Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://telstra243.blogspot.com
Detected Brand
Telstra
Country
International
Confidence
100%
HTTP Status
200
Report ID
03312e26-cae…
Analyzed
2026-03-02 07:28
Final URL (after redirects)
https://telstra243.blogspot.com/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10ED11E719608AD3753A3C3EDB7B1A34BB782C284C987064A91F6D34E1FD3DA0DC12256 |
|
CONTENT
ssdeep
|
96:fTS3/K9MHaZnoGyPFmGjZz//6/HBJSywkLNmzClPiUbTuGWKrGo+1u8cEl8P:fT6aCFMO8fSYLqTsrks |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
fe7e5ca161616984 |
|
VISUAL
aHash
|
809c8080ffffffff |
|
VISUAL
dHash
|
0b30340320202024 |
|
VISUAL
wHash
|
80808080fcfcfcf4 |
|
VISUAL
colorHash
|
070020001c0 |
|
VISUAL
cropResistant
|
0b30340320202024 |
Code Analysis
Risk Score
74/100
Threat Level
MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Impersonation
• Target: Telstra customers
• Method: Blogspot used for a fake Telstra site.
• Exfil: https://telstra243.blogspot.com/search (form action)
• Indicators: Unrelated content and 'Aucun article disponible.' in french.
• Risk: Moderate
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- eval
- hex_escape
- unicode_escape
🎯 Kit Endpoints
- https://www.blogger.com/go/report-abuse
- https://telstra243.blogspot.com/
- https://telstra243.blogspot.com/search
- /responsive/sprite_v1_6.css.svg#ic_post_blogger_black_24dp
- https://www.blogger.com/profile/11626381249462659137
- https://www.blogger.com
- https://telstra243.blogspot.com/feeds/posts/default?alt=rss
- https://telstra243.blogspot.com/feeds/posts/default
- https://www.blogger.com/feeds/6151371539448250752/posts/default
📡 API Calls Detected
- GET
- post
📤 Form Action Targets
- https://telstra243.blogspot.com/search
📊 Risk Score Breakdown
Total Risk Score
75/100
Contributing Factors
Domain mismatch
Uses Blogspot, highly indicative of malicious intent or unauthorized use.
Brand impersonation
Attempts to mimic Telstra without the necessary authorization.
🔬 Comprehensive Threat Analysis
Threat Type
Credential Harvesting Kit
Target
Telstra users (International)
Attack Method
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
HTTP POST to backend
Risk Assessment
HIGH - Automated credential harvesting with HTTP POST to backend
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, Personal Info
- 11 obfuscation techniques
🏢 Brand Impersonation Analysis
Impersonated Brand
Telstra
Fake Service
Telstra services
⚔️ Attack Methodology
Primary Method: Credential Harvesting
The site likely aims to trick visitors into entering their Telstra login credentials through a fake login form or social engineering.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
telstra243.blogspot.com
Registered
None
Registrar
None
Status
Inactive/Unregistered
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Unknown
https://cdn.gosafemode.com/screenshots/f420b2c6f164.png
May 21, 2026
Unknown
https://cdn.gosafemode.com/screenshots/19a2f32d6f66.png
Apr 17, 2026
Instagram
https://www.instagramusicabrasilinstagram.blogspot.com/
Mar 01, 2026
Instagram
https://instagramusicabrasilinstagram.blogspot.com/
Mar 01, 2026
Facebook
https://facebooksocialpage.blogspot.com/
Feb 23, 2026
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.