EN ES PT
Back to Stats

Visual Capture

Screenshot of foodentech.com

Detection Info

https://foodentech.com/
Detected Brand
Plesk
Country
International
Confidence
100%
HTTP Status
200
Report ID
4e7ae0f9-b24โ€ฆ
Analyzed
2026-02-23 06:53
Final URL (after redirects)
https://foodentech.com/login_up.php

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T149E1EC61584CEC3723235FC2B9927705E2DAC66EC6530A14DABC439E0FEBED2E046657
CONTENT ssdeep
192:0IQJK5YM5Anv5C5CW4leyj1e8UNjXkSdjgQS/j3KSTQz:0IQJK50Rep4n1e8UNjXkSdjgQS/j3KSA

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
cc6666cd4c763632
VISUAL aHash
0018001818181800
VISUAL dHash
72724cb2b2b2b24c
VISUAL wHash
001808183f3f3f3f
VISUAL colorHash
07007000080
VISUAL cropResistant
a2a2828033a2989a,72724cb2b2b2b24c

Code Analysis

Risk Score 85/100
Threat Level ALTO
โš ๏ธ Phishing Confirmed
๐ŸŽฃ Credential Harvester ๐ŸŽฃ OTP Stealer ๐ŸŽฃ Card Stealer ๐ŸŽฃ Banking ๐ŸŽฃ Personal Info

๐Ÿ”ฌ Threat Analysis Report

โ€ข Threat: Phishing
โ€ข Target: Plesk users
โ€ข Method: Credential Harvesting
โ€ข Exfil: Unknown
โ€ข Indicators: Domain mismatch, login form, obfuscated JS
โ€ข Risk: HIGH

๐Ÿ”’ Obfuscation Detected

  • eval
  • fromCharCode
  • unescape
  • unicode_escape
  • base64_strings

๐ŸŽฏ Kit Endpoints

  • https://support.plesk.com/hc/en-us/articles/213413369-How-to-log-in-to-Plesk-
  • /login_up.php?modals[cookie-policy-preferences]=true
  • ${(0,m.default)(`/admin/report/download/file/${encodeURIComponent(t.file)}`)}
  • /logout.php
  • log-in

๐Ÿ“ก API Calls Detected

  • GET
  • /modules/notifier/index.php/notifications
  • POST
  • .concat(JSON.stringify(e),

๐Ÿ“Š Risk Score Breakdown

Total Risk Score
90/100

Contributing Factors

Domain Mismatch
The domain foodentech.com is not associated with Plesk.
Obfuscated Javascript
Javascript is obfuscated to hide malicious behavior. (eval, fromCharCode, unescape)
Forms Present - Login
Forms with username/password fields.

๐Ÿ”ฌ Comprehensive Threat Analysis

Threat Type
Banking Credential Harvester
Target
Plesk users (International)
Attack Method
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

โš ๏ธ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
  • 48 obfuscation techniques

๐Ÿข Brand Impersonation Analysis

Impersonated Brand
Plesk
Official Website
https://www.plesk.com
Fake Service
Plesk Login

โš”๏ธ Attack Methodology

Primary Method: Credential Harvesting

The site presents a login form designed to steal the user's Plesk username and password. The user enters their credentials, and the data is sent to the attacker.

Secondary Method: Javascript Obfuscation

The site uses obfuscated JavaScript, making it harder to analyze the malicious code.

๐ŸŒ Infrastructure Indicators of Compromise

Domain Information

Domain
foodentech.com
Registered
2021-01-07 11:40:21+00:00
Registrar
Unknown
Status
ACTIVE

๐Ÿค– AI-Extracted Threat Intelligence

๐Ÿ˜ฐ
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.