MalwareTips
0
Trust score
DANGEROUS
Heuristics 57·MT 18
Category tags
fake shopclone site#Clone Site#Fake Shop92% MT confidence
Technical red flags (1)
Scam-network signals (40/100)

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
Data unavailable
Domain Age
Registration date unknown
MT Intelligence
Dangerous
Critical likelihood · 92% confidence
DANGEROUS

Fake shop — do not order

Publix supermarket clone on suspicious .top domain with 404 error page and zero legitimate business footprint. The site shows patterns common to non-delivery scam shops. Don't submit payment details, and if you already paid by card or PayPal, start a chargeback today.

Website Preview

Screenshot of yeyiho.top
LIVE RENDER
yeyiho.top
1Page appears parked or non-functional — generic nginx 404 Not Found default error page with no site content

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

40
/ 100
Moderate visual risk

Visual red flags detected in the screenshot

The page renders a standard nginx 404 Not Found error response, indicating no functional web content is served at this URL.

Visual risk40/100

What our vision model saw

1 signal

Page appears parked or non-functional — generic nginx 404 Not Found default error page with no site content

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust18/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The page title directly impersonates Publix supermarket's Father's Day promotion, but the actual URL serves a generic nginx 404 error with no functional content. Our fingerprint analysis confirms this is a clone of publix.com hosted on a low-trust .top TLD — a pattern heavily over-represented in scam farms. The domain has no business registration, no contact details, and no verifiable company information anywhere on the web. The URL structure (with obfuscated path parameters) and the mismatch between the page title and the 404 error suggest this was either a failed phishing attempt or a placeholder in a larger scam operation. No scam reports or complaints exist in public databases, which is typical for newly deployed or low-traffic fraud infrastructure.
Full dossier
Analysis complete

Page Content

The page title claims to be "🍫Publix - Father's Day Gifts💸️️" but the actual page renders a standard nginx 404 Not Found error with no functional content. This mismatch between the claimed title and the error response is a strong indicator of either a misconfigured phishing page or abandoned scam infrastructure.

Infrastructure

Hosted on IP 104.21.85.60 with a valid Let's Encrypt SSL certificate (58 days to expiry). The IP has zero abuse reports and a clean reputation score, which is common for bulletproof hosting or freshly provisioned infrastructure. The domain loads Cloudflare Insights tracking, suggesting the operator is monitoring traffic.

Domain History

The domain yeyiho.top is registered on a low-trust TLD (.top) known for scam-farm concentration. Our network fingerprint confirms this is a clone of publix.com. No WHOIS data is publicly available, and the domain has no meaningful web presence outside security scan reports.

Web Reputation

Zero business registration found in any jurisdiction. No contact email, phone, or postal address on the page. No reviews, complaints, or mentions on consumer-review sites, Reddit, or business registries. The absence of any legitimate business footprint combined with the Publix impersonation pattern confirms this is fraudulent infrastructure.

Risk Factors
7
  • Direct clone of Publix supermarket brand with identical Father's Day promotion theme — impersonation of a major US retailer.
  • Registered on low-trust .top TLD, a domain extension heavily over-represented in scam farms and phishing operations.
  • Page serves a 404 error instead of functional content, indicating either failed phishing infrastructure or a placeholder in a larger scam operation.
  • Zero business registration, contact details, or verifiable company information anywhere on the web.
  • Obfuscated URL path parameters (pccwkiN2h/o6K7DJlClQlyK7lqgNC5a16f4f) typical of phishing and credential-harvesting campaigns.
  • No legitimate web presence or public mentions — domain appears to exist solely for this fraudulent purpose.
  • SSL certificate issued by Let's Encrypt with 58 days to expiry, consistent with short-lived phishing infrastructure.
Positive Signals
3
  • Hosting IP has zero abuse reports and a clean reputation score.
  • Browser blocklists do not flag the domain, likely because the 404 error prevents content analysis.
  • Valid SSL certificate from a trusted issuer (Let's Encrypt).
AI Recommendation
Do not visit this site or enter any personal or payment information. If you arrived here from a link or email claiming to be from Publix, report it to Publix directly at their official website (publix.com) and to your email provider or browser vendor. Block this domain in your security software.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for yeyiho.top, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Clones publix.com
The page impersonates a well-known brand's site.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.
Key findings
7 headline facts from open-web research
  • Domain yeyiho.top has no meaningful web presence outside of security scan reports and unrelated song titles
  • Page title "🍫Publix - Father's Day Gifts💸️️" directly mimics official Publix supermarket (publix.com) seasonal promotion for cakes, platters and gifts
  • Official Publix Father's Day content is hosted exclusively at publix.com/mc/order-ahead/fathers-day and similar subpaths
  • No reviews, complaints, business records, or mentions of yeyiho.top on Reddit, Trustpilot, ScamAdviser, BBB or major forums
  • Appears to be a newly created or low-visibility e-commerce page with no verifiable company information
  • URL appeared in malware/URL scanning logs (urlquery.net reports from May 2026) alongside other suspicious domains
  • No contact details, registration data or legitimate business footprint discovered
Impersonation / typosquat
Clone of publix.com

