Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T15675D56CA7A1A3FC0D6A83E18D214074798F55EE7650A33CF27DC6B0B2625ECC1D5C9A |
|
CONTENT
ssdeep
|
12288:qqUD0JPvgJmhulEoMSlLc/44iURum05xa:3JP2JLcAg/05xa |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b131ce4ecce44cce |
|
VISUAL
aHash
|
cfcfc7c70000ffff |
|
VISUAL
dHash
|
98999e9e98640000 |
|
VISUAL
wHash
|
070703030000ffff |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
98999d999e9e999c,0000000000000000,00c88080c8800000,0000018696410000 |
• Threat: Potential brand impersonation redirect.
• Target: Swisscom customers
• Method: Login form that may redirect to a different site.
• Exfil: Potentially capturing credentials if the site is malicious.
• Indicators: Domain name mismatch
• Risk: LOW - Domain does not match official Swisscom website, but site content appears legitimate.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain