SafeMode - Analysis: www.facebooksocialpage.blogspot.com

Visual Capture

Screenshot of www.facebooksocialpage.blogspot.com

Detection Info

https://www.facebooksocialpage.blogspot.com/

Detected Brand

Facebook

Country

International

Confidence

100%

HTTP Status

200

Report ID

6668906e-f54…

Analyzed

2026-02-23 07:48

Final URL (after redirects)

https://facebooksocialpage.blogspot.com/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T160D1F0B19008A93757A3C3EDF7B1A30BBB82C585C987164A91F6D35D2FD3EA0CC16252
CONTENT ssdeep	96:GgKHUnoGyPs44mGjZzmMK4yYeywq0w2mzClPhUbTuGWVBrGobuicaRO:GgenFbOFPpcTBrls

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	fe7e5ca161616984
VISUAL aHash	809c8080ffffffff
VISUAL dHash	1b38340320202024
VISUAL wHash	80808080c3c3cfc7
VISUAL colorHash	070020001c0
VISUAL cropResistant	1b38340320202024

Code Analysis

Risk Score 79/100

Threat Level MEDIO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Impersonation
• Target: Facebook users
• Method: Mimicking Facebook, likely to harvest credentials or distribute malware.
• Exfil:  https://facebooksocialpage.blogspot.com/search
• Indicators: Blogspot domain, generic content, lack of official branding.
• Risk: Moderate

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

eval
hex_escape
unicode_escape

🎯 Kit Endpoints

https://www.blogger.com/feeds/2496958663993205794/posts/default
https://facebooksocialpage.blogspot.com/
/responsive/sprite_v1_6.css.svg#ic_post_blogger_black_24dp
https://facebooksocialpage.blogspot.com/feeds/posts/default?alt=rss
https://www.blogger.com/profile/13442599696140667697
https://www.blogger.com
https://facebooksocialpage.blogspot.com/feeds/posts/default
https://facebooksocialpage.blogspot.com/search
https://www.blogger.com/go/report-abuse

📡 API Calls Detected

GET
post

📤 Form Action Targets

https://facebooksocialpage.blogspot.com/search

📊 Risk Score Breakdown

Total Risk Score

65/100

Contributing Factors

Domain Suspicious

Blogspot domain is often associated with malicious or low quality content.

Content Incomplete

Generic message suggests low effort. Likely a work in progress, or phishing attempt

Impersonation

Attempts to mimic Facebook

🔬 Comprehensive Threat Analysis

Threat Type

Two-Factor Authentication Stealer

Target

Facebook users (International)

Attack Method

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Exfiltration Channel

HTTP POST to backend

Risk Assessment

HIGH - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Personal Info
12 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand

Facebook

Official Website

https://www.facebook.com

Fake Service

Facebook

⚔️ Attack Methodology

Primary Method: Impersonation

The site attempts to mimic Facebook to deceive users. Its main purpose is to steal information. The low effort suggests it's a preparation for a phishing campaign