EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of eugeniewun72-englichs302.pages.dev

Información de Detección

https://eugeniewun72-englichs302.pages.dev/help/contact/743498979642437/
Detected Brand
Facebook
Country
International
Confianza
100%
HTTP Status
200
Report ID
17ac6120-2a2…
Analyzed
2026-03-17 23:44

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1BC4186365010563756230DD5A0E2F706A6C3E24ECE9724143EFC97A947EED8ACC5B3A0
CONTENT ssdeep
48:TxCCG94X8idMC6BeWR2pe2K3zz5mUVLu9l1n:TzG9Q1B6JRHZmUNm5

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
c4444461f1f3f376
VISUAL aHash
000000ffffffffff
VISUAL dHash
94e0ac1016060000
VISUAL wHash
000000c3c3ffffff
VISUAL colorHash
07007000000
VISUAL cropResistant
2c0c120600000000,949494e6f0e4a4a5

Análisis de Código

Risk Score 96/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Facebook
• Método: Suplantación de identidad a través de hosting gratuito.
• Exfil: Datos del formulario probablemente robados.
• Indicadores: Hosting gratuito, formulario, marca Facebook.
• Riesgo: Alto

🔒 Obfuscation Detected

  • fromCharCode
  • unescape

📡 API Calls Detected

  • https://api.ipify.org?format=json

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Free Hosting
The site uses free hosting, which is often used for phishing.
Impersonation
The site uses Facebook branding and content.
Form Detection
Forms on phishing sites are often used to collect credentials

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
Facebook users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 11 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Facebook
Official Website
https://www.facebook.com/
Fake Service
Facebook Help Center

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The attacker creates a fake login page that mirrors the legitimate Facebook login and uses the form to steal credentials.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
eugeniewun72-englichs302.pages.dev
Registered
None
Registrar
None
Estado
None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Facebook
http://eugeniewun72-englichs302.pages.dev/help/contact/60690...
Jun 02, 2026
 Screenshot
Facebook
https://sp-bayerjohnathan132.pages.dev/help/contact/21322127...
May 28, 2026
 Screenshot
Facebook
https://sp-bayerjohnathan132.pages.dev/help/contact/46660217...
May 28, 2026
 Screenshot
Desconocido
https://cdn.gosafemode.com/screenshots/d95cf777746f.png
May 27, 2026
 Screenshot
Facebook
https://svt-aletaharropact6825.pages.dev/help/contact/357727...
May 22, 2026

Scan History for eugeniewun72-englichs302.pages.dev

Found 10 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.