EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of qrsu.io

Información de Detección

https://qrsu.io/eoXdO
Detected Brand
DHL
Country
Unknown
Confianza
100%
HTTP Status
200
Report ID
07b38cf8-3d9…
Analyzed
2026-06-26 22:12
Final URL (after redirects)
https://koylu-bot.neocities.org/cvcvv/

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T147F0C071C04B4D1B1F92C3687AC1F11519C0168AE3775B016AD832ED6DCFB64C8C3384
CONTENT ssdeep
12:hRUIa6Qclfh5t3X8Wy7FU6SkrOWNkAyDenSt3HhIhQ:hRGspz8WCbSeNNkAW3

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
dd5da76049b6b488
VISUAL aHash
0000181818ffffff
VISUAL dHash
14323232b2b200a0
VISUAL wHash
0808181818ffffff
VISUAL colorHash
07240010000
VISUAL cropResistant
14323232b2b200a0,1c0c03030610c121,041e1a1c5c5adacd,54159d9a9d9c188c

Análisis de Código

Risk Score 70/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Card Stealer

📊 Desglose de Puntuación de Riesgo

Total Risk Score
80/100

Contributing Factors

Active Phishing Kit
Detected kit types: Card Stealer

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
DHL users
Método de Ataque
Phishing webpage
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Card Stealer

🏢 Análisis de Suplantación de Marca

Impersonated Brand
DHL
Official Website
N/A
Fake Service
Banking/payment service

⚔️ Metodología de Ataque

Primary Method: Payment Card Theft

Victim enters credit/debit card details including CVV and expiration. Card data is captured and can be used for fraudulent transactions or sold on dark web markets.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
qrsu.io
Registered
2024-09-20 03:14:46+00:00
Registrar
GoDaddy.com, LLC
Estado
Active (older domain)

Hosting Information

Provider
GoDaddy
ASN

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
DHL
https://koylu-bot.neocities.org/cvcvv/
Jun 26, 2026
 Screenshot
DHL
https://qrsu.io/8KL1O
Jun 18, 2026
 Screenshot
DHL
https://edward95.neocities.org/iclaaa/
Jun 18, 2026

Scan History for qrsu.io

Found 4 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.