EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats
95 Risk Score

High Risk

Threat Level: ALTO • Impersonating: Amazon

⚠ Factores de Riesgo

  • Suplantación de marca Amazon en dominio no oficial
  • Contiene 3 formulario(s) con envío JavaScript
  • Ofuscación JavaScript detectada (7 patrones)
  • Indicadores de robo de credenciales detectados
  • Indicadores de robo de otp/2fa detectados

Visual Capture

Screenshot of www.2o72f9dnc2r1qk400ca5r6b5ub-1caca680-5d7d-4188-9c8b-7c9153649971.proof-proxy.ziflow.net

Detection Info

http://www.2o72f9dnc2r1qk400ca5r6b5ub-1caca680-5d7d-4188-9c8b-7c9153649971.proof-proxy.ziflow.net/
Detected Brand
Amazon
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
8db25652-5e1…
Analyzed
2026-01-10 01:01
Final URL (after redirects)
https://www.2o72f9dnc2r1qk400ca5r6b5ub-1caca680-5d7d-4188-9c8b-7c9153649971.proof-proxy.ziflow.net/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1D0F362726960157B2257CFDEF03E7B99A1C786DBD36653C2FA90020A63C9ED18C3295C
CONTENT ssdeep
3072:LeFWof4M7OS4C7OkgTwOf6mst2sdmJM28TvFVbkp1Zp1tp1OpYSPIunSRJvsfR5j:LW7p7OzJE

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
ec4c13d352365979
VISUAL aHash
00d38193ffff87cf
VISUAL dHash
43373727251e3e1f
VISUAL wHash
00918193ffcf878f
VISUAL colorHash
06600001000
VISUAL cropResistant
23373727071e3e1f,000000c4c4110000,5c4ba6b6161d4c65,999e9b9b8b1959d9

Code Analysis

Risk Score 95/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • atob
  • eval
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings