Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B4E1D7E38320845D5AA7C569EF17F059E1A3D0D7F5252E8092EADE6F94C3DF0E823A11 |
|
CONTENT
ssdeep
|
192:KYsGZBqZ5SqugxuOoRnigni6U3qV0OKPG8:KYsoBshVVoPOqVben |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9c9cccc0f3e3e3c0 |
|
VISUAL
aHash
|
7f1f1f000000f0fc |
|
VISUAL
dHash
|
f2b2badefec0c0c0 |
|
VISUAL
wHash
|
ff1f1f020060f8fc |
|
VISUAL
colorHash
|
061c8000000 |
|
VISUAL
cropResistant
|
f2b2badefec0c0c0 |
• Threat: Possible impersonation or promotion link.
• Target: Telegram users
• Method: Encouraging users to contact a specific Telegram username.
• Exfil: None - No data exfiltration evident, just a call to action.
• Indicators: Non-standard domain for direct Telegram interaction.
• Risk: LOW - Likely a promotional link or direct communication channel rather than a credential theft attempt.
Pages with identical visual appearance (based on perceptual hash)
Found 5 other scans for this domain