Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T174E229B4A230D335B1C24BE8DA6425287A5FE1DCD7C695B4E388AF11B0D6CE8D5260CB |
|
CONTENT
ssdeep
|
384:4r/aMJguH8mLRhiXkdvNTDhPhLxeAxeDWNW1Tp34PxeeJEmuW3AsGyzRWIMd:4r/aMJguj1hhPhleMeDGCSPxeeWmHRW |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c3393ffc6815384c |
|
VISUAL
aHash
|
00242070f0f67670 |
|
VISUAL
dHash
|
4cccdac1c1c4ccc1 |
|
VISUAL
wHash
|
802620f0f0fefff0 |
|
VISUAL
colorHash
|
30600018000 |
|
VISUAL
cropResistant
|
69e8f0b9f8686868,88304c4d4c300882,4cccdac1c1c4ccc1 |
• Threat: Phishing
• Target: Users seeking rewards
• Method: Fake registration page
• Exfil: Sensitive user data
• Indicators: JavaScript obfuscation, suspicious WebSocket URLs
• Risk: High
The site mimics a legitimate service to trick users into providing personal information.
JavaScript is used to send collected data to a remote server.
Pages with identical visual appearance (based on perceptual hash)