Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://blockchain-clone-lyart.vercel.app/
Detected Brand
Blockchain.com
Country
International
Confidence
100%
HTTP Status
200
Report ID
0677648b-31a…
Analyzed
2026-02-12 23:57
Final URL (after redirects)
https://blockchain-clone-lyart.vercel.app/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T149E2A3B01388197F52C347A8EF317379735B42E0EA160A0846ADDBADE987D8DCC274E5 |
|
CONTENT
ssdeep
|
384:lwA/g8CfkPCElm2RcbE6mWl/8np2icWAJdnxZvvv69vvvHSBBvvvxfAEj:f/r4WCwUEhpdcJdHvvvyvvvyHvvvx1 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8d0af5f6052cd5c5 |
|
VISUAL
aHash
|
000000003fffffff |
|
VISUAL
dHash
|
d67bf3f7ed283332 |
|
VISUAL
wHash
|
000000017fffffff |
|
VISUAL
colorHash
|
0b001600040 |
|
VISUAL
cropResistant
|
f7f7ede136293212,d679f9f3fbf7ffe9 |
Code Analysis
Risk Score
65/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Phishing
• Target: Blockchain.com users
• Method: Impersonation through a signup form on a free hosting site.
• Exfil: Unknown (likely email addresses initially, potentially more data later)
• Indicators: Free hosting, brand logo, form.
• Risk: High
📊 Risk Score Breakdown
Total Risk Score
90/100
Contributing Factors
Free Hosting
The use of a free hosting service is a major indicator of phishing.
Brand Impersonation
The website attempts to impersonate the Blockchain.com website, which is a known brand.
Form Presence
The website has a form to collect user data, increasing risk
🔬 Comprehensive Threat Analysis
Threat Type
Credential Harvesting Kit
Target
Blockchain.com users (International)
Attack Method
Brand impersonation + credential harvesting forms
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, Personal Info
🏢 Brand Impersonation Analysis
Impersonated Brand
Blockchain.com
Official Website
https://www.blockchain.com/
Fake Service
Blockchain.com Signup
⚔️ Attack Methodology
Primary Method: Credential Harvesting
The site uses a form to trick users into entering their email address. This is a common method of gathering credentials for future attacks. This may lead to credential stuffing attacks.
Secondary Method: Brand Impersonation
The site mimics the appearance of the legitimate Blockchain.com website to build trust and deceive users.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
blockchain-clone-lyart.vercel.app
Registered
None
Registrar
None
Status
None
🔬 JavaScript Deep Analysis
Total Code Size
4.1 KB
🔐 Obfuscation Detected
- : None
- : None
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Blockchain.com
http://blockchain-clone-lyart.bercel.app/
Jun 24, 2026
Blockchain.com
https://blockchain-clone-lyart.vercel.app/
Mar 18, 2026
Blockchain.com
https://www.blockchain-clone-lyart.vercel.app
Mar 14, 2026
Blockchain.com
http://www.blockchain-clone-lyart.vercel.app/
Jan 04, 2026
Blockchain.com
http://blockchain-clone-lyart.vercel.app
Dec 24, 2025
Scan History for blockchain-clone-lyart.vercel.app
Found 8 other scans for this domain
-
https://www.blockchain-clone-lyart.vercel.app
https://www.blockchain-clone-lyart.vercel.app/html...
https://blockchain-clone-lyart.vercel.app/html/abo...
https://blockchain-clone-lyart.vercel.app/
https://www.blockchain-clone-lyart.vercel.app
http://www.blockchain-clone-lyart.vercel.app/
http://blockchain-clone-lyart.vercel.app
http://blockchain-clone-lyart.vercel.app
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.