SafeMode - Analysis: claim-250.pages.dev

Visual Capture

Detection Info

https://claim-250.pages.dev/

Detected Brand

Unknown

Country

Unknown

Confidence

100%

HTTP Status

200

Report ID

d3ba7839-2b7…

Analyzed

2026-06-23 23:35

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T17E3272F24054602F109B86CB8F29576C73FA71FAE5B60302A7E9838DDBDEC91DD06845
CONTENT ssdeep	192:cdoDrlWrlMI6z40AAAqRZ6asGBK64rlVBrl1trlar2Qf4K40W1AAqRZ6WmXLIlT2:HrlWrlD0pRZ6ask/4rlVBrl1trlar2fB

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	93929c6c65e49e96
VISUAL aHash	7e6c2c6420180018
VISUAL dHash	f4d8c8cdd961b271
VISUAL wHash	ff7e7c6c003c1838
VISUAL colorHash	31e00000000
VISUAL cropResistant	e080000909042801,783c7f6f6343fb7f,f4d8c8cdd961b271

Code Analysis

Risk Score 65/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 OTP Stealer 🎣 Personal Info

🎯 Kit Endpoints

#blog

📊 Risk Score Breakdown

Total Risk Score

100/100

Contributing Factors

Active Phishing Kit

Detected kit types: OTP Stealer, Personal Info

🔬 Comprehensive Threat Analysis

Threat Type

Two-Factor Authentication Stealer

Target

General public

Attack Method

Phishing webpage

Exfiltration Channel

Unknown

Risk Assessment

HIGH - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

Kit types: OTP Stealer, Personal Info

🏢 Brand Impersonation Analysis

Impersonated Brand

Generic Phishing

Official Website

N/A

Fake Service

Airdrop/claim portal

⚔️ Attack Methodology

Primary Method: Two-Factor Authentication Bypass

Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.