EN ES PT
Back to Stats

Visual Capture

No screenshot available

Detection Info

https://bitcoin-qr.com/
Detected Brand
Unknown
Country
International
Confidence
100%
HTTP Status
200
Report ID
4bb5c706-a03…
Analyzed
2026-03-02 22:23

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1A5F2E7726204763A0AE381D1AB25276B73EDD2C8D35B0A125AFDC36C5BC2D57DD32728
CONTENT ssdeep
384:XuEv55WDOYV3wO9Th58wiDu1V1Kt6x90r5lfzVXAf4upYjkoRgZqgS2395WV:eEhHawO9158wDHKc2RpoAjBngfG

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b046e719cccc19cf
VISUAL aHash
67c3e79fcf8fe7e7
VISUAL dHash
8c0d0c3010980f0c
VISUAL wHash
7fc3001c0c0cffe7
VISUAL colorHash
07000038000
VISUAL cropResistant
8c0d0c3010980f0c

Code Analysis

Risk Score 98/100
Threat Level BAJO
🎣 Credential Harvester 🎣 Banking

🔬 Threat Analysis Report

• Threat: Possible Scam
• Target: Cryptocurrency users
• Method: Offering Bitcoin QR code generation
• Exfil: Potentially through Javascript, though unclear.
• Indicators: Domain name, form inputs, obfuscation
• Risk: Low

🔒 Obfuscation Detected

  • fromCharCode
  • unescape
  • document.write

📡 API Calls Detected

  • POST

📊 Risk Score Breakdown

Total Risk Score
30/100

Contributing Factors

Domain Age
Relatively new domain.
Obfuscation
Javascript obfuscation detected, suggesting potential malicious activity.

🔬 Comprehensive Threat Analysis

Threat Type
Banking Credential Harvester
Target
General public
Attack Method
obfuscated JavaScript
Exfiltration Channel
Unknown
Risk Assessment
CRITICAL - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, Banking
  • 10 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
Bitcoin (generic)
Fake Service
Bitcoin QR Code Generator

⚔️ Attack Methodology

Primary Method: Bitcoin Address Harvesting

The site's primary function is to accept and display a user-provided bitcoin address as a QR code. A malicious actor could use this to harvest bitcoin addresses, possibly for phishing or other scams.

Secondary Method: Javascript Injection

The presence of obfuscated javascript makes it possible the site is attempting to record the inputted Bitcoin address.

Target Blockchain
Bitcoin

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
bitcoin-qr.com
Registered
None
Registrar
Unknown
Status
Active

🤖 AI-Extracted Threat Intelligence

Scan History for bitcoin-qr.com

Found 1 other scan for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.