EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of www.z25r.xyz

Detection Info

https://www.z25r.xyz/home
Detected Brand
bet365
Country
International
Confidence
100%
HTTP Status
200
Report ID
60fc7c72-e18โ€ฆ
Analyzed
2026-02-03 11:50

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T179441AF4536853F496874BE4F9711A0633AA10FEFB914688C3A48AD0FAF2ED9D435C61
CONTENT ssdeep
3072:oDDMTa7jDw/4Q1pSBn1pSBy1pSB61pSBo1pSBafoi2cluAkYc1D1:+v7jDw/47g7/tV

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
8e3131ceca69cf34
VISUAL aHash
00003c3c3c3c0000
VISUAL dHash
8a9c686969697904
VISUAL wHash
001e3e7ffffd0400
VISUAL colorHash
39001000c00
VISUAL cropResistant
8e8999e686a68799,8a9c686969697904

Code Analysis

Risk Score 100/100
Threat Level ALTO
โš ๏ธ Phishing Confirmed
๐ŸŽฃ Credential Harvester ๐ŸŽฃ OTP Stealer ๐ŸŽฃ Card Stealer ๐ŸŽฃ Banking ๐ŸŽฃ Personal Info
Telegram Exfiltration Discord Webhook WebSocket C2

๐Ÿ”ฌ Threat Analysis Report

โ€ข Threat: Phishing
โ€ข Target: bet365 users
โ€ข Method: Impersonation via fake website
โ€ข Exfil: Unknown, likely credential theft or financial data.
โ€ข Indicators: Unrelated domain, obfuscation.
โ€ข Risk: HIGH

๐Ÿ”’ Obfuscation Detected

  • atob
  • eval
  • unescape
  • document.write
  • hex_escape
  • unicode_escape
  • base64_strings

๐ŸŽฏ Kit Endpoints

  • data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEEAAABBCAYAAACO98lFAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA4RpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQ1IDc5LjE2MzQ5OSwgMjAxOC8wOC8xMy0xNjo0MDoyMiAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDo3OGVlNTliYS1kMzJkLWYxNDMtOTFmMi1lOTM2NmNiZTMyMDYiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6RDAzNUEyREU3OEIxMTFFREJGNDQ4MjUzM0M5OUU4NUUiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6RDAzNUEyREQ3OEIxMTFFREJGNDQ4MjUzM0M5OUU4NUUiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTkgKFdpbmRvd3MpIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6YWUxMTVlZjEtNDg5Zi0wYzRiLTlmODgtNzg1ZmVjNDA2OWQxIiBzdFJlZjpkb2N1bWVudElEPSJhZG9iZTpkb2NpZDpwaG90b3Nob3A6NDNkZjZiZTEtNDAxNi04YjQyLWIyZGMtYzFjOTMxZWYzYzhiIi8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+yTUE0QAAC2tJREFUeNrkXAtsHMUZHl8wklMn2AgoBJrCmVcg5dE7mqYBAe1FIggIAc5N8ygPgd3QQh4tsVtoKUkRNglNeYjI1woIlAA+CmlKeMiXFiQSIPFBSxseabgCpSSFKOdg81AemP+Xv6l/j2f29nb3EFJ/6ZNvd2dn5//nf82/s67q7+9X/++0T9gODl420U+zQwnccBzhWMLRfCthP8IotOkl7CRsI2wmvEZ4lfAc4T+VEsC2+c+FF4IHJQgzCGeD8VI0CjiMkDSusUAeJ6wk5L9wmmBhpJlwKeG4CPs9FlhAeIVwN6ED2vOFEUIdYS7hasL+lut7CC9AtV8H3oL670Sb/QA2nSMJ4wmTCBOMcbJwlxB+SriNcCuhJ8zgq8I4RvIHVfTnYgzqAOMyM/cHwiOEZwh9AR9TSzidcAHhQghK0nbCNYQVhP4gPiGwEEgAPFv3YLYk8SwvJTxA+DBicxsJP7MATlbSOkzIG+UKIRZQAGk4KCmAfxNmQ11/VwEBMH2EvtlUZhHeFtd4LC8S0uV2GitX/Qk8y52E0Ti9m3AzmP894dPPIbTzM+4nHI9n78b50Rgbj7Eqcp9AzO8LrzxDnP4XYTphg48uDiKcSfgmPP0RhAMJX8J11pz30SeHxOcJfyG856PvUwgPoU9NKxGldkXiEyCAPxLOEqf/RPh+Cc98AExkBvKGqjJnvB9mxwzdByfoFaHuJZwrzj1JmOolCF8+ARHgLkMAGcI06sAlgDGEWwhvEn6N5OcTwlrCL+Dlx0M7aoCDcO5CtFmLe5Log0Pq7ejbRjyWaRibprMw9qqwecJNhJnieAkxv9DRtpowD0zU4txamNGjcGwu+gTmsAlhdTGiwTSo9XcIPyJcgmvLhC/QtBfJ2geEn+DcTKTdLYEcI2nBRcbNyz0EcBQSopshgMcwiyk4sY8CRoP70UcSfXLf7YSNHlkp5w3LxfFCr6gR8xBAHOFIEw/gKkdztrtuwskwgXNgm1Hm+Xn0eQ6ecSKEfr6j/VUYs6bfEuK+hQA/sEJkZ/zQ2aQFey3Nm5AZjobKsyDWVDA8rsEzHoFWPIwIpSymMRvRRqflK2z+waUJnHmdKvKARpsTJGHNwUJmBGERUtseVXnqgQPl551BeNCj3XeF7zgVPsVbCMRYHexa0zISwEZLu/PgrRWc4fUBGYpDm4IQa96zJdpshBPV1I5w6qkJc5HE6FR4sUUA4+CwWANuxEquXMbb4EfegDbVV1BzFosU+0DwaBcCMVeL5bCma0kL+ow21Vgc1SJFvS7AoNKIOglxrts4jpL6jHFeLSpawzThB6IeUACzJs2DZ+bk5YoIBxqHIDpcXjwkPQCeFHhsHiYERATJVDtpwR5DC8YgEWL6IV3/IATDLmqCiXRCW1IRCWEP/IGmZh0ppCZMQAFUL2ZsWvAzmMFqEoAtDNZj0C0llrSmEDIOk2G/0YU1hEZLSG3QS3yuh0w0hdAovS4x2WtoAS+GLsPhIssDmPkdGHRbiRlMGElQM55f9MFIMYQQehFRhvAshTBF/LbF3VlY6HSRgGyZYMHjuN7QAnmchQm0+IwQxZBm8aCxwBoQAs3yoWqwLL4bNUGbEBSyLuVDCFqlO6EhCXFOUhucoakdrYRcmf7EDz0jkqdjiPevaE2Qb1A2WMIiL3O/TviYsKpEfi+Z6xRMpx1CkDOcwUIpCSc22fAXuQjWI31GEWiiXkqfJE6ut9z4bXjS9SSgDx2zky4xS9ppmrlADiaRcfiOguF3GiOIFOtFffQErQnyDdHfLDdNwN+nPUJam8WmC1DrBjg/07MnMdtZXOtGH2n87rbMfDoCIUgex2lNONyoG5qkhbTJci3neFAODMrBp4wcXq8bmox2caExcfSVEkLPhBSC1K6vak04RJy0vfzkmLpVDdT2bR3m8TfrcGApOD9TgzotiyeTyZTRbyKC9HqbrINqIYwqEYLmkC8YQ3BVfhuh8hlDCC0wlS7MZtERNouWHCIvNMO8169JfMsifIXym6baYUKwpcJ0LudTvUz7bREakYegWo02rcjlsx7akLZcL0UxaG6TI2nSNCqmoiVTi7IGI0X4gqxFI/IGk1nRnymU+jJqELv8SGuIZCgnGB2hUExb7oAfyBkMdyO6SCbl7OssM2/4Ci+qs8y6sph/b8zSsK6C2tFksfF6h6NLWTQpa4kiLjrYw8fJie7TQtgqTh4WgmGTmS7HeiBlqHcBzjVpMFkQ/qbJEEIpB6lXxP/0EBDTdi2EN8XJI0IIwc/avxUCMMNpXkAymfEQnpdfGI+/r5dYf7ylhfCaOHlCCCHkLOpn5vsJI78w1xoJi4OUQshZ0nUbne6IWAqVMU2vaiG8bMTWoJQXuX0BGeNko6KThoPstoTBtGXG4tCeyeg760P7RmJtwEWYPzvyB00vxyyLpgkouIbRhiRygpyIEqaDjDtqEM0Wk2hHX2n4mVJL62moffCmjXeNa7wV4Bvi+PkYkqF3hElUC1UKoxF+HFjCslTOWOy+3liJlirNXYy/Kx1mUo3fm4n3t2Wy9IT4PT2i8JjCzHVaokSrJXHSDOccQsyIjLPoMI8ETIdrH/daxjTd5FkK4WGpTiFNQofHLo+IERezXzAYbvGw+3aYTINFAEy6Gn6PGr6pg5OkC8xkTgqB9xhuEXYzI+IUuuiYdWVR/1Zxf9FwrLq9LQni3bPnoXp0o+X699Tg9qAt2hfGxCKp31hxLSRtCLPZUzKiI0WzYzVoptc6IuiCjJ+SGs/yHfi92FISYF7k3ooORI9hb6A6xCAbILkwhQtt80kwUnSsBnUtQhdYC5jtduW/upxBovdXNfQFrPQFDUK7/jfhwzZu0ezz2+Vf4pBfYh5vKbyy8HgLzZVqYOP1z8tMrbuNElsephG0nL4IY+hFf5uN67Woio3F8Q2aR9fGLX7D/D5+j7UxSDd+ijacefGLzrllhs8CHKLMCYIKYC7GyJsyZlkEoDBGLQAe9222pbRksMfwzvNp5k+xtFutBrfv/AbS9UsNang5PQjdgGcrjGW1pQ1rxgKj0LPDUwgivDwrkqeHsHnDFMRyzOZehKZsBZbirlpBJ56pd6wt92ink6N14E2VFAIiBWddO8XK8j4SxAiHQ7oIdTv++xJCVaXobDwjjVCYdmjUCCRLelW8Ezz1+xICBMF2K1/V866x2x3NV0HteHCHq4HNVatCrkhN+hr6XINn8LsDfh/yqKM9j1Xubr1COXbAe9YYSRCs3kvEqTmkDW2O5ly84H3L1yJlnYpw9RTS25oAjNfg3qfA9FT0fR0WQa847uPQOkccL3Vkl/YQOawEM7B5g/cVzzRM4Ere0uf4EIxf8P4YeYDO0D6GTT6NwXOx4z01+DEIh7EvoyLEmzTPwJJ3JK7zxs67UXd4xzFcNoE7jWIL762arRwfhHyeG7xZgPxCN8gG7xfBSMU2eEex1b/RSH5cxLN8Jux4nBrc6q8Xan1qcKs/fwrIu1V5q/9/ffSdRBSo3FZ/wzSWQNU17UKa+isV/DunoFQL/zCfsK84zzvsr1E+vokK/A0UPv/hfc+ydM0pNn+hxjtBKv31SwxrgZtEJqgQpi/3coI2IQR6A4WokVBDX9COhe3+AwOpqQDzNej773iWFMA6+J1sEImqgILg9fhpamAzl3RYbO+8o3wrtGWKsPugKj8FfW1F33KL/3aM4TRV5pdwvkOkD9PQnnke8nfbx6G8R2gDihj6O+h3EVl6RT2gDg40jkRrEvKBakufO1A/WKZCbCqP8lvpHixNb0Eef5ka+t1iNRiaFMGzOHLcpSL8TDjqt9K9yM6OQ9i6VZTswtAW9JVE30ujEoAuOVWK9Cu1eWrwXwfwd4zHqMF/HVCPjHA3wmsR2IyMcpOq8L8OYPpMgAEA3PlX6qvO67AAAAAASUVORK5CYII=
  • https://www.z25r.xyz/config/initGeetest4.js
