SafeMode - Analysis: serversegurologin1.dynv6.net

EN ES PT

Back to Stats

Captura Visual

Screenshot of serversegurologin1.dynv6.net

Información de Detección

https://serversegurologin1.dynv6.net/B88547/B755154478447801/mobile/index.php?hash=75296242269f20611f0b5e1.42425064

Detected Brand

Bradesco

Country

Unknown

Confianza

100%

HTTP Status

200

Report ID

b191d2ad-157…

Analyzed

2026-04-30 04:14

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1E6511E509419CC6B9322D2F4AFE0EF2ABD814311C7429E88F3F857A95ED6C88ED69474
CONTENT ssdeep	48:MupK6cmv1xt+Ut8Wd0BvIQCYdyg1CIAX1Y7c61YjVyJz:Muz4Ut1d0FRCYdyACqcnVyJz

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	a62626a6766b69c9
VISUAL aHash	00ff0000ffffff00
VISUAL dHash	2e00514100000000
VISUAL wHash	00ff0000ffffff00
VISUAL colorHash	06000000007
VISUAL cropResistant	2c00115100000000,0080087232327088,0000001010100800,0000000040000000

Análisis de Código

Risk Score 53/100

Nivel de Amenaza ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

fromCharCode

📤 Form Action Targets

index.php

📊 Desglose de Puntuación de Riesgo

Total Risk Score

70/100

Contributing Factors

Active Phishing Kit

Detected kit types: Credential Harvester

Credential Harvesting

Credential harvesting detected with 3 form(s) capturing sensitive data

Code Obfuscation

JavaScript code obfuscated using 2 technique(s) to evade detection

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Credential Harvesting Kit

Objetivo

Bradesco users

Método de Ataque

credential harvesting forms + obfuscated JavaScript

Canal de Exfiltración

HTTP POST to backend

Evaluación de Riesgo

MEDIUM - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

Kit types: Credential Harvester
2 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand

Bradesco

Official Website

N/A

Fake Service

Token swap/DEX platform

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 2 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio

serversegurologin1.dynv6.net

Registered

Unknown

Registrar

None

Estado

Age unknown

Hosting Information

Provider

Unknown

ASN

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot

https://p0nt-bra-fidelis1.dynv6.net/B8420266/755498457442026...

Screenshot

Bradesco & Livelo

https://bra-livel0-p0ntos.dns.navy/B85546/7788554877441118/m...

Screenshot

Bradesco & Livelo

http://bra1-livel0-p0ntos.dns.army/B85546/7788554877441118/m...

Screenshot

Bradesco & Livelo Cartões

http://atualizacao.dynv6.net/mobile/index.php?hash=679673874...

Screenshot

Bradesco & Livelo Cartões

http://atualizacao.dynv6.net/mobile/index.php?hash=679673874...

😰

"Nunca pensé que me pasaría a mí"

Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.