EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

No screenshot available

Detection Info

https://192.252.182.34/
Detected Brand
Coupng
Country
International
Confidence
100%
HTTP Status
200
Report ID
f1933244-491…
Analyzed
2026-03-13 13:54
Final URL (after redirects)
https://192.252.182.34/#/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T186224534740238AB963B4AC1F4A15F1D3507E33AC6851D99B7A516627FCACE88D3B378
CONTENT ssdeep
192:t+M9bUgSf54XJtPqDLbsoSsDWRvErEn45LfBaMcfYNqyTzhBeC3D:cMu54XLPeLbyEWTn45LfBarCtTzhBeCz

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
eb0b81807a7a7e9c
VISUAL aHash
00ff0000ffffffff
VISUAL dHash
d100011101000100
VISUAL wHash
00ff000000ffffff
VISUAL colorHash
0f407000000
VISUAL cropResistant
d0c9011121000000,0080014141000000,0000601080109060

Code Analysis

Risk Score 100/100
Threat Level BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: None detected
• Target: Coupang customers
• Method: Coupon validation
• Exfil: No exfiltration detected
• Indicators: Legitimate UI and coupon input
• Risk: Low

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

📡 API Calls Detected

  • GET
  • POST

📊 Risk Score Breakdown

Total Risk Score
60/100

Contributing Factors

Suspicious IP Address
The IP address is not the official Coupang website address
Obfuscated JavaScript
The JavaScript uses obfuscation, which could be malicious.

🔬 Comprehensive Threat Analysis

Threat Type
Banking Credential Harvester
Target
Coupng users (International)
Attack Method
obfuscated JavaScript
Exfiltration Channel
Unknown
Risk Assessment
CRITICAL - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 55 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
Coupng
Official Website
coupang.com
Fake Service
Coupon redemption

⚔️ Attack Methodology

Primary Method: Credential Harvesting

The site may be attempting to steal credentials through the input field, even if this is a legitimate function of Coupang, this is the first step of an attack.

Secondary Method: Malware distribution

After a successful login or data input, malicious JavaScript could be used to redirect the user to a malware download.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
Unknown
Registered
Unknown
Registrar
Unknown
Status
Unknown

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Coupang
http://coupangx.azureedge.net
Apr 01, 2026
 Screenshot
Coupang
https://192.252.182.34/
Mar 31, 2026
No screenshot
Coupang
http://coupangs.azureedge.net
Mar 13, 2026

Scan History for 192.252.182.34

Found 1 other scan for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.