EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of hssos-aaasdvaxhydch7hy.z03.azurefd.net

Informações de Detecção

http://hssos-aaasdvaxhydch7hy.z03.azurefd.net
Detected Brand
Facebook
Country
International
Confiança
95%
HTTP Status
200
Report ID
12b7b6ee-5fb…
Analyzed
2026-02-13 23:15
Final URL (after redirects)
https://hssos-aaasdvaxhydch7hy.z03.azurefd.net/

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1501102600C3D56538BA182D6F9A77E072E40C786D35B0F5095F493FD19C9B09C9EF560
CONTENT ssdeep
24:kHks1wspc8MT0C7OkCQqb5SpXQEiKn0SZxZjRWMx0Jrc:C1zpxk4b5SpMY0c/jR1WJw

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b8cc9b7623336638
VISUAL aHash
ffffdbc3c3c3c3c3
VISUAL dHash
b0b2b28e96969696
VISUAL wHash
7e5b5943c0c3c3c3
VISUAL colorHash
07c00000000
VISUAL cropResistant
a2948e80aa8ee0b2,b0b2b28e96969696

Análise de Código

Risk Score 53/100
Nível de Ameaça ALTO
⚠️ Phishing Confirmed
🎣 Banking

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários do Facebook
• Método: Imitação de marca via URL suspeito e mensagem falsa de suspensão de conta.
• Exfil: Desconhecido (provavelmente credenciais)
• Indicadores: Domínio suspeito, mensagem falsa de suspensão de conta.
• Risco: ALTO

🔒 Obfuscation Detected

  • js_packer

📡 API Calls Detected

  • POST

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

Suspicious Domain
The domain name does not match the expected domain for Facebook.
Impersonation
The page impersonates Facebook and claims the user's account has been suspended.
Javascript Obfuscation
Javascript Obfuscation detected in the code which can hide malicious code

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Banking Credential Harvester
Alvo
Facebook users (International)
Método de Ataque
Brand impersonation + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Banking
  • 140 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
Facebook
Official Website
https://www.facebook.com
Fake Service
Facebook Account

Fraudulent Claims

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The attacker aims to steal user credentials by mimicking Facebook's login page and displaying a false account suspension message to make the victim urgency to recover account.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio
hssos-aaasdvaxhydch7hy.z03.azurefd.net
Registered
None
Registrar
None
Estado
Inactive

🔬 JavaScript Deep Analysis

Total Code Size
1,8 KB

🔗 API Endpoints Detected

Other
2

🔐 Obfuscation Detected

  • : None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Desconhecido
https://cdn.gosafemode.com/screenshots/4bcbc8778ff5.png
Mai 27, 2026
 Screenshot
Facebook
http://bwzs-edcth4haeacbeje3.z02.azurefd.net/
Fev 25, 2026
 Screenshot
Facebook
http://kate-dfhafbdfb4e8ecac.z02.azurefd.net
Fev 13, 2026
 Screenshot
Facebook
http://bl-sos-d9f2gkh2cnhec8h9.z03.azurefd.net
Fev 13, 2026
 Screenshot
Facebook
http://bsea-f8cwf3csaacdgqfk.z02.azurefd.net/
Fev 11, 2026

Scan History for hssos-aaasdvaxhydch7hy.z03.azurefd.net

Found 1 other scan for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.