Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T162033BF56394A6B9B101C3E4DB326639739751FADE838310C3ED9B8C89D9C8EDC99841 |
|
CONTENT
ssdeep
|
768:1thXTRlXND9bVbv9OpTTRVPCMOXTFsKtbxp:BRFVr9OpvXCMOXTFsKtbxp |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b313c46dccca6ae8 |
|
VISUAL
aHash
|
ff0607070301ffff |
|
VISUAL
dHash
|
bc5cdd5d5a3fe4c0 |
|
VISUAL
wHash
|
ff0605050300ffff |
|
VISUAL
colorHash
|
13200180001 |
|
VISUAL
cropResistant
|
bc5c585d9d5f1a3f,8080c0c08064e2e0,5c5c59dd5d5e3f2f,008040a030e8d4ec,369ecdcfcec86917 |
• Threat: NFT phishing targeting OpenSea users
• Target: OpenSea users interested in a Mystery Box Airdrop
• Method: Fake promotional webpage on free hosting to trick users
• Exfil: Unknown, likely redirects to a credential harvesting form
• Indicators: Free hosting, domain mismatch, OpenSea branding
• Risk: HIGH - Potential to steal credentials or seed phrases