Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
No screenshot available
Información de Detección
https://pedagiodigitalonlinebr.com/
Detected Brand
Pedágio Digital
Country
International
Confianza
100%
HTTP Status
200
Report ID
1b606b44-60e…
Analyzed
2026-02-19 16:03
Hashes de Contenido (Similitud HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A3429670A2159C6FA19382D4F671DB1A2295C381D3060B64D7F910B7BACEDA4CC7A2ED |
|
CONTENT
ssdeep
|
192:5yqoQpuXeYUx9oKESP9HCbSCHnkYkFZQ+U+GPbcPcFPW9Ax7TmyA:0UP5CeCHnkYkjQ+UfPgUFhxfc |
Hashes Visuales (Similitud de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92366d39925ab279 |
|
VISUAL
aHash
|
00000e3e2e0c00ff |
|
VISUAL
dHash
|
bce5ececccfcd3dc |
|
VISUAL
wHash
|
40143e7e7e0e08ff |
|
VISUAL
colorHash
|
39600006000 |
|
VISUAL
cropResistant
|
3323dc323731618c,bce5ececccfcd3dc |
Análisis de Código
Risk Score
96/100
Nivel de Amenaza
BAJO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Amenaza: Sitio web legítimo
• Objetivo: Usuarios de Pedágio Digital
• Método: N/A
• Exfil: N/A
• Indicadores: Marca legítima
• Riesgo: Bajo
🔒 Obfuscation Detected
- fromCharCode
- unicode_escape
🎯 Kit Endpoints
- https://pedagiodigitalonlinebr.com/api.js
📡 API Calls Detected
- https://www.cloudflare.com/cdn-cgi/trace
- https://ipinfo.io/json
- https://ip-api.com/json/
- https://ipapi.co/json/
- POST
- https://ipwhois.app/json/
📊 Desglose de Puntuación de Riesgo
Total Risk Score
5/100
Contributing Factors
Domain Age
Domain is recent which can be a risk, but not a primary indicator here
🔬 Análisis Integral de Amenazas
Tipo de Amenaza
Banking Credential Harvester
Objetivo
Pedágio Digital users (International)
Método de Ataque
obfuscated JavaScript
Canal de Exfiltración
Unknown
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with Unknown
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
- 18 obfuscation techniques
🏢 Análisis de Suplantación de Marca
Impersonated Brand
Pedágio Digital
⚔️ Metodología de Ataque
Primary Method: N/A - Legitimate Website
This is a legitimate website.
🌐 Indicadores de Compromiso de Infraestructura
🦠 Malicious Files
Main File
api.js
File Size
📊 Diagrama de Flujo de Ataque
User fills <input name=email> → registerVisit() → postToApi('https://pedagiodigitalonlinebr.com/api.js') → exfiltration of user data
🔬 JavaScript Deep Analysis
Operator Language
Portuguese (1%)
Total Code Size
404,3 KB
🔗 API Endpoints Detected
Other
9
🔐 Obfuscation Detected
- : Moderate
- : None
🤖 AI-Extracted Threat Intelligence
📊 Attack Flow
User fills <input name=email> → registerVisit() → postToApi('https://pedagiodigitalonlinebr.com/api.js') → exfiltration of user data
🎯 Malicious Files Identified
Main Drainer
api.jsFile Size
estimated 45KB
Malicious Functions
postToApiregisterVisitcreatePayment
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Desconocido
https://cdn.gosafemode.com/screenshots/1b5dca3658f8.png
May 27, 2026
Desconocido
https://cdn.gosafemode.com/screenshots/8429201dbeb4.png
May 02, 2026
Desconocido
https://cdn.gosafemode.com/screenshots/b0170e8c0cc0.png
May 02, 2026
Desconocido
https://cdn.gosafemode.com/screenshots/80dd53aa5b19.png
May 02, 2026
Scan History for pedagiodigitalonlinebr.com
Found 1 other scan for this domain
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.