Security Scan Report: yh58sv9036fdvbfn835679032839bfjk7e4.djverkest.workers.dev

Redirected to:
https://yh102209834747464hhgud687468783gggd3d.patandgordy.workers.dev/
Site favicon
Submitted: May 4, 2026, 8:55:38 PMCompleted: May 4, 2026, 8:57:01 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 8 HTTP transactions. The main domain is yh102209834747464hhgud687468783gggd3d.patandgordy.workers.dev and was registered NaN years ago.

Submitted URL: http://yh58sv9036fdvbfn835679032839bfjk7e4.djverkest.workers.dev/

Effective URL: https://yh102209834747464hhgud687468783gggd3d.patandgordy.workers.dev/Redirected

AI Security Verdict

High Risk

Confidence: 92%

10
Risk Score

High‑risk credential phishing site impersonating Yahoo! with a cross‑origin login form and critical IDS alerts.

Risk Factors
Brand impersonation of a major service
Credential harvesting form with cross‑origin submission
Critical IDS shellcode alerts
Unknown subdomain age on a generic hosting platform
Cross‑origin form target unrelated to the displayed brand
Domain age information unavailable

Details

Page Title

Welcome

Scan Type

public

Language

🇺🇸

English

(68% confidence)

Category

healthcare medical

(53%)

Domain Information

Domain 'yh58sv9036fdvbfn835679032839bfjk7e4.djverkest.workers.dev' uses the developer-focused generic top-level domain (.dev), featuring subdomain 'yh58sv9036fdvbfn835679032839bfjk7e4.djverkest'. The core label 'workers' covers 7 characters split between 2 vowels and 5 consonants. Tokenizing the label suggests one word: workers. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://yh58sv9036fdvbfn835679032839bfjk7e4.djverkest.workers.dev/

Page Load Overview

0.24s
Total Load Time
3
HTTP Requests
1
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:68%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:68%
Script Type:Latin
Text Length:85 chars
Detector Agreement:100%

Website Classification

Primary Category

healthcare medical53% confidence
Type: static
Method: ml+structural

All Detected Categories

healthcare medical
53%
documentation technical
51%
finance banking
43%
real estate property
38%
news media journalism
36%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2188.114.96.3United States
AS13335Cloudflare, Inc.
1104.21.25.240United States
AS13335Cloudflare, Inc.
32--

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1AD536779B501DD4E6D33A8FFFCA81FD14024EE9BDDCCABC10449942A6BE14AA35181DB

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:YskfjkirKzB8c7SfrGiq5avKriW+PHvoowhoNLte0I+oKZFHwMg+jmx:gw70RLK+MD+0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:62503:IFQuAChCgoMCoQoHAkIdQAA9IANkJoFtpQAJnqUISpJka0KIACIyMCauV0kDRkDNTzg3MEECSEKoXCBghSQFBCAZXoQEOIJI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7e7e7e7e7ffffff
Perceptual Hash:e626999966669999
Difference Hash:0c0c0c0c08080000
Wavelet Hash:e0e0e0e0e4e4fcfc
Color Hash:#c587c3

Other Hashes

Crop Resistant:0c0c0c0c08080000

Scan History

Scan history not available

Unable to load historical scan data