Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B2221031749C6D375287D2DC77E4A70B76A6C213CB82160293F8879E5BEBD82CD012E6 |
|
CONTENT
ssdeep
|
192:LS0x+oY6q6Acfj2cV1DYL6KDYPQ8ZukYgT91:m5j6h1kuKkPT4gf |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b2b758a20dd8f827 |
|
VISUAL
aHash
|
ffffffffffff0000 |
|
VISUAL
dHash
|
0f0c0cb24e0895e4 |
|
VISUAL
wHash
|
f7e7ff1b234d0000 |
|
VISUAL
colorHash
|
0e000030000 |
|
VISUAL
cropResistant
|
2b0c0c96734e8d91,1ae5e5c3ece4e5f4 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
JavaScript intercepts form submissions before they reach the fake backend. This allows real-time credential harvesting and validation without server round-trips.
| ID | Portuguese | English | Trigger |
|---|---|---|---|
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain