EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of invitetracker.work

Información de Detección

http://invitetracker.work
Detected Brand
Telegram
Country
International
Confianza
95%
HTTP Status
200
Report ID
9851dedf-d2e…
Analyzed
2026-05-18 06:54
Final URL (after redirects)
https://t.me/+v2TFbWGW-AFkYTJh

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T15A02F8935330885D17EBC0669F57F059A202D0DBF6B92E5096DA9A6FC4C3DF0F823A12
CONTENT ssdeep
192:I75i375iWYUGYlSqugxuOoRnigni6U3qV0OKPGo75iKB:It0tfYCNVVoPOqVbentJ

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
8c9cc4e3f3e1c9c1
VISUAL aHash
3f1f1f0300e0f0f0
VISUAL dHash
fab3b2ba8e808000
VISUAL wHash
7f1f1f0b00e0f0f8
VISUAL colorHash
06198000000
VISUAL cropResistant
fab3b2ba8e808000

Análisis de Código

Nivel de Amenaza ALTO
⚠️ Phishing Confirmed

🔬 Threat Analysis Report

• Amenaza: Phishing / Suplantación de marca
• Objetivo: Usuarios de Telegram
• Método: Página de aterrizaje falsa de canal de Telegram
• Exfil: Posible robo de credenciales o descarga de malware
• Indicadores: Dominio no oficial, registro reciente
• Riesgo: Alto

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Recent Domain
Domain is 5 days old
Impersonation
Domain does not match target brand

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Telegram Phishing Landing Page
Objetivo
Telegram users (International)
Método de Ataque
Brand impersonation
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Telegram
Official Website
https://telegram.org
Fake Service
Telegram Channel Access

Fraudulent Claims

⚔️ Metodología de Ataque

Primary Method: Brand Impersonation

The site clones the Telegram interface to build trust.

Secondary Method: Malicious Redirect/Download

The 'DOWNLOAD' and 'JOIN CHANNEL' buttons are likely used to distribute malware or trigger unwanted redirects.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
invitetracker.work
Registered
2026-05-12
Registrar
Unknown
Estado
Active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Telegram
https://closefri.top/
Jun 25, 2026
 Screenshot
Desconocido
https://cdn.gosafemode.com/screenshots/f01acf8e0037.png
May 20, 2026
 Screenshot
Desconocido
https://cdn.gosafemode.com/screenshots/aa7711e74588.png
May 18, 2026
 Screenshot
Telegram
http://invitetrackerr.xyz
May 18, 2026
 Screenshot
Telegram
https://p1.polidarsite.com/5kV1swTkGq
Abr 23, 2026
😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.