EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

No screenshot available

Detection Info

https://zn-imtoken.me/
Detected Brand
imToken
Country
International
Confidence
100%
HTTP Status
200
Report ID
1928a2ec-cfcā€¦
Analyzed
2025-12-31 21:30

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1B8A3E612B390313AC157B0A198EFDE09B675415C93DA9818766DC1E99FB087C8B3EDDC
CONTENT ssdeep
1536:xHix+dzmsikiV23C0RSyaOC0+RBAFYS6RBRC8OSh9lGTX9ZWkwKz3bjJD/krUUox:xSgiV20VAFYS6RLC8O0G79Z3wKz3bjOM

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
ece943929231e1ed
VISUAL aHash
fffffbffff000000
VISUAL dHash
0b2312372452f0d4
VISUAL wHash
edffc3dfdf000000
VISUAL colorHash
070020001c0
VISUAL cropResistant
0b29061317372643,0830320809c48609,82924cb292969680,0012e040c4d4d4d4

Code Analysis

Risk Score 95/100
Threat Level BAJO
šŸŽ£ Credential Harvester šŸŽ£ OTP Stealer šŸŽ£ Banking šŸŽ£ Personal Info

šŸ”¬ Threat Analysis Report

ā€¢ Threat: Possible brand impersonation / domain typo
ā€¢ Target: imToken users
ā€¢ Method: Misleading domain name
ā€¢ Exfil: N/A (no data exfiltration directly observed in this screenshot)
ā€¢ Indicators: Future domain creation date
ā€¢ Risk: LOW - Potential for future phishing or brand abuse depending on the intent behind the domain. No active phishing seen in the screenshot.

šŸ” Credential Harvesting Forms

šŸ”’ Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

šŸŽÆ Kit Endpoints

  • /blog

šŸ“” API Calls Detected

  • text/html
  • https://www.google.com/ccm/geo
  • POST

šŸ“¤ Form Action Targets

  • https://d0a5ba0b.sibforms.com/serve/MUIEAEz3dQk0fDrweVnmTpQQbZ2rw7qQ0gwoG6uu7cmDs0Qbh-IH9n_9vnkOQcAbKkvvwJN3s6pdlocND15cgu8iWZpPKmLHrRotNy0Y7OWZCbE6s_ufjQdZ1gF97q8wMCufNErgiw-O2ZXG15IuswkxLv9-ibQzyNEr6vAKCXMI0DSy_0nRpnTgnUV27alZPD76WvkNNHW5Ylmh

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
imToken
https://tokenpcktoe.pro/
Jun 11, 2026
 Screenshot
imToken
https://www.imtokevn.im/
Jun 08, 2026
 Screenshot
imToken
https://www.imtoken.bot/
Feb 03, 2026
No screenshot
imToken
https://imtonkem.im/
Dec 31, 2025

Scan History for zn-imtoken.me

Found 3 other scans for this domain

šŸ˜°
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.