EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of kntn.ly

Informações de Detecção

https://kntn.ly/20dfde68
Detected Brand
myGov
Country
Australia
Confidence
100%
HTTP Status
200
Report ID
033b5f76-ef6…
Analyzed
2026-02-25 17:14
Final URL (after redirects)
https://login-mygov-au.base44.app/

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1B922D83612501E7F5A03C688F6D4B319A79FA257C677D849B1EC835B23D2E21DD231B8
CONTENT ssdeep
192:8XO6uEkEkX2XS445iPxOYs4YgAlXU1jRXVRXJWYThkkXGXXpRDeJW:5gxOYVYkjRXVRXJWYqJXDeA

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b3b34c990de44ce6
VISUAL aHash
0effe7ffffffff00
VISUAL dHash
da1c0e189d140e20
VISUAL wHash
00c7c3ffc7cfc300
VISUAL colorHash
06007000000
VISUAL cropResistant
c2180e0e1c16160e,2000606008600020

Análise de Código

Risk Score 94/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info
⚡ Supabase Backend

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Cidadãos australianos (usuários myGov)
• Método: Personificação
• Exfil: qtrypzzcjebvfcihiynt.supabase.co
• Indicadores: Incompatibilidade de domínio, Obfuscação JavaScript
• Risco: Alto

🔒 Obfuscation Detected

  • fromCharCode
  • unescape
  • base64_strings

🎯 Kit Endpoints

  • https://login-mygov-au.base44.app
  • https://login-mygov-au.base44.app/manifest.json

☁️ Cloud Backend

  • Supabase: qtrypzzcjebvfcihiynt.supabase.co

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

Domain Mismatch
The domain kntn.ly does not belong to the brand.
JavaScript Obfuscation
Javascript obfuscation found, which is a common tactic to hide malicious code.
Forms and Credentials
Page contains a form asking for username and password.

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Banking Credential Harvester
Alvo
myGov users (Australia)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
Supabase Database
Avaliação de Risco
CRITICAL - Automated credential harvesting with Supabase Database

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 4 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
myGov
Official Website
https://www.my.gov.au/
Fake Service
myGov login

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The attacker is attempting to steal login credentials for myGov accounts. The victim is tricked into entering their username and password on a fake login form.

Secondary Method: JavaScript Obfuscation

The use of JavaScript obfuscation is to hide malicious code or credential harvesting, making it more difficult to detect the phishing attempt.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domain
kntn.ly
Registered
2021-08-18T10:03:33+00:00
Registrar
None
Status
None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
myGov
http://login-mygov-au.base44.app/
Fev 25, 2026
 Screenshot
myGov
http://rkmedumygoveuthfile.work/
Fev 25, 2026

Scan History for kntn.ly

Found 10 other scans for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.