EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of guinnipraffaela36904-dinimos352470-manine30624.pages.dev

Información de Detección

https://guinnipraffaela36904-dinimos352470-manine30624.pages.dev/help/contact/199136945936610/
Detected Brand
Facebook
Country
International
Confianza
100%
HTTP Status
200
Report ID
15d25eec-0c2…
Analyzed
2026-03-01 18:29

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1A741A6325020463755234DE5B0E2F716A2C3A38ECF8724043AFC53A407EDD49CC5B364
CONTENT ssdeep
48:TxCCG94X8idMC6BeWR2pe25n6SB8Znu9l1n:TzG9Q1B6JR+B8Bm5

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
c4444461f1f3f376
VISUAL aHash
000000ffffffffff
VISUAL dHash
94e0ac1016060000
VISUAL wHash
000000c3c3ffffff
VISUAL colorHash
07007000000
VISUAL cropResistant
2c0c120600000000,949494e6f0e4a4a5

Análisis de Código

Risk Score 96/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Facebook
• Método: Impersonación mediante alojamiento gratuito y un formulario
• Exfil: Probablemente roba credenciales
• Indicadores: Alojamiento gratuito, logotipo de la marca, formulario.
• Riesgo: Alto

🔒 Obfuscation Detected

  • fromCharCode
  • unescape

📡 API Calls Detected

  • https://api.ipify.org?format=json

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Free Hosting
The site is hosted on a free hosting platform (pages.dev), a common tactic for phishing.
Impersonation
The site attempts to impersonate the Facebook Business Help Center.
Form Submission
Presence of a form suggests intent to collect user data.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
Facebook users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 11 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Facebook
Official Website
https://www.facebook.com/
Fake Service
Facebook Business Help Center

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The attacker likely intends to collect user credentials by having users enter them into a form that's designed to look like a Facebook support request.

Secondary Method: Social Engineering

The attacker uses social engineering techniques by attempting to trick users into providing their information by posing as Facebook support.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
guinnipraffaela36904-dinimos352470-manine30624.pages.dev
Registered
Unknown
Registrar
Google Domains
Estado
Active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Facebook
https://guinnipraffaela36904-dinimos352470-manine30624.pages...
Jun 14, 2026
 Screenshot
Facebook
https://guinnipraffaela36904-dinimos352470-manine30624.pages...
Jun 14, 2026
 Screenshot
Facebook
https://eugeniewun72-englichs302.pages.dev/help/contact/5962...
Jun 12, 2026
 Screenshot
Facebook
https://sp-bayerjohnathan132.pages.dev/help/contact/40981538...
Jun 06, 2026
 Screenshot
Facebook
https://sp-bayerjohnathan132.pages.dev/help/contact/61312275...
Jun 06, 2026

Scan History for guinnipraffaela36904-dinimos352470-manine30624.pages.dev

Found 7 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.