EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

No screenshot available

Información de Detección

https://salmon-deena-43.tiiny.site/?email%[email protected]/
Detected Brand
Unknown
Country
International
Confianza
95%
HTTP Status
200
Report ID
15aa4627-904…
Analyzed
2026-02-11 00:05

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T17A22A7E34414997E018392E9D3B5AA1A32DEC09FD217171003FD87BC1AC7DE1EEAB465
CONTENT ssdeep
192:VLWb+7WR65YHd2pqhMuhMEhuNJGuDMlZJ7tTIiegfohPVL:VLWb+7WGYHd2pqquqE+elZ6t

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
f838070fb88be8f8
VISUAL aHash
0908d8d8d8f87cfc
VISUAL dHash
59b032b2b2b2e8e8
VISUAL wHash
0908d8d8d8f8fcfc
VISUAL colorHash
32047000000
VISUAL cropResistant
8687ab97fc6ebeb3,59b032b2b2b2e8e8

Análisis de Código

Risk Score 53/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Distribución de malware
• Objetivo: Usuarios desprevenidos
• Método: Descarga de Drive-by o ingeniería social
• Exfil: Potencialmente el sistema comprometido
• Indicadores: Enlaces de descarga, contenido genérico
• Riesgo: Alto

🔒 Obfuscation Detected

  • fromCharCode

🎯 Kit Endpoints

  • #logo-path

📡 API Calls Detected

  • POST

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

File Download Attempt
The page provides direct download links, which is a common method for malware distribution.
Domain Age
Relatively old domain, but used for malicious purposes

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Credential Harvesting Kit
Objetivo
General public
Método de Ataque
credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 4 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Unknown
Fake Service
File download platform

⚔️ Metodología de Ataque

Primary Method: Malware distribution

The site hosts files (PDF, ZIP, MP4) and encourages downloads, likely containing malware or designed to execute malicious code on the user's system.

Secondary Method: Social Engineering

The site presents a generic message to create a sense of urgency or trust and get users to download files.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
salmon-deena-43.tiiny.site
Registered
None
Registrar
None
Estado
Active

🔬 JavaScript Deep Analysis

Sophistication Level
Basic
Total Code Size
1,3 KB

🔐 Obfuscation Detected

  • : None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Desconocido
https://cdn.gosafemode.com/screenshots/47f901a9228d.png
May 26, 2026
 Screenshot
WeTransfer
https://wetransfers.tiiny.site/
Feb 13, 2026
No screenshot
Desconocido
https://salmon-deena-43.tiiny.site/
Feb 12, 2026
 Screenshot
WeTransfer
https://lwtrsf.pages.dev/[email protected]
Ene 23, 2026

Scan History for salmon-deena-43.tiiny.site

Found 2 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.