ThreatFeed
Technology
VMRay DeepResponse
Resources
Try VMRay
Threat Feed
Filter by Classification
Adware
Backdoor
Banker
Banking Trojan
Bot
Crypter
Crypter
Dialer
Downloader
Dropper
Eicar
EICAR
Exploit
Hacktool
HackTool
Injector
Jigsaw
Keylogger
Miner
Phishing
POS
Pua
PUA
Ransomware
RAT
Remote Access Trojan
Rootkit
Skylock
Spyware
Stealer
Trojan
Virus
Wiper
Worm
Xorist
Filter by Sample Type
Excel Document
HTML Application
HTML Application (Shell Link)
HTML Document
Java Archive
Java Class
JScript
Linux ELF Executable (x86-64)
macOS App
macOS Executable
Microsoft Access Database
Microsoft Publisher Document
MSI Setup
PDF Document
Powerpoint Document
PowerShell Script
PowerShell Script (Shell Link)
Python Script
RTF Document
Shell Script
URL
VBScript
Windows ActiveX Control (x86-32)
Windows ActiveX Control (x86-64)
Windows Batch File
Windows Batch File (Shell Link)
Windows DLL (x86-32)
Windows DLL (x86-64)
Windows Driver (x86-32)
Windows Driver (x86-64)
Windows Exe (x86-32)
Windows Exe (x86-64)
Windows Help File
Windows Script File
Word Document
Search
1
2
503687
>
https://calmer452.github.io/facebook.com/
2025-12-15T01:31:19.997
malicious
URL
Details
Close
https://calmer452.github.io/facebook.com/
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Combination of other detections indicates a phishing website
4/5
Phishing page detected via Machine Learning
2/5
Page title matches the name of a popular online service
2/5
Page is served from a service commonly used for temporary hosting
2/5
Branded Logon form detected via Computer Vision
1/5
Page secured via a Domain Validated SSL certificate
1/5
Loads resources from a public service
1/5
Resource is loaded from a service commonly used for temporary hosting
1/5
Page presents itself as a logon page
1/5
Branding image detected via Computer Vision
Full Report
Close
Phishing
Full Report
https://ms-copilot-play888.pages.dev/login.srf?wa=wsignin1.0&rpsnv=159&id=298156&wreply=https:/copilot.microsoft.com/secure/passport.aspx?edge_suppress_profile_switch=1&requrl=https:/copilot.microsoft.com/&sig=19fa740fa4ef609a3dc960e0a54361b1&nopa=2&wp=mbi_ssl&lc=1043&csrftoken=41b4781d-b91b-40a2-a8a4-e1409165b6d7&aadredir=1&nopa=2
2025-12-15T01:28:12.358
malicious
URL
Details
Close
https://ms-copilot-play888.pages.dev/login.srf?wa=wsignin1.0&rpsnv=159&id=298156&wreply=https:/copilot.microsoft.com/secure/passport.aspx?edge_suppress_profile_switch=1&requrl=https:/copilot.microsoft.com/&sig=19fa740fa4ef609a3dc960e0a54361b1&nopa=2&wp=mbi_ssl&lc=1043&csrftoken=41b4781d-b91b-40a2-a8a4-e1409165b6d7&aadredir=1&nopa=2
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Combination of other detections indicates a phishing website
3/5
Suspected phishing site
2/5
Page is served from a service commonly used for temporary hosting
1/5
Page secured via a Domain Validated SSL certificate
1/5
URL contains a TLD highly associated with phishing
1/5
Resource is loaded from a service commonly used for temporary hosting
1/5
Page presents itself as a logon page
Full Report
Close
Phishing
Full Report
https://28kjhga.pages.dev/gp/customer-reviews/R15V3GWIPQV72L?ASIN=B07TLPVC6F
2025-12-15T01:25:51.336
malicious
URL
Details
Close
https://28kjhga.pages.dev/gp/customer-reviews/R15V3GWIPQV72L?ASIN=B07TLPVC6F
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
4/5
Phishing page detected via Machine Learning
4/5
Combination of other detections indicates the page is malicious
3/5
Suspected phishing site
2/5
Page is served from a service commonly used for temporary hosting
1/5
Branding image detected via Computer Vision
1/5
Resource is loaded from a service commonly used for temporary hosting
1/5
URL contains a TLD highly associated with phishing
1/5
Page secured via a Domain Validated SSL certificate
1/5
Page uses exact favicon of a popular online service
Full Report
Close
Phishing
Full Report
https://omgnaikwade-sys.github.io/Instagram.-login-/
2025-12-15T01:18:18.458
malicious
URL
Details
Close
https://omgnaikwade-sys.github.io/Instagram.-login-/
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Combination of other detections indicates a phishing website
4/5
Phishing page detected via Machine Learning
2/5
Page title matches the name of a popular online service
2/5
Page is served from a service commonly used for temporary hosting
1/5
Logon form detected via Computer Vision
1/5
Resource is loaded from a service commonly used for temporary hosting
1/5
Page presents itself as a logon page
1/5
Page secured via a Domain Validated SSL certificate
1/5
Loads image resources from another website
Full Report
Close
Phishing
Full Report
https://brazilianyellowdev.github.io/facebook-clone/
2025-12-15T01:07:12.874
malicious
URL
Details
Close
https://brazilianyellowdev.github.io/facebook-clone/
malicious
SHA256:
VMRay Threat Identifiers
Severity
Operation
5/5
Combination of other detections indicates a phishing website
4/5
Phishing page detected via Machine Learning
2/5
Page title matches the name of a popular online service
2/5
Branded Logon form detected via Computer Vision
2/5
Page is served from a service commonly used for temporary hosting
1/5
Resource is loaded from a service commonly used for temporary hosting
1/5
Branding image detected via Computer Vision
1/5
Page secured via a Domain Validated SSL certificate
Full Report
Close
Phishing
Full Report
1
2
503687
>