Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://ladger-enus.wixstudio.com/login
Detected Brand
Ledger
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
04a80008-7deβ¦
Analyzed
2026-04-29 00:12
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T179234B726332B87843DB92DEE7382946B1D6949DF8C74654F1C95ACD23C3C806297BB4 |
|
CONTENT
ssdeep
|
768:ajR++EsZx8/G8bb4ZDVSnQMwBwZoSnWMwBwZCUuix+y9dQpUDF1E56ITmHTCd3mi:ao+EsZ/8b+DVSQMwB3SWMwBJUxx+y9da |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
af90e465e5d0d4d4 |
|
VISUAL
aHash
|
83818d8981818181 |
|
VISUAL
dHash
|
235b595b4b5b5b5b |
|
VISUAL
wHash
|
ff8f8d8d81818181 |
|
VISUAL
colorHash
|
32e00400000 |
|
VISUAL
cropResistant
|
235b595b4b5b5b5b,fef9f1e1f1e2e4e1,343030383cbc9809,43d8dad8c098c8c8 |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
β οΈ Phishing Confirmed
π£ Credential Harvester
π£ OTP Stealer
π£ Card Stealer
π£ Banking
π£ Personal Info
π Obfuscation Detected
- eval
- fromCharCode
- unescape
- unicode_escape
- base64_strings
π― Kit Endpoints
- https://ladger-enus.wixstudio.com/login
- https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=.DatePickerPortal%2C.DisableDocumentScrollWhenLightBoxOpen%2C.EnableCustomCSSVarsForLoginSocialBar%2C.FreemiumBannerOdeditor%2C.LoginBarEnableLoggingInStateInSSR%2C.TextInputAutoFillFix%2C.UseLoginSocialBarCustomMenu%2C.UseNewLoginBarDropdownMenuAlignment%2C.UseNewLoginSocialBarElementStructure%2C.UseNewLoginSocialBarMemberInitialsAvatar%2C.WixFreeSiteBannerDesktop%2C.WixFreeSiteBannerMobile%2C.addIdAsClassName%2C.buttonUdp%2C.calculateCollapsibleTextLineHeightByFont%2C.disableBuilderWixComponents%2C.dom_store%2C.dontApplyDacOverridesOnBoBApps%2C.dynamicSlots%2C.fiveGridLineStudioSkins%2C.imageEncodingAVIF%2C.isClassNameToRootEnabled%2C.motionTimeAnimationsCSS%2C.overrideFloatInDistance%2C.shouldUseResponsiveImages%2C.svgResolver_2%2C.updateRichTextSemanticClassNamesOnCorvid%2C.useClassnameInResponsiveAppWidget%2C.useImageAvifFormatInNativeProGallery%2C.useResponsiveImgClassicFixed%2C.useSvgLoaderFeature%2C.useSvgLoaderFeatureOnBuilderComps%2C.useWowImageInFastGallery&blocksBuilderManifestGeneratorVersion=1.129.0&contentType=application%2Fjson&deviceType=Other&dfCk=6&dfVersion=1.5374.0&disableStaticPagesUrlHierarchy=false&editorName=Studio&experiments=dm_bgScrubToMotionFixer%2Cdm_masterPageVariablesQueryFixer%2Cdm_migrateOldHoverBoxToNewFixer&externalBaseUrl=https%3A%2F%2Fladger-enus.wixstudio.com%2Flogin&fileId=3001eec5.bundle.min&formFactor=desktop&freemiumBanner=true&hasTPAWorkerOnSite=false&hasUserDomainMedia=false&isBuilderComponentModel=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isResponsive=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=84f25bfe-5fd3-4941-8477-e9310b1f319f&module=thunderbolt-features&originalLanguage=en&pageId=c2396a_67efb9936d873f957522b1c98afd249d_3.json&pilerExperiments=specs.piler.useEditorReactComponents&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.15079.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.15079.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.251.0&siteId=cbded48c-884d-4a5d-9be2-a1969fd85118&siteRevision=3&staticHTMLComponentUrl=https%3A%2F%2Fladger-enus-wixstudio-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop
- https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=.DatePickerPortal%2C.DisableDocumentScrollWhenLightBoxOpen%2C.EnableCustomCSSVarsForLoginSocialBar%2C.FreemiumBannerOdeditor%2C.LoginBarEnableLoggingInStateInSSR%2C.TextInputAutoFillFix%2C.UseLoginSocialBarCustomMenu%2C.UseNewLoginBarDropdownMenuAlignment%2C.UseNewLoginSocialBarElementStructure%2C.UseNewLoginSocialBarMemberInitialsAvatar%2C.WixFreeSiteBannerDesktop%2C.WixFreeSiteBannerMobile%2C.addIdAsClassName%2C.buttonUdp%2C.calculateCollapsibleTextLineHeightByFont%2C.disableBuilderWixComponents%2C.dom_store%2C.dontApplyDacOverridesOnBoBApps%2C.dynamicSlots%2C.fiveGridLineStudioSkins%2C.imageEncodingAVIF%2C.isClassNameToRootEnabled%2C.motionTimeAnimationsCSS%2C.overrideFloatInDistance%2C.shouldUseResponsiveImages%2C.svgResolver_2%2C.updateRichTextSemanticClassNamesOnCorvid%2C.useClassnameInResponsiveAppWidget%2C.useImageAvifFormatInNativeProGallery%2C.useResponsiveImgClassicFixed%2C.useSvgLoaderFeature%2C.useSvgLoaderFeatureOnBuilderComps%2C.useWowImageInFastGallery&blocksBuilderManifestGeneratorVersion=1.129.0&contentType=application%2Fjson&deviceType=Other&dfCk=6&dfVersion=1.5374.0&disableStaticPagesUrlHierarchy=false&editorName=Studio&experiments=dm_bgScrubToMotionFixer%2Cdm_masterPageVariablesQueryFixer%2Cdm_migrateOldHoverBoxToNewFixer&externalBaseUrl=https%3A%2F%2Fladger-enus.wixstudio.com%2Flogin&fileId=3001eec5.bundle.min&formFactor=desktop&freemiumBanner=true&hasTPAWorkerOnSite=false&hasUserDomainMedia=false&isBuilderComponentModel=false&isHttps=true&isInSeo=false&isMultilingualEnabled=false&isResponsive=true&isTrackClicksAnalyticsEnabled=false&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&languageResolutionMethod=QueryParam&metaSiteId=84f25bfe-5fd3-4941-8477-e9310b1f319f&module=thunderbolt-features&originalLanguage=en&pageId=c2396a_4ed7ccac3629f56642d089056e933f30_3.json&pilerExperiments=specs.piler.useEditorReactComponents&quickActionsMenuEnabled=false&registryLibrariesTopology=%5B%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22wixui%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.15079.0%22%7D%2C%7B%22artifactId%22%3A%22editor-elements%22%2C%22namespace%22%3A%22dsgnsys%22%2C%22url%22%3A%22https%3A%2F%2Fstatic.parastorage.com%2Fservices%2Feditor-elements%2F1.15079.0%22%7D%5D&remoteWidgetStructureBuilderVersion=1.251.0&siteId=cbded48c-884d-4a5d-9be2-a1969fd85118&siteRevision=3&staticHTMLComponentUrl=https%3A%2F%2Fladger-enus-wixstudio-com.filesusr.com%2F&useSandboxInHTMLComp=true&viewMode=desktop
π‘ API Calls Detected
- POST
π Risk Score Breakdown
Total Risk Score
100/100
Contributing Factors
Active Phishing Kit
Detected kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
Code Obfuscation
JavaScript code obfuscated using 18 technique(s) to evade detection
π¬ Comprehensive Threat Analysis
Threat Type
Banking Credential Harvester
Target
Ledger users
Attack Method
obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
β οΈ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
- 18 obfuscation techniques
π’ Brand Impersonation Analysis
Impersonated Brand
Ledger
Official Website
N/A
Fake Service
Account login portal
βοΈ Attack Methodology
Primary Method: Credential Harvesting
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Secondary Method: JavaScript Obfuscation
Malicious code is obfuscated using 18 techniques to evade detection by security scanners and make reverse engineering more difficult.
π Infrastructure Indicators of Compromise
Domain Information
Domain
ladger-enus.wixstudio.com
Registered
Unknown
Registrar
None
Status
Age unknown
Hosting Information
Provider
Unknown
ASN
π€ AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for ladger-enus.wixstudio.com
Found 3 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.