EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of bafkreieblbaolujlruolakxfo26mvcjncldvoqjcgcpmbyberkajk6jlau.ipfs.dweb.link

Información de Detección

https://bafkreieblbaolujlruolakxfo26mvcjncldvoqjcgcpmbyberkajk6jlau.ipfs.dweb.link/
Detected Brand
Network Solutions
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
d86454f8-73c…
Analyzed
2026-03-31 06:59

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T174B2EEB76028A95B52521FC477D0AE29B943E10ACC82B1FCD6F781D958F0E93BC4D61E
CONTENT ssdeep
192:unyglHKGUMCLS/Qxt4bWygT/3KTCAYWeWQv8SZuzUxojlXYGYql+K:unXNbUMs6UtMPCvNaefZuzblX3h1

Análisis de Código

Risk Score 89/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔒 Obfuscation Detected

  • fromCharCode
  • hex_escape
  • unicode_escape

🎯 Kit Endpoints

  • https://www.networksolutions.com/mail-admin/forgot-password?user=solomon.chika1%40gmail.com
  • login-page-configuration-custom
  • login-page-configuration

📡 API Calls Detected

  • defaultcache
  • GET

📊 Desglose de Puntuación de Riesgo

Total Risk Score
100/100

Contributing Factors

Active Phishing Kit
Detected kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
Credential Harvesting
Credential harvesting detected with 1 form(s) capturing sensitive data
Code Obfuscation
JavaScript code obfuscated using 6 technique(s) to evade detection

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
Network Solutions users
Método de Ataque
credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 6 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Network Solutions
Official Website
N/A
Fake Service
Banking/payment service

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 6 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Domain
bafkreieblbaolujlruolakxfo26mvcjncldvoqjcgcpmbyberkajk6jlau.ipfs.dweb.link
Registered
2017-02-24 01:05:26.675000+00:00
Registrar
CSC Corporate Domains, Inc.
Status
Active (older domain)

Hosting Information

Provider
CSC Corporate Domains, Inc.
ASN

🤖 AI-Extracted Threat Intelligence

Scan History for bafkreieblbaolujlruolakxfo26mvcjncldvoqjcgcpmbyberkajk6jlau.ipfs.dweb.link

Found 1 other scan for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.