gpp_maybe

HIGH RISK DETECTED

Dangerous

The scanned QR code contains malicious indicators associated with phishing and credential harvesting. Do not proceed to the target URL.

bug_report Phishing Attempt code_off Obfuscated Script link Homograph Attack
Threat Confidence 98.5%

history Scan History

Attack Breakdown

ID: scan_2025_12_29_h9t2
abc

Homograph / IDN Attack

Cyrillic characters mimicking Latin alphabet detected.

expand_more
Visual Appearance (What user sees) secure-banking.com
Actual Punycode (Where it goes) xn--secure-bankng-87b.com

The domain uses the Cyrillic 'а' (U+0430) instead of Latin 'a' (U+0061). This technique is commonly used to trick users into believing they are visiting a legitimate service.

alt_route

Suspicious Redirect Chain

3 hops detected involving known URL shorteners.

expand_more
  1. QR Code Scan
    http://bit.ly/3x891
  2. Intermediate Hop
    http://tracker-service-cloud.net/ref?id=99
  3. Final Destination
    http://xn--secure-bankng-87b.com/login
javascript

Obfuscated JavaScript

High entropy string detected in URL parameters.

expand_more
<script>eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)...

recommend Recommended Actions

Explainable Security

  • check_circle Domain age is less than 24 hours.
  • check_circle Matched 3 signatures in local phishing DB.
  • check_circle Target IP is located in a high-risk ASN.

Scan Meta

Scan Time Today, 14:32:05
Source image qr_investigate.png
Engine Offline Core v2.4

Offline Guarantee: This image was analysed locally on your device. No data was sent to the cloud for this verdict.