EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

No screenshot available

Informações de Detecção

https://salmon-deena-43.tiiny.site/?email%[email protected]/
Detected Brand
Unknown
Country
International
Confiança
95%
HTTP Status
200
Report ID
15aa4627-904…
Analyzed
2026-02-11 00:05

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T17A22A7E34414997E018392E9D3B5AA1A32DEC09FD217171003FD87BC1AC7DE1EEAB465
CONTENT ssdeep
192:VLWb+7WR65YHd2pqhMuhMEhuNJGuDMlZJ7tTIiegfohPVL:VLWb+7WGYHd2pqquqE+elZ6t

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
f838070fb88be8f8
VISUAL aHash
0908d8d8d8f87cfc
VISUAL dHash
59b032b2b2b2e8e8
VISUAL wHash
0908d8d8d8f8fcfc
VISUAL colorHash
32047000000
VISUAL cropResistant
8687ab97fc6ebeb3,59b032b2b2b2e8e8

Análise de Código

Risk Score 53/100
Nível de Ameaça ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Ameaça: Distribuição de malware
• Alvo: Usuários desavisados
• Método: Download drive-by ou engenharia social
• Exfil: Potencialmente o sistema comprometido
• Indicadores: Links de download, conteúdo genérico
• Risco: Alto

🔒 Obfuscation Detected

  • fromCharCode

🎯 Kit Endpoints

  • #logo-path

📡 API Calls Detected

  • POST

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

File Download Attempt
The page provides direct download links, which is a common method for malware distribution.
Domain Age
Relatively old domain, but used for malicious purposes

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Credential Harvesting Kit
Alvo
General public
Método de Ataque
credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 4 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
Unknown
Fake Service
File download platform

⚔️ Metodologia de Ataque

Primary Method: Malware distribution

The site hosts files (PDF, ZIP, MP4) and encourages downloads, likely containing malware or designed to execute malicious code on the user's system.

Secondary Method: Social Engineering

The site presents a generic message to create a sense of urgency or trust and get users to download files.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio
salmon-deena-43.tiiny.site
Registered
None
Registrar
None
Estado
Active

🔬 JavaScript Deep Analysis

Sophistication Level
Basic
Total Code Size
1,3 KB

🔐 Obfuscation Detected

  • : None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Desconhecido
https://cdn.gosafemode.com/screenshots/47f901a9228d.png
Mai 26, 2026
 Screenshot
WeTransfer
https://wetransfers.tiiny.site/
Fev 13, 2026
No screenshot
Desconhecido
https://salmon-deena-43.tiiny.site/
Fev 12, 2026
 Screenshot
WeTransfer
https://lwtrsf.pages.dev/[email protected]
Jan 23, 2026

Scan History for salmon-deena-43.tiiny.site

Found 2 other scans for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.