Page title directly impersonates Publix supermarket chain promoting Father's Day Gifts; official Publix has dedicated Father's Day cake/gift pages on publix.com

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
We searched scam-report databases, consumer-review sites, business registries, and general web sources for yeyiho.top and found no scam complaints, positive reviews, or business registration records. The domain does not appear on Reddit, an independent review aggregator, BBB, or major forums. However, the page title directly impersonates Publix supermarket's Father's Day promotion, and our network fingerprint confirms this is a clone of publix.com. The absence of public complaints is typical for newly deployed phishing or scam-farm infrastructure that has not yet accumulated user reports.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

High correlation

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Evidence confirms this site is a clone of publix.com.
  • Short name on low-trust .top TLD — over-represented on scam farms.
Linked signals (2)
Clone of publix.comPattern · LOW Trust TLD

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · E8
ExpiresAug 8, 2026 (58d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS
Web servercloudflare

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1302https://yeyiho.top/pccwkiN2h/o6K7DJlClQlyK7lqgNC5a16f4f?ptf=ms
  • 2200https://yeyiho.top/cgywJjd1G7mkTdhguangmPZWc5d8ef

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Scam-Type Likelihood

2 scam-type patterns detected
Scam-Type Likelihood

2 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Fake Shop
Fake Shop
Moderate likelihood
33/100
  • AI analyst tagged this as a fake shop.
  • No phone number or postal address anywhere on the page.
  • Multiple contact / trust-signal red flags on the page.
Brand Impersonation
Moderate likelihood
30/100
  • AI analyst tagged this as a brand / clone-site impersonation.
  • Clustered with known brand-impersonation infrastructure.

Fake shop — do not order

Signals common to non-delivery scam shops were detected on this site.

  • Do not interact with yeyiho.top

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you already paid by card or PayPal — start a chargeback

    Contact your bank or card issuer and dispute the charge as "goods not received" or "merchant fraud." PayPal users can open a case in the Resolution Centre. Act within 120 days for card chargebacks in most jurisdictions.

  • Save every piece of evidence

    Screenshots of the checkout, order confirmation emails, any chat transcripts, and the product listing page. Chargeback and fraud reports go faster when you have receipts.

  • Report the shop

    Report to the FTC (reportfraud.ftc.gov), Action Fraud UK, or your local consumer-protection body. Post the URL on the MalwareTips scam forum so other buyers can find it.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

static.cloudflareinsights.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags yeyiho.top as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — yeyiho.top scored 25/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. yeyiho.top presents a valid TLSv1.3 certificate issued by Let's Encrypt · E8, expiring in 58 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • No. yeyiho.top is not currently listed on the major browser blocklist feeds that modern browsers use.
  • yeyiho.top resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 10, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around yeyiho.top have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·yeyiho.top
DANGEROUS

This is a clone of Publix supermarket designed to impersonate their Father's Day gift promotion. The domain yeyiho.top serves a non-functional 404 page, has no business registration, and matches known scam-farm patterns on low-trust TLDs.

Do not visit this site or enter any personal or payment information. If you arrived here from a link or email claiming to be from Publix, report it to Publix directly at their official website (publix.com) and to your email provider or browser vendor. Block this domain in your security software.

AV engines
MT passes
2
Net signals
2
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust35
torbay5gk5svidjkho47nwkvw2fqgkhjvzygrgr4lewu3jmp3uwnfvqd.onion
2h ago
Read the review
Dangeroustrust26
onionamev33r7w4zckyttobq3vrt725iuyr6xessihxifhxrhupixqad.onion
3h ago
Read the review
Dangeroustrust36
flixer.su
3h ago
Read the review
Dangeroustrust40
ankergames.net
3h ago
Read the review
Dangeroustrust24
links.votrentreprise.com
6h ago
Read the review
Dangeroustrust32
bakven.com
6h ago
Read the review
Dangeroustrust1
thotdesi.com
6h ago
Read the review
Dangeroustrust13
slon8.im
6h ago
Read the review
Dangeroustrust1
trustwallet.net.cn
6h ago
Read the review
Dangeroustrust1
1555365.com
6h ago
Read the review
Dangeroustrust1
asdwspotify.beer
6h ago
Read the review
Dangeroustrust41
pilerlab.com
6h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.