Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://support-clientt.com/pages/captcha.php
Detected Brand
Assurance Maladie (Ameli)
Country
International
Confidence
95%
HTTP Status
200
Report ID
1f3afede-825…
Analyzed
2026-02-28 02:22
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1514133B472542EF74E93A2D67F82A7C3B2D2808DF1120A1C22F8D79A1BDEDA4D51A445 |
|
CONTENT
ssdeep
|
48:uJYgcCGOnZvW3u3bXY0Y0TgTqRguZNSTd3OmIW:GYEGOnZvW3u3bxYNWRguipHb |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b7831d8137833f83 |
|
VISUAL
aHash
|
ffffffffffffff00 |
|
VISUAL
dHash
|
c8000c0c0c080028 |
|
VISUAL
wHash
|
00ffe0e000000000 |
|
VISUAL
colorHash
|
07000000038 |
|
VISUAL
cropResistant
|
c000080c0c0c0008,00c8203e1e210880 |
Code Analysis
Threat Level
ALTO
⚠️ Phishing Confirmed
🔬 Threat Analysis Report
• Threat: Phishing
• Target: Assurance Maladie (Ameli) users
• Method: Impersonation with a fake CAPTCHA form
• Exfil: Unknown, likely credential harvesting
• Indicators: Suspicious domain, recent registration, CAPTCHA.
• Risk: High
📡 API Calls Detected
- ../utils/set_session_captcha.php
📊 Risk Score Breakdown
Total Risk Score
90/100
Contributing Factors
Domain Age
Very recent domain registration is a strong indicator of phishing.
Domain Mismatch
The domain is not related to the official brand.
Impersonation
Attempting to impersonate a well-known brand.
🔬 Comprehensive Threat Analysis
Threat Type
Assurance Maladie (Ameli) Phishing Landing Page
Target
Assurance Maladie (Ameli) users (International)
Attack Method
Brand impersonation
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
🏢 Brand Impersonation Analysis
Impersonated Brand
Assurance Maladie (Ameli)
Official Website
https://www.ameli.fr/
Fake Service
CAPTCHA verification
⚔️ Attack Methodology
Primary Method: Credential Harvesting
The attacker attempts to steal user credentials by mimicking a legitimate CAPTCHA verification.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
support-clientt.com
Registered
2024-02-23
Registrar
Unknown
Status
ACTIVE
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for support-clientt.com
Found 3 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.