypted connection Clean server reputation

View density

Analysis Summary

Threat Intelligence

0/91

All engines report clean

Domain Age

24 years old

Registered Mar 20, 2002

MT Intelligence

Safe

Low likelihood · 95% confidence

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Low scam likelihoodengineMT · Guardiantrust82/100

MT AgentLive web researchVisual inspection

Confidence

Last.fm is a well-known music service that has operated continuously since 2002 and is registered as Last.fm Limited in England & Wales. Our antivirus network flagged zero detections across 91 engines, the hosting IP has zero abuse reports, and SSL is valid. The domain is 8,845 days old (over 24 years), registered through MarkMonitor Inc., a registrar used by major legitimate brands. Web research confirms the service is legitimate, with a documented history including acquisition by CBS Interactive in 2007 and return to independence in May 2026. The site does carry a historical data breach from 2012 affecting 43 million accounts, but this is public knowledge and does not indicate current malicious intent. User complaints on community sites focus on moderation and feature requests, not fraud.

Full dossier

Analysis complete

Page Content

The homepage presents a standard music-service layout with calls-to-action for account signup, music tracking, and streaming integration. The page loads a JavaScript application with legitimate music-discovery features, personalized stats, and Spotify integration. No phishing forms, credential harvesting, or scam patterns detected.

Infrastructure

Hosting IP 34.96.123.111 (Google Cloud) has zero abuse reports and a clean reputation score. SSL certificate issued by Sectigo Limited is valid with 262 days to expiry. The domain uses privacy-protected WHOIS registration through MarkMonitor Inc., a standard practice for established brands.

Domain History

Registered 8,845 days ago (since 2002), making Last.fm one of the oldest music services on the web. The domain has a documented corporate history: founded in the UK, acquired by CBS Interactive in 2007 for £140 million, and returned to independent ownership in May 2026. This long, verifiable history is inconsistent with scam or fraud operations.

Web Reputation

No scam reports found in consumer-complaint databases. Independent sources confirm Last.fm is a legitimate service. User discussions on Reddit and community forums focus on feature requests, moderation policies, and music-tracking accuracy—typical for an active, long-running platform. A 2012 data breach is documented and public; no ongoing security incidents reported.

Risk Factors

Historical 2012 data breach affected ~43 million accounts with unsalted MD5 password hashes; users with old accounts should consider password reset.
No direct contact email, phone, or postal address visible on homepage; support accessed through account dashboard or help section.
User complaints on community sites mention occasional malware pop-up reports and moderation concerns, though no active malware detected in current scan.

Positive Signals

24-year operational history with documented corporate ownership and acquisition timeline.
Registered as Last.fm Limited (Company No. 4569646) in England & Wales; active business registration confirmed.
Zero detections across 91 antivirus engines; clean browser blocklists and sandbox results.
Hosting IP has zero abuse reports and clean reputation; valid SSL certificate from Sectigo.
Active user community on Reddit and other platforms discussing features and music stats; integrates with major streaming services (Spotify, YouTube).

AI Recommendation

Last.fm is safe to use for music tracking and discovery. If you have an account created before 2012, consider updating your password as a precaution following the historical data breach. Use the official Last.fm website or verified mobile apps; do not click suspicious links claiming to be Last.fm.

Next-gen fraud intelligence

Evidence-backedCross-checked

Website Preview

LIVE RENDER

last.fm

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for last.fm, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age

24 yrs

Registered Mar 2002

Business registration

Active · United Kingdom

Site traces back to an actively registered business.

Clone check

Not a clone

No well-known site's layout or branding detected here.

Typosquat check

No look-alike match

The domain doesn't resemble any well-known brand's spelling.

Web mentions

3 complaints · 2 positive

Key findings

7 headline facts from open-web research

Founded in UK in 2002; acquired by CBS Interactive in 2007 for £140m; became independent again in May 2026.
Major data breach in March 2012 affecting ~43 million accounts (usernames, emails, unsalted MD5 passwords); full details public in 2016.
Registered as Last.fm Limited (Company No. 4569646) in England & Wales with London address.
User complaints on Trustpilot and Reddit about moderation (e.g. handling of predators, bans), declining activity, fake scrobbles, and occasional malware pop-up reports.
No direct scam reports found; described as legitimate music scrobbling / recommendation service in multiple sources.
Active community on r/lastfm discussing features, stats, and issues; still used for music tracking with integrations to Spotify etc.
Historical controversies include 2009 RIAA data-sharing allegations (denied by Last.fm) and user dissatisfaction with redesigns.

