EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of eugeniewun72-englichs302.pages.dev

Informações de Detecção

https://eugeniewun72-englichs302.pages.dev/help/contact/743498979642437/
Detected Brand
Facebook
Country
International
Confiança
100%
HTTP Status
200
Report ID
17ac6120-2a2…
Analyzed
2026-03-17 23:44

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1BC4186365010563756230DD5A0E2F706A6C3E24ECE9724143EFC97A947EED8ACC5B3A0
CONTENT ssdeep
48:TxCCG94X8idMC6BeWR2pe2K3zz5mUVLu9l1n:TzG9Q1B6JRHZmUNm5

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
c4444461f1f3f376
VISUAL aHash
000000ffffffffff
VISUAL dHash
94e0ac1016060000
VISUAL wHash
000000c3c3ffffff
VISUAL colorHash
07007000000
VISUAL cropResistant
2c0c120600000000,949494e6f0e4a4a5

Análise de Código

Risk Score 96/100
Nível de Ameaça ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários do Facebook
• Método: Imitação via hospedagem gratuita.
• Exfil: Dados do formulário provavelmente roubados.
• Indicadores: Hospedagem gratuita, formulário, marca Facebook.
• Risco: Alto

🔒 Obfuscation Detected

  • fromCharCode
  • unescape

📡 API Calls Detected

  • https://api.ipify.org?format=json

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

Free Hosting
The site uses free hosting, which is often used for phishing.
Impersonation
The site uses Facebook branding and content.
Form Detection
Forms on phishing sites are often used to collect credentials

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Banking Credential Harvester
Alvo
Facebook users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 11 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
Facebook
Official Website
https://www.facebook.com/
Fake Service
Facebook Help Center

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The attacker creates a fake login page that mirrors the legitimate Facebook login and uses the form to steal credentials.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio
eugeniewun72-englichs302.pages.dev
Registered
None
Registrar
None
Estado
None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Facebook
http://eugeniewun72-englichs302.pages.dev/help/contact/60690...
Jun 02, 2026
 Screenshot
Facebook
https://sp-bayerjohnathan132.pages.dev/help/contact/21322127...
Mai 28, 2026
 Screenshot
Facebook
https://sp-bayerjohnathan132.pages.dev/help/contact/46660217...
Mai 28, 2026
 Screenshot
Desconhecido
https://cdn.gosafemode.com/screenshots/d95cf777746f.png
Mai 27, 2026
 Screenshot
Facebook
https://svt-aletaharropact6825.pages.dev/help/contact/357727...
Mai 22, 2026

Scan History for eugeniewun72-englichs302.pages.dev

Found 10 other scans for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.