EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of atualizacao.dynv6.net

Información de Detección

http://atualizacao.dynv6.net/mobile/index.php?hash=67967387469a0b38d3b24c0.60736787
Detected Brand
Bradesco & Livelo Cartões
Country
International
Confianza
95%
HTTP Status
200
Report ID
43c24d25-d81…
Analyzed
2026-02-28 02:24

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1B7510F5094158C6B5322D2F4AFE0EF2ABD814211C7429E88F3F853595ED6C88ED69474
CONTENT ssdeep
48:MupK6cmv1xt+Ut8Wd0BvIQCYdyg1CIAX1Y7c61YjVyJ3:Muz4Ut1d0FRCYdyACqcnVyJ3

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
a62626a6766b69c9
VISUAL aHash
00ff0000ffffff00
VISUAL dHash
2e00514100000000
VISUAL wHash
00ff0000ffffff00
VISUAL colorHash
06000000007
VISUAL cropResistant
2c00115100000000,0080087232327088,0000001010100800,0000000040000000

Análisis de Código

Risk Score 53/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Bradesco & Livelo Cartões
• Método: Suplantación de identidad a través de una página de inicio de sesión falsa
• Exfil: index.php (acción del formulario)
• Indicadores: Coincidencia de dominio, solicitud de detalles financieros, texto de urgencia, ofuscación
• Riesgo: ALTO

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • fromCharCode

📤 Form Action Targets

  • index.php

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Domain Mismatch
The domain does not belong to the official website.
Requests sensitive information
The site asks for agency, account, and password which are financial credentials.
Presence of Urgency Tactics
Phrase 'ACESSE AGORA' tries to make the user act quickly.
Obfuscation
Js Obfuscation detected, usually indicates the code is designed to hide something

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Credential Harvesting Kit
Objetivo
Bradesco & Livelo Cartões users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
HTTP POST to backend
Evaluación de Riesgo
MEDIUM - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 4 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Bradesco & Livelo Cartões
Fake Service
Login

Fraudulent Claims

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The attacker attempts to steal user credentials (username/password, etc.) by creating a fake login form that mimics the appearance of a legitimate website.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
atualizacao.dynv6.net
Registered
Unknown
Registrar
Unknown
Estado
Unknown

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Bradesco
https://p0nt-bra-fidelis1.dynv6.net/B8420266/755498457442026...
May 22, 2026
 Screenshot
Bradesco
https://serversegurologin1.dynv6.net/B88547/B755154478447801...
Abr 30, 2026
 Screenshot
Bradesco & Livelo
https://bra-livel0-p0ntos.dns.navy/B85546/7788554877441118/m...
Abr 29, 2026
 Screenshot
Bradesco & Livelo
http://bra1-livel0-p0ntos.dns.army/B85546/7788554877441118/m...
Abr 29, 2026
 Screenshot
Bradesco & Livelo Cartões
http://atualizacao.dynv6.net/mobile/index.php?hash=679673874...
Feb 28, 2026

Scan History for atualizacao.dynv6.net

Found 1 other scan for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.