Positive reviews (2)

Quotes indicating the site is legitimate.

vpnsuper.comopen
"While no platform is without its flaws, the consensus is that Last.Fm is a legitimate service, not a scam. ... Last.Fm is safe"
Wikipedia / Mediumopen
"Last.fm is a music website founded in the United Kingdom in 2002. ... users have scrobbled over 226 billion songs since 2003"

Business registration

Status: active · United Kingdom

Last.fm Limited, Company Number 4569646, registered in England & Wales. Founded 2002; independent again as of May 2026 after CBS/Paramount ownership.

Research summary

Narrative write-up from our AI analyst, grounded on the facts above

We searched scam-report databases, consumer-review sites, and general web sources for Last.fm and found no active scam reports or fraud allegations. The service is confirmed as a legitimate music-discovery platform founded in the UK in 2002, with documented corporate history (CBS Interactive acquisition in 2007, return to independence in May 2026). Business registration as Last.fm Limited (Company No. 4569646) in England & Wales is active and verified. A historical 2012 data breach affecting ~43 million accounts is public knowledge and does not indicate current malicious operation. User complaints on community sites relate to moderation policies and feature requests, not fraud.

Antivirus Engines

Clean pass · verified

Clean across 91 engines

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. None of them flagged this URL in the last scan.

0Malicious0Suspicious62Harmless91Engines

Clean

Kaspersky

Clean

Bitdefender

Clean

Microsoft

Not in pass

ESET-NOD32

Not in pass

Avira

Not in pass

Sophos

Clean

Fortinet

Clean

Google Safebrowsing

Clean

Emsisoft

Clean

No engine detections. The URL passed every antivirus and blacklist engine we queried in this scan. Stay vigilant — AV coverage is only one signal among many.

Security Scans

Blacklist Check

Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render

Page rendered in a safe sandbox

Requests made0

Unique IPs0

Countries0

Detected brandsNone

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found

No clear contact details on the page

Emails on site's domainNone

Phone numbersNone

Postal addressNot listed

Linked social profiles4

Signal Summary

Several contact red flags

No contact email found anywhere on the page.
No phone number listed on the page.
No postal address visible on the page.

Links to 4 social profiles.

Domain & Encryption

Domain History

Age24 years old

RegistrarMarkMonitor Inc.

RegisteredMar 20, 2002

ExpiresMar 19, 2027

Owner privacyHidden

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerSectigo Limited · Sectigo Public Server Authentication CA OV R36

ExpiresFeb 25, 2027 (262d)

Self-signedNo

Hosting & Technology

HostingGoogle LLC

Server locationUS

Web servernginx

Redirect Chain

Hops

Cross-domain

Yes

Lookalike

Punycode

1301http://last.fm/
2200https://www.last.fm/cross-domain

Server Reputation

Hosting

CountryUnknown

NetworkUnknown

IP addressUnknown

Abuse Intelligence

Confidence score0%

Reports on file0

ISPGoogle LLC

Usage typeContent Delivery Network

Still, stay alert

No major threat indicators — but a clean scan does not guarantee every page is safe, and phishing emails routinely spoof real domains.

Double-check the exact URL in your address bar
Confirm you are actually on last.fm and not a lookalike like l-ast.fm.com or an IDN homoglyph.
Use a password manager
Password managers only auto-fill on the exact domain they were saved for — they refuse to fill lookalike domains, which is the single best phishing defence.
Discuss this site on the forum
If you have first-hand experience with this site — good or bad — share it with the MalwareTips community.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

Not listedCheck ↗

VirusTotal

Not listedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

strangeclocks.com cdn.cookielaw.org oss.maxcdn.com a.pub.network b.pub.network c.pub.network d.pub.network c.amazon-adsystem.com s.amazon-adsystem.com btloader.com api.btloader.com facebook.com x.com bsky.app instagram.com youtube.com at.cbsi.com

Safety FAQ

Common questions about this site, answered from the scan data on this page. These are auto-generated — not hand-written — so they always match the underlying report.

Our automated security review found no threat indicators on last.fm. The site appears legitimate based on the signals we checked, but always stay alert for phishing emails that spoof real domains.

Final Verdict

Trust / 100

Final Verdict·last.fm

SAFE

Last.fm is a legitimate music-tracking and recommendation service founded in the UK in 2002, now independently operated. The site shows no malware detections, valid SSL, clean IP reputation, and confirmed business registration.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Safe reports

Browse all reports

Safetrust89

changehabitsofthought.quora.com

8m ago

Read the review

Safetrust90

fp.bpjs-kesehatan.go.id

20m ago

Read the review

Safetrust82

afrikanweddingfair.fi

23m ago

Read the review

Safetrust86

shivshaktimachtech.com

justblinkcastg.wpengine.com

1h ago

Read the review

Safetrust86

electricwheelchair.com.my

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.