EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

No screenshot available

Información de Detección

https://services-publics.grupozasacr.com/
Detected Brand
amendes.gouv.fr
Country
France
Confidence
100%
HTTP Status
200
Report ID
62a48c45-2c6…
Analyzed
2026-01-28 08:58
Final URL (after redirects)
https://services-publics.grupozasacr.com/infospage.php

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T18AE164726158383B027792CDBE52FF29C4A7C12FCA4E2C0196EC9B5D1ED5EA0E94425B
CONTENT ssdeep
96:IZfYIkzIoN5W4QkQC7JXntEGvEhW8jxYrZizaYO+0ETia5K2nDRA1Uebmw0g9If:MAI8IAbZl8e9f+0ETLzeawRY

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b2b51c9e1b9cc334
VISUAL aHash
ffc3e7ffffff0000
VISUAL dHash
238e8e000c08b0c8
VISUAL wHash
9f83c3e7efe70000
VISUAL colorHash
07000000180
VISUAL cropResistant
230e8e0c140c0c10,13eae81380aed8d0,a0e0f4b4c9c9d2d0

Análisis de Código

Risk Score 82/100
Threat Level BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Recopilación de información
• Objetivo: Ciudadanos franceses que pagan multas de tráfico en línea
• Método: Formulario en línea para recopilar información personal para pagar las multas
• Exfil: Desconocido, detalles de pago
• Indicadores: Dominio oficial .gouv.fr
• Risk: BAJO - Recopilación de datos por el servicio oficial

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • fromCharCode
  • unescape
  • unicode_escape
  • base64_strings

📤 Form Action Targets

  • infoz/infos.php

📊 Desglose de Puntuación de Riesgo

Total Risk Score
100/100

Contributing Factors

Active Phishing Kit
Detected active phishing kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
Credential Harvesting
Credential harvesting detected with 3 form(s) capturing sensitive data
Code Obfuscation
JavaScript code obfuscated using 64 technique(s) to evade detection

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
amendes.gouv.fr users (France)
Método de Ataque
credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
HTTP POST to backend
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 64 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
amendes.gouv.fr
Official Website
N/A
Fake Service
Banking/payment service

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 64 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Domain
services-publics.grupozasacr.com
Registered
2020-06-11 17:03:43+00:00
Registrar
Key-Systems GmbH
Status
Active (older domain)

Hosting Information

Provider
Key-Systems GmbH
ASN

🔬 JavaScript Deep Analysis

Operator Language
English (1%)
Total Code Size
1,2 MB

🔗 API Endpoints Detected

Other
15

🔐 Obfuscation Detected

  • : None
  • : None
  • : Moderate
  • : Moderate
  • : Heavy
  • : Heavy

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
République Française (amendes.gouv.fr)
http://services-publics.grupozasacr.com
Abr 07, 2026
 Screenshot
République Française (ANTAI)
https://antai-info-amende-non-payer.wasmer.app/wp-content/vs...
Mar 24, 2026
 Screenshot
amendes.gouv.fr (French Government)
https://services-publics.grupozasacr.com/infospage.php
Ene 30, 2026
 Screenshot
amendes.gouv.fr
https://services-publics.grupozasacr.com/infospage.php
Ene 21, 2026
 Screenshot
French Government
http://health-coders.com.ar/app/France/paiement.php
Ene 20, 2026

Scan History for services-publics.grupozasacr.com

Found 5 other scans for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.