What is Pseudosites?

Catch phishing before it catches you.

Modern brands are constantly under attack from fake login pages, spoofed domains, and phishing kits that look pixel-perfect. Despite all the investment in detection, there's still no easy way to see when your brand is being reused in phishing campaigns — until now.

Pseudosites fills that gap.

We offer a lightweight, invisible tracking pixel that embeds into your brand assets — login pages, emails, decoy environments, and more. If a bad actor clones and deploys one of these assets, the pixel silently calls home. You get real-time telemetry: IPs, geolocation, headers, device info — enough to investigate, alert, or initiate takedowns.

No agents. No JS. No user impact.

🔍 Why Pseudosites?

Phishing Site Detection
Instantly know when your assets appear in unauthorized places.
Real-Time Telemetry
Every pixel hit is enriched with location, ASN, device, and network metadata.
Infrastructure Mapping
Link attacks across reused kits, shared IPs, or hosting infrastructure.
Dead-Simple Deployment
Works anywhere HTML goes — no SDK, no script injection, no dependencies.

🧠 Built For

Security Operations & Threat Intel Teams
Digital Brand & Legal Enforcement
DFIR / Anti-Fraud Units
Developers working on login flows or custom branding

🚀 How It Works

Pseudosites uses a 1×1 transparent pixel served from our infrastructure:

html

<img
.pixel-bg {
  background-image: url("https://3bc1e6f4.net/a5727479");
  background-size: 0 0;
}
/>

The id parameter is unique to your environment or use case.
The pixel loads fast, returns a transparent GIF, and doesn’t affect layout.
No cookies, no JS, no tracking alerts.

🧾 Logged Telemetry

When a pixel is loaded, Pseudosites captures and enriches the request with:

Field	Description
`timestamp`	Time of request in UTC
`ip_address`	Source IP address
`user_agent`	Full browser user-agent string
`referrer`	Referer header (if available)
`geo_location`	Country, city, region, lat/lng
`asn`	ISP and ASN details
`headers`	All HTTP headers
`device_fingerprint`	(Optional) Derived fingerprint hash
`security_signals`	Proxy/VPN detection, cloud hosting flags

This data is stored securely and available via the web dashboard.

⚙️ Common Use Cases

Microsoft 365 Login Branding
Embed tracking pixels into sign-in HTML pages to detect re-use.
Email & Comms Monitoring
Drop pixels into outbound messages to track unauthorized reuse.
Honeypot Infrastructure
Watermark decoy login pages with embedded Pseudosites pixels.
Phishing Kit Fingerprinting
Seed leaked HTML/CSS templates with pixels to monitor actor reuse.

✅ Deployment Notes

CDN-backed delivery for low-latency global performance
Does not use cookies, storage, or scripts — ideal for stealth
HTTPS-only, CORS supported, CSP-compliant
Safe for production use in regulated environments

Need help? Reach out at support@pseudosites.com

What is Pseudosites? ​

🔍 Why Pseudosites? ​

🧠 Built For ​

🚀 How It Works ​

🧾 Logged Telemetry ​

⚙️ Common Use Cases ​