EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

No screenshot available

Informações de Detecção

https://services-publics.grupozasacr.com/
Detected Brand
amendes.gouv.fr
Country
France
Confiança
100%
HTTP Status
200
Report ID
62a48c45-2c6…
Analyzed
2026-01-28 08:58
Final URL (after redirects)
https://services-publics.grupozasacr.com/infospage.php

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T18AE164726158383B027792CDBE52FF29C4A7C12FCA4E2C0196EC9B5D1ED5EA0E94425B
CONTENT ssdeep
96:IZfYIkzIoN5W4QkQC7JXntEGvEhW8jxYrZizaYO+0ETia5K2nDRA1Uebmw0g9If:MAI8IAbZl8e9f+0ETLzeawRY

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b2b51c9e1b9cc334
VISUAL aHash
ffc3e7ffffff0000
VISUAL dHash
238e8e000c08b0c8
VISUAL wHash
9f83c3e7efe70000
VISUAL colorHash
07000000180
VISUAL cropResistant
230e8e0c140c0c10,13eae81380aed8d0,a0e0f4b4c9c9d2d0

Análise de Código

Risk Score 82/100
Nível de Ameaça BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Coleta de informações
• Alvo: Cidadãos franceses pagando multas de trânsito online
• Método: Formulário online para coletar informações pessoais para pagar multas
• Exfil: Desconhecido, detalhes de pagamento
• Indicadores: Domínio oficial .gouv.fr
• Risk: BAIXO - Coleta de dados pelo serviço oficial

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • fromCharCode
  • unescape
  • unicode_escape
  • base64_strings

📤 Form Action Targets

  • infoz/infos.php

📊 Detalhamento da Pontuação de Risco

Total Risk Score
100/100

Contributing Factors

Active Phishing Kit
Detected active phishing kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
Credential Harvesting
Credential harvesting detected with 3 form(s) capturing sensitive data
Code Obfuscation
JavaScript code obfuscated using 64 technique(s) to evade detection

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Banking Credential Harvester
Alvo
amendes.gouv.fr users (France)
Método de Ataque
credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
HTTP POST to backend
Avaliação de Risco
CRITICAL - Automated credential harvesting with HTTP POST to backend

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 64 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
amendes.gouv.fr
Official Website
N/A
Fake Service
Banking/payment service

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: JavaScript Obfuscation

Malicious code is obfuscated using 64 techniques to evade detection by security scanners and make reverse engineering more difficult.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio
services-publics.grupozasacr.com
Registered
2020-06-11 17:03:43+00:00
Registrar
Key-Systems GmbH
Estado
Active (older domain)

Hosting Information

Provider
Key-Systems GmbH
ASN

🔬 JavaScript Deep Analysis

Operator Language
English (1%)
Total Code Size
1,2 MB

🔗 API Endpoints Detected

Other
15

🔐 Obfuscation Detected

  • : None
  • : None
  • : Moderate
  • : Moderate
  • : Heavy
  • : Heavy

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
République Française (amendes.gouv.fr)
http://services-publics.grupozasacr.com
Abr 07, 2026
 Screenshot
République Française (ANTAI)
https://antai-info-amende-non-payer.wasmer.app/wp-content/vs...
Mar 24, 2026
 Screenshot
amendes.gouv.fr (French Government)
https://services-publics.grupozasacr.com/infospage.php
Jan 30, 2026
 Screenshot
amendes.gouv.fr
https://services-publics.grupozasacr.com/infospage.php
Jan 21, 2026
 Screenshot
French Government
http://health-coders.com.ar/app/France/paiement.php
Jan 20, 2026

Scan History for services-publics.grupozasacr.com

Found 5 other scans for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.