Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
No screenshot available
Detection Info
https://zecpu.cc/bisen
Detected Brand
Binance
Country
International
Confidence
95%
HTTP Status
200
Report ID
d93e7e1a-dd7…
Analyzed
2025-12-23 01:09
Final URL (after redirects)
https://zecpu.cc/bisen/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1B4A283387295567B31C795F2B7216B6D7298C24FC727DA88A3F8C28977DEC668C61300 |
|
CONTENT
ssdeep
|
384:qCsq6VZsVBChUqL2OHfvm4tTig+4/2m2VVUrvA+QFXhkVDHi:qtVdmoHfvjsQjA+SXhktHi |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
fc3a6aa581e11f26 |
|
VISUAL
aHash
|
8f0181ffffe2e2f0 |
|
VISUAL
dHash
|
5f35159696568616 |
|
VISUAL
wHash
|
8f0101ffe3e2e0f8 |
|
VISUAL
colorHash
|
07006008000 |
|
VISUAL
cropResistant
|
ffffdde9f1f9dfff,ffffdde9f1f9ddff,5f35159696568616 |
Code Analysis
Risk Score
70/100
Threat Level
ALTO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Phishing targeting Binance users
• Target: Users of Binance Cloud Mining
• Method: Deceptive popup claiming earned BTC and imminent account blockage to initiate fake withdrawal procedure
• Exfil: Likely to a custom API or directly to the attacker for credential/payment information theft
• Indicators: Domain mismatch (zecpu.cc vs binance.com), urgency tactic (account block), suspicious withdrawal procedure
• Risk: HIGH - Potential for credential theft and cryptocurrency loss
🎯 Kit Endpoints
- loginer.php
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for zecpu.cc
Found 4 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.