Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
https://immediate-xtrade.com/
Detected Brand
Immediate Xtrade (likely a brand itself)
Country
International
Confidence
100%
HTTP Status
200
Report ID
13d851cb-a65…
Analyzed
2026-02-23 12:23
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B313523350445A7E02D786C676B16B0EF6E6D64EDA961A02E7EC831D17C3EC0CE36B52 |
|
CONTENT
ssdeep
|
768:0zbAx9+IWv+er7JvGrP1thgOIAJUseVXYcO6tFH9Y2EfzV3A:nH+Ij0ErdVbDeVDtx95Ef+ |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b2b6cd343c14c9c7 |
|
VISUAL
aHash
|
ffcfcf878787ffff |
|
VISUAL
dHash
|
2b2c0c2c2e3c982b |
|
VISUAL
wHash
|
fb878787838600fb |
|
VISUAL
colorHash
|
07606000000 |
|
VISUAL
cropResistant
|
2b2c0c2c2e3c982b,70f5bcb9a36d5846 |
Análise de Código
Risk Score
71/100
Threat Level
MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 Personal Info
🔬 Threat Analysis Report
• Ameaça: Roubo de credenciais
• Alvo: Usuários desavisados
• Método: Engano por meio de um formulário de registro.
• Exfil: Desconhecido, provavelmente para um banco de dados.
• Indicadores: Formulário de registro, domínio relativamente novo, javascript ofuscado.
• Risco: Moderado
🔒 Obfuscation Detected
- fromCharCode
- unicode_escape
📊 Detalhamento da Pontuação de Risco
Total Risk Score
65/100
Contributing Factors
Recent Domain
Domain age of 248 days is relatively new, indicating a potential risk.
Form with data collection
The presence of a registration form requesting personal information is a common phishing tactic.
Obfuscation Detected
Javascript Obfuscation detected, likely to hide malicious code or evade detection.
🔬 Análise Integral de Ameaças
Tipo de Ameaça
Credential Harvesting Kit
Alvo
Immediate Xtrade (likely a brand itself) users (International)
Método de Ataque
credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, Personal Info
- 12 obfuscation techniques
🏢 Análise de Falsificação de Marca
Impersonated Brand
Immediate Xtrade
Fake Service
Trading platform/informational hub
⚔️ Metodologia de Ataque
Primary Method: Credential Harvesting
The site likely aims to collect user credentials through a registration form. Users provide their personal information and may later receive phishing emails or other malicious content.
🌐 Indicadores de Compromisso de Infraestrutura
Domain Information
Domain
immediate-xtrade.com
Registered
Unknown
Registrar
Unknown
Status
Active
🤖 AI-Extracted Threat Intelligence
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.