EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

No screenshot available

Información de Detección

http://www.amazonv3.com/
Detected Brand
Unknown
Country
International
Confianza
100%
HTTP Status
200
Report ID
e0f9a56e-e60…
Analyzed
2026-01-30 11:50
Final URL (after redirects)
https://www.amazonv3.com/#/pages/login/login

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T19532F1342043786BA53795C1F4B28B1D6A67C335CA590EBCB37926A1BBCDCE44872774
CONTENT ssdeep
192:hDnhbbcgSI8D9ZwISt5vErEFKBLfRXLfRPLfRMLfRtLfRSM/rUfYNqyTzhBeC3L:5nlzQbwtFKBLfRXLfRPLfRMLfRtLfRSg

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
8959590f66e6a6a6
VISUAL aHash
00007f0107ffffff
VISUAL dHash
d393b24defffe000
VISUAL wHash
00003e0007ffffff
VISUAL colorHash
06003000180
VISUAL cropResistant
d3b2ad6fffffe000,cdf39253d3b3d292,4100101010101000

Análisis de Código

Risk Score 100/100
Nivel de Amenaza ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Desconocido
• Método: Suplantación a través de un formulario de inicio de sesión genérico.
• Exfil: Datos del formulario a través de JavaScript
• Indicadores: Coincidencia de dominio, dominio reciente, envío de formulario JavaScript, ofuscación.
• Riesgo: Alto

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

📡 API Calls Detected

  • POST
  • GET

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Suspicious Domain Age
The domain is recent, increasing the likelihood of a phishing attempt.
Domain Mismatch
The domain 'amazonv3.com' doesn't match a legitimate brand and is likely an attempt to impersonate a brand.
JavaScript Form Submission
The use of JavaScript to submit form data can be used to exfiltrate credentials.
Obfuscation Detected
Obfuscation is used to hide malicious code from detection tools.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Banking Credential Harvester
Objetivo
General public
Método de Ataque
obfuscated JavaScript
Canal de Exfiltración
Unknown
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
  • 58 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
Unknown
Fake Service
Login Portal

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The site uses a fake login form to collect user credentials such as mobile number and password.

Secondary Method: JavaScript-based Data Exfiltration

JavaScript is likely used to intercept form submissions and send the stolen credentials to the attacker.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio
amazonv3.com
Registered
None
Registrar
Unknown
Estado
ACTIVE

🔬 JavaScript Deep Analysis

Operator Language
English (0%)
Sophistication Level
Basic
Total Code Size
1,0 MB

🔗 API Endpoints Detected

Other
22
Backend API
1

🔐 Obfuscation Detected

  • : Light
  • : None
  • : Heavy
  • : Light

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Amazon
https://amazonam.vip/
May 31, 2026
😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.