EN ES PT
Back to Stats

Visual Capture

Screenshot of trezoddrhkwallet.webflow.io

Detection Info

http://trezoddrhkwallet.webflow.io/
Detected Brand
Trezor
Country
International
Confidence
100%
HTTP Status
200
Report ID
70745bec-646…
Analyzed
2026-03-11 17:16
Final URL (after redirects)
https://trezoddrhkwallet.webflow.io/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T152E1A61BF35C33250E5201B55D8923FB876B446CA3364AE66DD8C05C7752BB09AB63C7
CONTENT ssdeep
192:58iPxwqNdNrtNBNYKpRfGg/tNOfkr2ACq:58sxwqNdNrtNBNYefGxXACq

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
e96992962d690f69
VISUAL aHash
fffb9999393bff7f
VISUAL dHash
cd8333335352addb
VISUAL wHash
7ff10119013b7f07
VISUAL colorHash
07000000c00
VISUAL cropResistant
cd8333335352addb,630783d975370f4c

Code Analysis

Risk Score 68/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Phishing
• Target: Trezor users
• Method: Impersonation through a look-alike website.
• Exfil: No direct exfiltration detected in the screenshot.
• Indicators: Free hosting, brand logo present, content similar to official site
• Risk: HIGH

🔒 Obfuscation Detected

  • fromCharCode

📊 Risk Score Breakdown

Total Risk Score
90/100

Contributing Factors

Free Hosting
Website hosted on webflow.io, indicating a high likelihood of phishing.
Brand Impersonation
Uses the Trezor brand logo and design.

🔬 Comprehensive Threat Analysis

Threat Type
Credential Harvesting Kit
Target
Trezor users (International)
Attack Method
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, Personal Info
  • 2 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
Trezor
Official Website
https://trezor.io/
Fake Service
Trezor Wallet

⚔️ Attack Methodology

Primary Method: Credential Harvesting

The attacker likely aims to trick users into entering their Trezor wallet information or seed phrases to steal their cryptocurrency.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
trezoddrhkwallet.webflow.io
Registered
None
Registrar
None
Status
None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.