Detailed analysis of captured phishing page
No screenshot available
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T138B141779010C81A1EB7D58CEBC2F5C852A6C24BFA306AD3A1C4516F9AC5EF494E336D |
|
CONTENT
ssdeep
|
96:Fm5yoTC2TCyX4aR1sYQfMmORR1E8VContc1PmQy6+l:85ygd3ndQfMmUU8VCoGO |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8cb3e471047d4b5d |
|
VISUAL
aHash
|
02ffff1e0000003a |
|
VISUAL
dHash
|
96f979f0f079f6e4 |
|
VISUAL
wHash
|
4affff3f0000007f |
|
VISUAL
colorHash
|
02006000000 |
|
VISUAL
cropResistant
|
9193930180808848,5353c8dc538b4d60,bafffffefefffffb,96f979f0f079f6e4 |
• Threat: Potential brand abuse by using brand assets on a non-official domain.
• Target: Exodus wallet users.
• Method: Informational landing page using the Exodus branding on a Framer app domain.
• Exfil: No data exfiltration detected.
• Indicators: Use of a framer.app domain instead of official domain.
• Risk: LOW - Although not the official domain, it may be a legitimate marketing landing page; exercise caution.
Pages with identical visual appearance (based on perceptual hash)