EN ES PT
Back to Stats

Visual Capture

Screenshot of atom-moustiques.com

Detection Info

https://atom-moustiques.com/ch/ui/app/auth/flow/mycss-login/ext/nachricht.html?cmd=_informations&sess
Detected Brand
CSS
Country
Switzerland
Confidence
100%
HTTP Status
200
Report ID
6c9e6cd5-908…
Analyzed
2026-01-05 01:06

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1BCA41ADD72D9B0A91B977234D03F610AF27A2D81784CC410DA66E9C53C7984ED273FAA
CONTENT ssdeep
6144:lh+NNstexlJWqdAVAp3YIeKwstexlJWqdAVAp3YIeKO:KNst5IeNst5Ie1

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
f73719080a227777
VISUAL aHash
00ffe6ffffffffff
VISUAL dHash
fb100c0c00000001
VISUAL wHash
00c2c6e7ffff0c00
VISUAL colorHash
070000001c0
VISUAL cropResistant
130c4c000c000201,3f3febebef69ffff

Code Analysis

Risk Score 95/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Phishing targeting health insurance users.
• Target: CSS insurance customers.
• Method: The phishing site claims a refund is available to lure users to click a button, likely leading to a credential harvesting or malware installation.
• Exfil: Unknown, but likely data exfiltration via obfuscated JavaScript (eval, fromCharCode, unescape).
• Indicators: Domain does not match official CSS site, obfuscated code.
• Risk: HIGH - Potential credential theft or malware infection.

🔒 Obfuscation Detected

  • eval
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

📡 API Calls Detected

  • get
  • GET
  • POST
😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.