Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T14D323CF12220257F065B8BE9FA91E3CDF64FA14CD9624E84D178437926CBCE0D916978 |
|
CONTENT
ssdeep
|
192:999lDvk0NlohsV6qB2kZFo/MdF/C84+Hi9Vcs/MZk7K/GfxTNy:ZlD7NlohsTTo/MdF34+H8VPECG/QNy |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ecdbc19a2cc36c2c |
|
VISUAL
aHash
|
f0f2f3f393f3f3f3 |
|
VISUAL
dHash
|
159447673625a426 |
|
VISUAL
wHash
|
f0f0f1b090f0f2f2 |
|
VISUAL
colorHash
|
07000030000 |
|
VISUAL
cropResistant
|
159447673625a426,9991858b362db66c |
โข Threat: None (Legitimate)
โข Target: GitBook users
โข Method: N/A
โข Exfil: N/A
โข Indicators: Domain matches brand, standard login form
โข Risk: Low
The site is designed to collect user credentials by presenting a legitimate-looking login form. The obfuscated Javascript may be for tracking or more malicious uses.
8443689.jsPages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain