EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of 135.148.117.34

Detection Info

http://135.148.117.34/required.html
Detected Brand
Meta
Country
International
Confidence
100%
HTTP Status
N/A
Report ID
7909c611-8d3…
Analyzed
2026-01-14 21:25

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1F27384B1521DA6BE41C7C2E897770B5A33A9C6D4E723012466FC93B80FEBC96DE27150
CONTENT ssdeep
1536:uyRkLFAYNbXIoY8MxXNQpfmpqC6XE2Qjxmp1o7x:uYE6MrIo3MxXNQpfml6XEVjxmHo7x

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
e6989866d992c5c7
VISUAL aHash
c7cfffe3e3e1e3ff
VISUAL dHash
3e3e2c0b4e4f4f12
VISUAL wHash
838383e3e1e1e3e3
VISUAL colorHash
07601000040
VISUAL cropResistant
3e3e2c0b4e4f4f12,801024e46430c000,08223c386031652c,cd4d4dac2f6fad3c

Code Analysis

Risk Score 100/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Meta/Facebook Verification Phishing
• Target: Users of Facebook seeking Meta verification.
• Method: Fake page claiming the user's page meets requirements for verification, likely leading to a credential harvesting or account takeover attempt.
• Exfil: Form actions point to potential data exfiltration, including potentially via translate.googleapis.com. Obfuscation hints at hidden exfiltration.
• Indicators: Non-branded IP address domain, obfuscated JavaScript, JavaScript form submission detected.
• Risk: HIGH - potential for account takeover and credential theft

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • atob
  • eval
  • fromCharCode
  • unescape
  • document.write
  • hex_escape
  • unicode_escape
  • js_packer
  • base64_strings

📡 API Calls Detected

  • https://ipapi.co/json/
  • https://ipinfo.io/json?token=5e1c5a5c5ac3ed
  • send.php
  • ../../save_and_send.php

📤 Form Action Targets

  • //translate.googleapis.com/translate_voting?client=te
  • https://transparency.meta.com/vi-vn/policies/community-standards

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Meta/Facebook
http://185.199.224.13/required.html
Feb 13, 2026
 Screenshot
Meta
http://135.148.61.188/required.html
Dec 27, 2025

Scan History for 135.148.117.34

Found 3 other scans for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.