SafeMode - Analysis: nodeunblocker.net

Visual Capture

No screenshot available

Detection Info

https://nodeunblocker.net/proxy/https:/www.mercadolibre.com.mx/gz/webdevice/config?go=https://articulo.mercadolibre.com.mx/mlm-1405430125-toner-hp-507a-amarillo-original-6000-paginas-ce402a-_jm

Detected Brand

Node Unblocker

Country

International

Confidence

100%

HTTP Status

200

Report ID

27bdc178-9cd…

Analyzed

2025-12-29 11:18

Final URL (after redirects)

https://nodeunblocker.net/proxy/https://www.mercadolibre.com.mx/gz/account-verification?go=https%3A%2F%2Farticulo.mercadolibre.com.mx%2Fmlm-1405430125-toner-hp-507a-amarillo-original-6000-paginas-ce402a-_jm&tid=31a3afe4-1a4b-4095-8d6d-164739834b74

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1D6053AA57786307217A73622F53B051773392009A4D9604CB25CF4FCAAED88DB52EB7E
CONTENT ssdeep	12288:Im6sYm6sdk05mm3mZ+q1c8jwTqYg7xSRnHxP:IpLpq2mWZ+q1c8jwTqYg7sRnRP

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	e366694c4966735c
VISUAL aHash	00ffe7ffffffffff
VISUAL dHash	820428283008041b
VISUAL wHash	00000018e7ffffff

Code Analysis

Risk Score 70/100

Threat Level CRITICAL

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Potential man-in-the-middle due to proxy service.
• Target: Users accessing websites through Node Unblocker.
• Method: Intercepting and decrypting traffic.
• Exfil: Unknown, depends on the proxy's activities.
• Indicators: Proxy service, lack of details about security measures.
• Risk: LOW - Potential risk of traffic interception depending on proxy service's policies.