EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of www.undian-whatsapp58.blogspot.com

Información de Detección

https://www.undian-whatsapp58.blogspot.com/
Detected Brand
WhatsApp
Country
International
Confidence
100%
HTTP Status
200
Report ID
ad05dc2f-de5…
Analyzed
2026-03-07 09:28
Final URL (after redirects)
https://undian-whatsapp58.blogspot.com/

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T157A243329141AA730157E2D4B275976F7A8287C9CA4307A2A3F8975D9FCBCB9DE11308
CONTENT ssdeep
384:oPpL85ad9ZlRqRERqRkdBAZEjrERfA8IDtRySeeLe8ieAPK+XLVRC:oPpAad9ZlEGE2dBAZEnERo8IDtISeeLN

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b2246dcdcf3232b2
VISUAL aHash
c3c3c7ff7f6f7f7f
VISUAL dHash
869e9d5d79595959
VISUAL wHash
81c3c73c3c3c3c3c
VISUAL colorHash
06c00008000
VISUAL cropResistant
869e9d5d79595959,0000000000000000,a329e5b636f52c0d

Análisis de Código

Risk Score 85/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de WhatsApp
• Método: Suplantación de identidad a través de una promoción falsa.
• Exfil: Desconocido
• Indicadores: Dominio no relacionado, afirmaciones sospechosas, alojamiento en blogspot.
• Riesgo: Alto

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • eval
  • fromCharCode
  • unescape
  • hex_escape
  • unicode_escape

🎯 Kit Endpoints

  • https://undian-whatsapp58.blogspot.com/2017/08/b8337h9.html
  • https://undian-whatsapp58.blogspot.com/2017/08/af77982.html
  • https://undian-whatsapp58.blogspot.com/search?updated-max=2017-08-04T04:41:00-07:00&max-results=1
  • https://draft.blogger.com/feeds/5167206755806052619/posts/default
  • https://undian-whatsapp58.blogspot.com/2017/
  • https://undian-whatsapp58.blogspot.com/2017/08/br25h99.html
  • https://draft.blogger.com
  • http://undian-whatsapp58.blogspot.com/
  • https://undian-whatsapp58.blogspot.com/feeds/posts/default
  • https://undian-whatsapp58.blogspot.com/feeds/posts/default?alt=rss
  • https://draft.blogger.com/navbar/5167206755806052619?origin=https://undian-whatsapp58.blogspot.com&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.PCvl17LujMs.O%2Fd%3D1%2Frs%3DAHpOoo-sAn5Asuf3MvShXCH_dsg8tE46Tw%2Fm%3D__features__#id=navbar-iframe&_gfid=navbar-iframe&parent=https%3A%2F%2Fundian-whatsapp58.blogspot.com&pfname=&rpctoken=63114035
  • https://www.blogger.com/null
  • https://undian-whatsapp58.blogspot.com/
  • https://undian-whatsapp58.blogspot.com/2017/08/ij4t679.html
  • https://undian-whatsapp58.blogspot.com/2017/08/galeri-pemenang-undian-m-kios-telkomsel.html
  • https://undian-whatsapp58.blogspot.com/2017/08/
  • https://undian-whatsapp58.blogspot.com/2017/08/d25774s.html
  • https://draft.blogger.com/profile/01985592705812917005
  • https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=5167206755806052619&zx=fa050af8-462e-4aa6-974c-d19e34ff6f87

📡 API Calls Detected

  • post

📤 Form Action Targets

  • /search

📊 Desglose de Puntuación de Riesgo

Total Risk Score
95/100

Contributing Factors

Domain Mismatch
The domain does not belong to WhatsApp.
Suspicious Content
Content about winning a prize is highly suspicious.
Hosting and Domain Reputation
Free blogspot hosting increases risk.
Obfuscation
Obfuscated code indicates malicious intent

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Two-Factor Authentication Stealer
Objetivo
WhatsApp users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
HTTP POST to backend
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Personal Info
  • 22 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
WhatsApp
Official Website
whatsapp.com
Fake Service
Promo/Undian

Fraudulent Claims

⚔️ Metodología de Ataque

Primary Method: Impersonation

The attacker is impersonating WhatsApp by creating a fake promotion that promises prizes. The goal is to trick users into providing personal information or clicking malicious links.

Secondary Method: Social Engineering

Using a sense of 'winning' to create excitement and lure users into providing information.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Domain
undian-whatsapp58.blogspot.com
Registered
None
Registrar
None
Status
Unknown

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
WhatsApp
http://undian-whatsapp58.blogspot.com
Mar 07, 2026

Scan History for www.undian-whatsapp58.blogspot.com

Found 1 other scan for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.