EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of linkpop.com

Detection Info

https://linkpop.com/mail-update
Detected Brand
Rogers
Country
Canada
Confidence
100%
HTTP Status
200
Report ID
39b63122-42b…
Analyzed
2025-12-31 14:07
Final URL (after redirects)
https://linkpop.com/mail-update/index.html

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T12B92A6B6A1B2D1F8221F7ED0FD81BB4CE98BE30F679593F292D622541740E844C2BC55
CONTENT ssdeep
384:P5iZ/dYQ1a3u1SrBNi7Vo3YrFEkegpx2CkVOBXuDmizIUMDBHP1UBTo7gMhDNh09:hiZ1YQ1a3u1SrBNi7Vo3YrFEkegpx2Ci

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b366336c99cc9998
VISUAL aHash
e7e7e7ffffffffe7
VISUAL dHash
084c682000000008
VISUAL wHash
e4c0e4f83c3c3c24
VISUAL colorHash
07200030000
VISUAL cropResistant
084c682000000008

Code Analysis

Risk Score 95/100
Threat Level MEDIO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Phishing attempt impersonating Rogers.
• Target: Rogers email service users.
• Method: The page claims a Rogers update and urges the user to click a button.
• Exfil: Unknown; likely to redirect to a credential harvesting site or download malware if clicked.
• Indicators: Domain mismatch (linkpop.com instead of rogers.com).
• Risk: MEDIUM - Could lead to credential theft or malware infection.

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • hex_escape
  • unicode_escape

📡 API Calls Detected

  • HEAD
  • https://monorail-edge.shopifysvc.com/v1/produce
  • POST

Scan History for linkpop.com

Found 8 other scans for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.