Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Información de Detección
https://telstra243.blogspot.com
Detected Brand
Telstra
Country
International
Confianza
100%
HTTP Status
200
Report ID
03312e26-cae…
Analyzed
2026-03-02 07:28
Final URL (after redirects)
https://telstra243.blogspot.com/
Hashes de Contenido (Similitud HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10ED11E719608AD3753A3C3EDB7B1A34BB782C284C987064A91F6D34E1FD3DA0DC12256 |
|
CONTENT
ssdeep
|
96:fTS3/K9MHaZnoGyPFmGjZz//6/HBJSywkLNmzClPiUbTuGWKrGo+1u8cEl8P:fT6aCFMO8fSYLqTsrks |
Hashes Visuales (Similitud de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
fe7e5ca161616984 |
|
VISUAL
aHash
|
809c8080ffffffff |
|
VISUAL
dHash
|
0b30340320202024 |
|
VISUAL
wHash
|
80808080fcfcfcf4 |
|
VISUAL
colorHash
|
070020001c0 |
|
VISUAL
cropResistant
|
0b30340320202024 |
Análisis de Código
Risk Score
74/100
Nivel de Amenaza
MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 Personal Info
🔬 Threat Analysis Report
• Amenaza: Suplantación
• Objetivo: Clientes de Telstra
• Método: Blogspot utilizado para un sitio falso de Telstra.
• Exfil: https://telstra243.blogspot.com/search (acción de formulario)
• Indicadores: Contenido no relacionado y 'Aucun article disponible.' en francés.
• Riesgo: Moderado
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- eval
- hex_escape
- unicode_escape
🎯 Kit Endpoints
- https://www.blogger.com/go/report-abuse
- https://telstra243.blogspot.com/
- https://telstra243.blogspot.com/search
- /responsive/sprite_v1_6.css.svg#ic_post_blogger_black_24dp
- https://www.blogger.com/profile/11626381249462659137
- https://www.blogger.com
- https://telstra243.blogspot.com/feeds/posts/default?alt=rss
- https://telstra243.blogspot.com/feeds/posts/default
- https://www.blogger.com/feeds/6151371539448250752/posts/default
📡 API Calls Detected
- GET
- post
📤 Form Action Targets
- https://telstra243.blogspot.com/search
📊 Desglose de Puntuación de Riesgo
Total Risk Score
75/100
Contributing Factors
Domain mismatch
Uses Blogspot, highly indicative of malicious intent or unauthorized use.
Brand impersonation
Attempts to mimic Telstra without the necessary authorization.
🔬 Análisis Integral de Amenazas
Tipo de Amenaza
Credential Harvesting Kit
Objetivo
Telstra users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
HTTP POST to backend
Evaluación de Riesgo
HIGH - Automated credential harvesting with HTTP POST to backend
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, Personal Info
- 11 obfuscation techniques
🏢 Análisis de Suplantación de Marca
Impersonated Brand
Telstra
Fake Service
Telstra services
⚔️ Metodología de Ataque
Primary Method: Credential Harvesting
The site likely aims to trick visitors into entering their Telstra login credentials through a fake login form or social engineering.
🌐 Indicadores de Compromiso de Infraestructura
Domain Information
Dominio
telstra243.blogspot.com
Registered
None
Registrar
None
Estado
Inactive/Unregistered
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Desconocido
https://cdn.gosafemode.com/screenshots/f420b2c6f164.png
May 21, 2026
Desconocido
https://cdn.gosafemode.com/screenshots/19a2f32d6f66.png
Abr 17, 2026
Instagram
https://www.instagramusicabrasilinstagram.blogspot.com/
Mar 01, 2026
Instagram
https://instagramusicabrasilinstagram.blogspot.com/
Mar 01, 2026
Facebook
https://facebooksocialpage.blogspot.com/
Feb 23, 2026
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.