Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T13E4153B1944AAC3F02C3D5E0AAB55B5F6BD8C289CE934B4B13F893AC6FDAD95DC45100 |
|
CONTENT
ssdeep
|
24:hR0ks1ACcrSxY/lLeOpMRU7PxMd6pFrGQcBsFzwrQg8rQgSrQgyrQgS6bZBkHUKL:Tc1sXeAB1MdGbw8g88gS8gy8gFbSyMj |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
bf3f3b3a6a0484c4 |
|
VISUAL
aHash
|
8181ffffffffffff |
|
VISUAL
dHash
|
333bc04084000000 |
|
VISUAL
wHash
|
00013f3f0f0f0f0f |
|
VISUAL
colorHash
|
07e00000000 |
|
VISUAL
cropResistant
|
333bc04084000000,53d3daf094dc98b8 |
• Threat: Phishing
• Target: Roblox users
• Method: Credential Harvesting
• Exfil: Unknown, likely to a database or attacker-controlled server.
• Indicators: Free Robux, username input, Netlify hosting.
• Risk: High
The attacker aims to steal the user's Roblox username to then try to gain access to the account or use it to target the user further.
Once the username is obtained, it will be used to target the account, to take it over.
Pages with identical visual appearance (based on perceptual hash)
Found 2 other scans for this domain