EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of invitetracker.work

Informações de Detecção

http://invitetracker.work
Detected Brand
Telegram
Country
International
Confiança
95%
HTTP Status
200
Report ID
9851dedf-d2e…
Analyzed
2026-05-18 06:54
Final URL (after redirects)
https://t.me/+v2TFbWGW-AFkYTJh

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T15A02F8935330885D17EBC0669F57F059A202D0DBF6B92E5096DA9A6FC4C3DF0F823A12
CONTENT ssdeep
192:I75i375iWYUGYlSqugxuOoRnigni6U3qV0OKPGo75iKB:It0tfYCNVVoPOqVbentJ

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
8c9cc4e3f3e1c9c1
VISUAL aHash
3f1f1f0300e0f0f0
VISUAL dHash
fab3b2ba8e808000
VISUAL wHash
7f1f1f0b00e0f0f8
VISUAL colorHash
06198000000
VISUAL cropResistant
fab3b2ba8e808000

Análise de Código

Nível de Ameaça ALTO
⚠️ Phishing Confirmed

🔬 Threat Analysis Report

• Ameaça: Phishing / Falsificação de marca
• Alvo: Usuários do Telegram
• Método: Página falsa de convite para canal do Telegram
• Exfil: Possível roubo de credenciais ou malware
• Indicadores: Domínio suspeito, registro recente
• Risco: Alto

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

Recent Domain
Domain is 5 days old
Impersonation
Domain does not match target brand

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Telegram Phishing Landing Page
Alvo
Telegram users (International)
Método de Ataque
Brand impersonation
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Análise de Falsificação de Marca

Impersonated Brand
Telegram
Official Website
https://telegram.org
Fake Service
Telegram Channel Access

Fraudulent Claims

⚔️ Metodologia de Ataque

Primary Method: Brand Impersonation

The site clones the Telegram interface to build trust.

Secondary Method: Malicious Redirect/Download

The 'DOWNLOAD' and 'JOIN CHANNEL' buttons are likely used to distribute malware or trigger unwanted redirects.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domínio
invitetracker.work
Registered
2026-05-12
Registrar
Unknown
Estado
Active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Telegram
https://closefri.top/
Jun 25, 2026
 Screenshot
Desconhecido
https://cdn.gosafemode.com/screenshots/f01acf8e0037.png
Mai 20, 2026
 Screenshot
Desconhecido
https://cdn.gosafemode.com/screenshots/aa7711e74588.png
Mai 18, 2026
 Screenshot
Telegram
http://invitetrackerr.xyz
Mai 18, 2026
 Screenshot
Telegram
https://p1.polidarsite.com/5kV1swTkGq
Abr 23, 2026
😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.