Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T19734299E72D4B0A90B977174E03F720EF2BB6D41288CC110EA65D5D63C6984ED233F6A |
|
CONTENT
ssdeep
|
3072:qnREtqufV0bGrW3sYvO2OvBenacsBz/Xq7M/jr5C9yp:qREt50biW3sYO2Or |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9b13391938666e6d |
|
VISUAL
aHash
|
080c34243cffffff |
|
VISUAL
dHash
|
3959654951606141 |
|
VISUAL
wHash
|
002c34243c3cffff |
• Threat: Credential harvesting phishing kit targeting CSS insurance customers
• Target: Users of CSS insurance
• Method: Fake login form steals email and password
• Exfil: Likely a custom API endpoint based on the domain
• Indicators: Domain mismatch, free hosting, login form
• Risk: HIGH - Immediate credential theft
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain