Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A813044271086AA5C2F349DD9500758060C7EB4ECD7087708A791E3B27E3AB577E9B7E |
|
CONTENT
ssdeep
|
768:oK3dQ5W6nu34pwTxiXjouoYR59Omje/sg6/sTg/sE787PMZOg:oK356n1wTxiX0uoYR59OmjasgusTksEf |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9550ea35d32dd227 |
|
VISUAL
aHash
|
cccc0e0e060603ff |
|
VISUAL
dHash
|
989cb83a983a6f0d |
|
VISUAL
wHash
|
eccc4e0e0e0e03ff |
|
VISUAL
colorHash
|
07606000000 |
|
VISUAL
cropResistant
|
9c89e9f961276567,989cb83a983a6f0d,4c8e8e1e8ea6ae27,06233212d3d3d3f2 |
• Threat: Phishing
• Target: MetaMask users
• Method: Impersonation via free hosting.
• Exfil: Unknown, likely harvesting of login credentials.
• Indicators: Free hosting, brand in domain, obfuscation.
• Risk: High
The site likely aims to steal user credentials for MetaMask wallets. Users are tricked into entering their seed phrase or password.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain