Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://littlepepeweb.pages.dev/
Detected Brand
Little Pepe
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
46d5ed22-4a5…
Analyzed
2026-04-08 19:35
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17753EBBC41444432814E88D7DA3D764EE29FC14086366E956FA073C77F8AE958B06FEE |
|
CONTENT
ssdeep
|
768:Gd1H0J0LVwlQpLpSnlxeGGNo9+Vm7s7o7A737mu21uaFxqrRe+tdsK2GCOS6e3Wz:S1pLpyfeGGNo92m7s7o7A737mf/U |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b89568ae47ec4c93 |
|
VISUAL
aHash
|
030f9fffffcfc100 |
|
VISUAL
dHash
|
661e3a9a9cab3bb1 |
|
VISUAL
wHash
|
020f0effffc9c900 |
|
VISUAL
colorHash
|
06007000000 |
|
VISUAL
cropResistant
|
661e3a9a9cab3bb1,57475b7333794365,0e9e9e868e610400 |
Code Analysis
Risk Score
88/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 OTP Stealer
🔒 Obfuscation Detected
- base64_strings
📊 Risk Score Breakdown
Total Risk Score
88/100
Contributing Factors
Active Phishing Kit
Detected kit types: OTP Stealer
Code Obfuscation
JavaScript code obfuscated using 1 technique(s) to evade detection
🔬 Comprehensive Threat Analysis
Threat Type
Two-Factor Authentication Stealer
Target
Little Pepe users
Attack Method
obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: OTP Stealer
- 1 obfuscation techniques
🏢 Brand Impersonation Analysis
Impersonated Brand
Little Pepe
Official Website
N/A
Fake Service
Credential harvesting service
⚔️ Attack Methodology
Primary Method: Two-Factor Authentication Bypass
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
Secondary Method: JavaScript Obfuscation
Malicious code is obfuscated using 1 techniques to evade detection by security scanners and make reverse engineering more difficult.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
littlepepeweb.pages.dev
Registered
Unknown
Registrar
Unknown
Status
Hosting platform (subdomain)
Hosting Information
Provider
Unknown
ASN
🤖 AI-Extracted Threat Intelligence
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.