SafeMode - Analysis: secure-trezorr-io-get.typedream.app

Visual Capture

Screenshot of secure-trezorr-io-get.typedream.app

Detection Info

http://secure-trezorr-io-get.typedream.app/

Detected Brand

Trezor

Country

International

Confidence

100%

HTTP Status

200

Report ID

7b8957a7-8c4…

Analyzed

2025-12-27 13:13

Final URL (after redirects)

https://secure-trezorr-io-get.typedream.app/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T180630B9A2455701A076340D394BB2B8AB7391C2FF92815E1A4B4CBF572B88F5316BF4F
CONTENT ssdeep	768:RyWuPquW/jwD5xyc/u1QI/vtjiW5C5u27p4qUlLX4ZsfK0eqKbrTFZX8UUk4zy2E:DGMyOloQzZs8oWQbp

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	be3ac2c2c3ce1e31
VISUAL aHash	fc8f879f8f9fffff
VISUAL dHash	413d2c201435e2c2
VISUAL wHash	3d0587878785717e

Code Analysis

Risk Score 70/100

Threat Level CRITICAL

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Brand impersonation phishing, aiming to deceive users into believing they are visiting the official Trezor website.
• Target: Trezor users who may be looking to download the Trezor Suite or manage their cryptocurrency.
• Method: Using a fake website hosted on a free platform to mimic the legitimate Trezor site.
• Exfil: There is no visible data exfiltration, as the site appears to be a landing page rather than a data collection point. However, it aims to redirect users to potentially malicious downloads or sites.
• Indicators: Free hosting platform (typedream.app), domain name not matching the official Trezor domain, and branding used without permission.
• Risk: HIGH - Potential for redirection to malicious downloads or other phishing sites that could lead to credential theft or malware infection.