SafeMode - Analysis: oki.jtu.mybluehost.me

EN ES PT

Back to Stats

Captura Visual

Screenshot of oki.jtu.mybluehost.me

Informações de Detecção

https://oki.jtu.mybluehost.me/wp-includes/blocks/archives/dhl/SEKK74/

Detected Brand

DHL

Country

International

Confiança

95%

HTTP Status

200

Report ID

0702b0d3-614…

Analyzed

2026-02-23 07:39

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1EC3110620122C8965D62D1C412BA976F55D8C15DF6030E46BECCD3ED8BDEE94EDB8601
CONTENT ssdeep	24:n/CHrnLZxrtv4hSlJ4hL8SYE/hSEaz2Y7hpRrzmC:n2HZdtvCSYhL8SYE/wEalh/zmC

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	dbe4669899338666
VISUAL aHash	e0f8bcbcbc3c0000
VISUAL dHash	0020683070680c00
VISUAL wHash	f0f8fcfcfcbc0000
VISUAL colorHash	01000038000
VISUAL cropResistant	0020683070680c00

Análise de Código

Nível de Ameaça ALTO

⚠️ Phishing Confirmed

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Clientes DHL
• Método: Imitação e pedido de pagamento
• Exfil: Informações de pagamento
• Indicadores: Mensagem urgente, domínio incorreto
• Risco: Alto

📊 Detalhamento da Pontuação de Risco

Total Risk Score

90/100

Contributing Factors

Domain Mismatch

The domain does not belong to DHL.

Impersonation

The website closely imitates the DHL brand.

Urgency Tactics

The site uses language that induces urgency: 'Onlinebekräftelse måste göras inom de kommande 14 dagarna innan den upphör.'

Request for Sensitive Data

The site requests the user to input data.

🔬 Análise Integral de Ameaças

Tipo de Ameaça

DHL Phishing Landing Page

Alvo

DHL users (International)

Método de Ataque

Brand impersonation

Canal de Exfiltração

Form submission (backend endpoint not detected - likely JavaScript-based)

Avaliação de Risco

LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Análise de Falsificação de Marca

Impersonated Brand

DHL

Official Website

https://www.dhl.com/global-en/home.html

Fake Service

DHL parcel tracking and payment confirmation

Fraudulent Claims

⚔️ Metodologia de Ataque

Primary Method: Brand impersonation

The attacker creates a fake website designed to look like the DHL website to lure victims into entering their information.

Secondary Method: Social engineering

The attacker uses a sense of urgency ('must confirm payment') to trick the victim into giving up sensitive data.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio

oki.jtu.mybluehost.me

Registered

2016-10-05

Registrar

None

Estado

None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot

https://oki.jtu.mybluehost.me/wp-includes/blocks/archives/dh...

Screenshot

https://oki.jtu.mybluehost.me/wp-includes/blocks/archives/dh...

Screenshot

https://oki.jtu.mybluehost.me/wp-includes/blocks/archives/dh...

Scan History for oki.jtu.mybluehost.me

Found 6 other scans for this domain

https://oki.jtu.mybluehost.me/wp-includes/assets/s... Swisscom Jun 01, 2026 10:15

https://oki.jtu.mybluehost.me/wp-includes/blocks/a... ? Fev 28, 2026 03:42

https://oki.jtu.mybluehost.me/wp-includes/blocks/a... DHL Fev 23, 2026 14:21

https://oki.jtu.mybluehost.me/wp-includes/blocks/a... DHL Fev 23, 2026 14:21

https://oki.jtu.mybluehost.me/wp-includes/blocks/a... DHL Fev 23, 2026 08:59

https://oki.jtu.mybluehost.me/wp-includes/js/dist/... ? Fev 17, 2026 15:00

😰

"Nunca pensei que aconteceria comigo"

Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.