SafeMode - Analysis: dyuvstyfawecteraw.blogspot.com

Visual Capture

Screenshot of dyuvstyfawecteraw.blogspot.com

Detection Info

https://dyuvstyfawecteraw.blogspot.com/?ref=agfuc2pvzxjnc0bnbxguzgu

Detected Brand

GMX

Country

International

Confidence

100%

HTTP Status

200

Report ID

0ade6c12-6ee…

Analyzed

2025-12-27 12:43

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T13FD10EB29408AD3B53A3C3E9B7F1A34BB792C585C987028A91F6C35D1FD3DA1DC12256
CONTENT ssdeep	96:DRCNHNnoGyPs44mGjZzmjK4yYeywq0w2mzClPhUbTuGWVBrGobuJczfO:DRCBmFbOQ/pcTBrhW

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	fe7e1e81a1616d84
VISUAL aHash	809c8080ffffffff
VISUAL dHash	1238200338202024
VISUAL wHash	80808080f3f3fff7

Code Analysis

Risk Score 65/100

Threat Level CRITICAL

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Brand impersonation phishing attempt.
• Target: GMX users.
• Method: Fake website hosted on Blogspot to impersonate GMX.
• Exfil: No data exfiltration is apparent as there are no forms or inputs.
• Indicators: Free hosting on blogspot.com, mismatched domain, static page.
• Risk: LOW - Potential brand damage, but no immediate user credential theft.