Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://immediate-xtrade.com/
Detected Brand
Immediate Xtrade (likely a brand itself)
Country
International
Confidence
100%
HTTP Status
200
Report ID
13d851cb-a65…
Analyzed
2026-02-23 12:23
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B313523350445A7E02D786C676B16B0EF6E6D64EDA961A02E7EC831D17C3EC0CE36B52 |
|
CONTENT
ssdeep
|
768:0zbAx9+IWv+er7JvGrP1thgOIAJUseVXYcO6tFH9Y2EfzV3A:nH+Ij0ErdVbDeVDtx95Ef+ |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b2b6cd343c14c9c7 |
|
VISUAL
aHash
|
ffcfcf878787ffff |
|
VISUAL
dHash
|
2b2c0c2c2e3c982b |
|
VISUAL
wHash
|
fb878787838600fb |
|
VISUAL
colorHash
|
07606000000 |
|
VISUAL
cropResistant
|
2b2c0c2c2e3c982b,70f5bcb9a36d5846 |
Code Analysis
Risk Score
71/100
Threat Level
MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Credential Harvesting
• Target: Unsuspecting users
• Method: Deception via registration form.
• Exfil: Unknown, likely to a database.
• Indicators: Registration Form, relatively new domain, obfuscated javascript.
• Risk: Moderate
🔒 Obfuscation Detected
- fromCharCode
- unicode_escape
📊 Risk Score Breakdown
Total Risk Score
65/100
Contributing Factors
Recent Domain
Domain age of 248 days is relatively new, indicating a potential risk.
Form with data collection
The presence of a registration form requesting personal information is a common phishing tactic.
Obfuscation Detected
Javascript Obfuscation detected, likely to hide malicious code or evade detection.
🔬 Comprehensive Threat Analysis
Threat Type
Credential Harvesting Kit
Target
Immediate Xtrade (likely a brand itself) users (International)
Attack Method
credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, Personal Info
- 12 obfuscation techniques
🏢 Brand Impersonation Analysis
Impersonated Brand
Immediate Xtrade
Fake Service
Trading platform/informational hub
⚔️ Attack Methodology
Primary Method: Credential Harvesting
The site likely aims to collect user credentials through a registration form. Users provide their personal information and may later receive phishing emails or other malicious content.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
immediate-xtrade.com
Registered
Unknown
Registrar
Unknown
Status
Active
🤖 AI-Extracted Threat Intelligence
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.