  • /kc523-1/logo/logoWhite.png?1766990906506
  • data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEEAAABBCAYAAACO98lFAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAA4RpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQ1IDc5LjE2MzQ5OSwgMjAxOC8wOC8xMy0xNjo0MDoyMiAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOk9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDo3OGVlNTliYS1kMzJkLWYxNDMtOTFmMi1lOTM2NmNiZTMyMDYiIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6QzU0QzMxRUI3OEIxMTFFREIxMjk4QzAxNzczNjc5MTUiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6QzU0QzMxRUE3OEIxMTFFREIxMjk4QzAxNzczNjc5MTUiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIDIwMTkgKFdpbmRvd3MpIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6YWUxMTVlZjEtNDg5Zi0wYzRiLTlmODgtNzg1ZmVjNDA2OWQxIiBzdFJlZjpkb2N1bWVudElEPSJhZG9iZTpkb2NpZDpwaG90b3Nob3A6NDNkZjZiZTEtNDAxNi04YjQyLWIyZGMtYzFjOTMxZWYzYzhiIi8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+aVtJOwAAC1pJREFUeNrkXA+QlVUVv7tAM9iK+3bCyBrTXcwo02DXNqQGrd0ZyxI1F5FAzfIRWAFavM2oSdRcxDLNanjTqEhg8SyIonJ8ldVERjxLZ/APwTOV1MTxLe4WE6Cvc2Z/t/1xuN/b9/Z9b8HpzPxmv/d93/ved3733HPOPfferSsWi+7/XUZX+4Dn6+rKue3NgqmCSYK3C94mmCA4RnA07ukT7NFHCrYLHhc8Jvij4B+1ImCCGEFdtZZQgoRWwWzBh6F4NaKE/FywVpA70knQVp0n+ITgHTVqvEcFdwpWwnqOGBIaBQsFnxM0BW47IPgTTPsJ4CmY/x7ccwygXWei4BTBNEF7RLd9SXCb4FZB72EjQQhQBi4VrBC8wVxW5X4k+LHgt4L+Yf5Mg2C64ALBx0AUy4uCLwhWCYojSoIQoK11F1qLRVv5ZsE9gn/F3BWOgp+5Ck6W5Q9okJ0jQoIQ0CV/vicYR6efEVwD5/VqjaNaveBiwdcEx9P5lwWfEmQqIaG+UvMXaCuvIwL2C26CI/z+CBDg8BtrBO/Eb+/H+XF4N33HunIfVrYliPKvg1eeTaefFMwSbCnjEccKzhK8FyHzRMF4wetxXbvObjxTQ+KDgt8IXijj2acLfohnelmLKLUvlu4AAn4iOJtO/1RwyRCeWZ3lXBDXWknrQIrIC1Sh1XCCUaIR6m7BR+ncLwUzShFRFgmIAPoCH6fTacECecArEcnScYKrkTP4lt4r2IxIsQ0O9AWK9UfDWk6GmWtEOEMwFtf/LbhDcKPg2YjXHSX4jiBJ59agIYrVkNAjf1J0aoV8cUlEsjRGsEjwFYQ2lV+hG62HIpVGg/Nh1h/EOQ211wluIV9gRUP25+nzTUaH8kkQBS80nva78qUFERnjSeiXk/H5Z4KvxpjmtuJ5H8Hnh9HNHo24Xy1iPn2eGYoaJUkQ5Zrlz0OUnKhS52kXCJAwA/1RvfPfBZ8RbKpRZDhHcLvgBFiFmvqGiK6xgUjT5G2KIF9WiIQfWEUEqGJzLQGQJDLDcTD5yTUkwOHZk5GJape7FxHKyisg6ElKy1eFnHNUnqCZ1/soD5gpBPQGyJqPgYyyvgypbW+MCqs1dgXO9yKF1t87U/CDiO/rfReR71CdLhsyTxDFGjGeH++dihCQChBwLlpjFJzhrTEq30VQabFmXKEsF3hnvhv1jN5S3WEhEfAMPLElYBJCjxJwQ0wEaKv3YHS4jgjI41o1ojo8jePx0DFsCaJcA4a4fjh8iTC12hCgYfDPgtPwshdVqGgKEUNzjQSUTcL7O5OLZCsZBwwhc+G8/TBcHWufWoIdp3+aCMhjJGhlEQhQsq6oILwlTRLTASToXA5KKwEFc61auQchthk6zsMYY7A7ICKwUsuFpQPGCo5DIqRypVx/ucwX6DEE+H6fgLKqdBuQwb078b245AB8g5d5PlKwT2iHw/CDmZAVXIOwtFEI2FSBkwtJFi/iW0Wt5X5SvjkGXxCyBl/jmIji70HdYSYdrxcl+4wV6GDocnxcVkbfT4IAViSPVs/guBUhtotMv0BdwjvFfEwk9CGXmUM6b2ZL+BAdh+LuHAxm7heCQqlwAor71kwRARn8YAuUU1+wFUjiu2wZaeoSqZitgXU7+3/RQVpZi5u7KDlqEkX7jSVsRcvNkWtr6Hwrtbp1ZN3k5DooEoQso0DO03aDJlyPQxoQHcbg8/HeEqbSTVsCBByLvHsv5+lyPmlaM8o6dsJCkgHLyFN+0BPhB7pitIR+UwSa6kl4N53cHPjiB+BJNwtBXDzNGCfXbb6XIsXyuN6Ev60ghxMjtYpOPMuOT+IU1vFU7xh5hujhwJfa8fcBMwIriDWwqSageJST64LSHSY3SBOhyUDLFyicxiGs4yRPwgmmbmjFk7QtcK1gjjNo+QwdJwMRwCuew7WeEv4iT11ueQwkcLR5qyfhTXQyNPmpMfU5N1DbH0rmmUjRarpPFso1k2U0R6TLnGlyYlWtRTzPddDRVN8LtayX+WL62TJ/IAEnZ6MEt+g6Y/K+1dPkCLcGxhN+rJEu813OQFnA+hjOdBt8iCxSP6+oIhxRaLVKdpN1hPxFjkJoNxym7Top8iFtZbxaPQorLlBI0er5f3C8b7SrjWQNCT3mmvcXiUCXyNH4wXevLHWf1gqzyH3lsOWo7K0tOy4GEmy/zcOhtSAEFpAu7wzkBtbce3BfocKQ2Wh1I+Hu31cfuLExJmtIm6Qoh5ZfGSiadFOO0QGFczQOSRjLKoeECSV8HDd0vyfhOTr5lphI8Io1U1KUgmnzPW0UOQqkZCbgFK2DLCV+RPy3EgSpvFhP1WQvJ8ZAQDIwLPamnjX9uQfoIsW7DAmZiFRaf6cI2EhyCv4+ETHK9fKUJ+FxTiNjICFFWSGbticoPcRxM5TKUcunI4oyXKlimU6O1sppdPyYJ+ERE1vj8Adcp+g0JGRMf8+b6OCVLNB93XCu6Yiow6LTd9NgIb+OyB+8PFIfGFC0o+BajbD5+ijgjOKZQDSwXYJJKBARboj0/XzUPnQGzU7e6gTxe+jzg/VIkHZRlxhDplRNbp41/S9rrCFLx3mjuK85JiKenTYDsJnm3KX4uzbw/elUS9guuj/NlaVf0PGsGLpExkSBTqNsxow+PWErQczKCAJ9AtVmirNc2e5E7ePuwHvNsjozCfeyOcXQJThhSpmskMcAVsEcKdNcItbnIpyer4bf5Q5d1KFJ0gW2oZgEXWO4g/rN7BitITSn2EUWkjDjghajeLnT+7p69lxUj24IXL/YDS4a2eF9YT0NnIowQS9LxBpGx+Ab2DKaqOU7qKyeMqTlQU4dUE4NQVv5dhxfFygJqC5LjMMuWkvwF3wLtIC5aiRnCCkExgBcicoMo/WZZE30/uoGVrGEfEELda+VdgDlrUHHEDy5en3IN8i5esEnBTkXmLAtIXaI3ewGy+ydbvjzC8ugpL4/T8VzhZm7x208XgrNSisJu305WvDlQxLvYvFV3KOZ11JnZnmHqDoVqKWXU8tkh0nAQryj1g50bmR74J6lbnDR526Q4CJJwGIMnvBYLC1+euC+jfLns/j4TcG1ZbxwAUT4EFfteqZr8dsO77IxcI/+zlUmpT+o8hVcs4TJ2d+5wdUqWnydErFaRfu1LpIahTCrk7q9FAr9ZEraxbeIqxHP64IFLIgouTUia/SDQq2Rvt/Rcr44F26d5wbWA/mFW1e6gU0atRANg992gwu3dEHp+sB9o3DeL+7c4wbnOtiio9c2y8W8O3iqXleBfSvi9g0wu7/g5Tbh3KkxKv8uPHMTfkPnDtojCHB4V17deoWLWAFfcoG3EKEhawVXnbG4MyRavNB1y19CyjoD4eo+5PZjh6H4WHz3Pig9A89eikFQ1BpGdbi8hvFmV2LFS62W9eoE79XwB7ysV/vkA3h5v6y3n8LYG1ER0hXzZ2LIexSu62rYOzF83hXxurVZ1gsiql3grQROccNb4P0QFDl8C7wNEaGl/mquW8t4hLbyWejHk9zgUn+fjPW7waX+uhVQ90zpUv9/lvHsNiRitVvqb7rGCpi6l31IU693w9/nNFxpgH9Y7AYmVLx83Q3sixpSubi3/+g6wS+6gZUgI7H9R9PkG10M239qsRFMTfkb6Md7Y1Z+LPzLYnfovsuR3QhmusdlbmA/QWhLoGaQuvj79666LYGa5ela5gtdeEvgEjTIyG4JNBmjeuZFyN9Dm0N1VLcFRQy/D/pZRBbe+dIIB9qMRGsa8oExgWe+hPrBLe5wbg4lEriwoYOjy92h+xbjEu1ud7gjcJtwSFqRI+gmjYlVvusOpMur3Wtgw3iU+H8doBu8TnaD/zoggYxwP3yGrzxtR0a5zY3Avw74rwADAFhj5lRHrjHJAAAAAElFTkSuQmCC

๐Ÿ”‘ Telegram Bot Tokens (1)

  • null...null

๐Ÿ“Š Risk Score Breakdown

Total Risk Score
90/100

Contributing Factors

Domain mismatch
The domain z25r.xyz does not belong to bet365.
JavaScript obfuscation
Obfuscation hides potentially malicious code.
Suspicious claims and promotional content
Offers of rewards and claims of urgent issues (bank security) are used to manipulate user behavior.
Recent domain
Domain created recently (less than 60 days)

๐Ÿ”ฌ Comprehensive Threat Analysis

Threat Type
Banking Credential Harvester
Target
bet365 users (International)
Attack Method
Brand impersonation + real-time WebSocket exfiltration + obfuscated JavaScript
Exfiltration Channel
WebSocket (1 endpoints)
Risk Assessment
CRITICAL - Automated credential harvesting with WebSocket (1 endpoints)

โš ๏ธ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
  • 784 obfuscation techniques

๐Ÿข Brand Impersonation Analysis

Impersonated Brand
bet365
Official Website
https://www.bet365.com/
Fake Service
bet365 website

Fraudulent Claims

โš”๏ธ Attack Methodology

Primary Method: Credential Harvesting

The attackers are likely to use the fake website to harvest user credentials. When a user attempts to log in to what they believe is bet365, their username and password will be captured by the attackers.

Secondary Method: Malware distribution

The site could be used as a vector to download or redirect users to malicious software. The obfuscated Javascript and other embedded code may contain functions designed to install malware.

๐ŸŒ Infrastructure Indicators of Compromise

๐Ÿฆ  Malicious Files

Main File
config/initGeetest4.js
File Size

Functions: loadScript(), jsonp()

๐Ÿ“Š Attack Flow Diagram

User fills <input name=username> โ†’ initGeetest4() โ†’ loadScript('https://www.z25r.xyz/config/initGeetest4.js') โ†’ fetch(exfiltration_target)

๐Ÿ”ฌ JavaScript Deep Analysis

Operator Language
English (1%)
Total Code Size
2.3ย MB

๐Ÿ”— API Endpoints Detected

Other
15
Telegram API
2
WebSocket (Real-time)
1

๐Ÿ” Obfuscation Detected

  • : None
  • : Light
  • : Light
  • : Moderate
  • : Heavy
  • : Heavy
  • : Heavy
  • : Heavy
  • : Heavy
  • : Heavy
  • : Moderate
  • : Heavy
  • : Light

๐Ÿค– AI-Extracted Threat Intelligence

๐Ÿ“Š Attack Flow

User fills <input name=username> โ†’ initGeetest4() โ†’ loadScript('https://www.z25r.xyz/config/initGeetest4.js') โ†’ fetch(exfiltration_target)

๐ŸŽฏ Malicious Files Identified

Main Drainer
config/initGeetest4.js
File Size
approximately 45KB
Malicious Functions
  • loadScript()
  • jsonp()

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
bet365
http://b249v.xyz/home
Feb 28, 2026
 Screenshot
bet365
http://x103a.xyz/
Feb 18, 2026
 Screenshot
Unknown
https://87252.xyz/
Jan 16, 2026
 Screenshot
Unknown
https://x93j.xyz/
Jan 14, 2026
 Screenshot
Unknown
https://s99k.xyz/
Jan 14, 2026

Scan History for www.z25r.xyz

Found 1 other scan for this domain

๐Ÿ˜ฐ
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.