EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of mint-nftboxx-six-xi.vercel.app

Detection Info

http://mint-nftboxx-six-xi.vercel.app/
Detected Brand
OpenSea Pro
Country
International
Confidence
100%
HTTP Status
200
Report ID
ffedf8dc-2ee…
Analyzed
2026-03-16 10:41
Final URL (after redirects)
https://mint-nftboxx-six-xi.vercel.app/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T18E33F9F993A8E6F5E501D3E8DB214575736B11FAAE82C720C3F8DF9C69A584DCC58880
CONTENT ssdeep
768:BhXTRlXND9bVOvuOdIP3hyCBE8hXTRlXND9bVN:7RFVUuO2P3bRFVN

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
bb26c4d9d9c092d6
VISUAL aHash
ff0101090d0dffff
VISUAL dHash
b60f8d5b5919d8f8
VISUAL wHash
ff0101010d0cffff
VISUAL colorHash
132000c0002
VISUAL cropResistant
02b5a106a6061717,172d9b5b191980d9,170f2d1b5b591919

Code Analysis

Risk Score 79/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Phishing
• Target: OpenSea Pro users
• Method: Impersonation using free hosting.
• Exfil: Potentially any data entered, leading to crypto theft.
• Indicators: Free hosting, brand logo.
• Risk: Critical

🔒 Obfuscation Detected

  • eval
  • fromCharCode
  • unicode_escape

📊 Risk Score Breakdown

Total Risk Score
95/100

Contributing Factors

Free hosting provider
Vercel.app is a common phishing tool.
Brand Impersonation
Uses OpenSea Pro logo to impersonate the legitimate website.
Exfiltration detected
javascript obfuscation and exfiltration targets.

🔬 Comprehensive Threat Analysis

Threat Type
Banking Credential Harvester
Target
OpenSea Pro users (International)
Attack Method
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 5554 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand
OpenSea Pro
Official Website
null
Fake Service
NFT Minting

Fraudulent Claims

⚔️ Attack Methodology

Primary Method: Credential Harvesting / Wallet Drain

The attacker likely aims to trick users into connecting their cryptocurrency wallets to a malicious website. Once connected, the attacker can potentially steal the contents of the wallet, or redirect assets to the attacker’s account or compromise the user’s credentials.

Secondary Method: Social Engineering

The attacker uses a combination of visual cues to mirror the appearance of OpenSea Pro, and may use deceptive language, promising rewards or urgent actions, to manipulate users into taking actions that benefit the attacker.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
mint-nftboxx-six-xi.vercel.app
Registered
None
Registrar
None
Status
Inactive/Placeholder

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
OpenSea
https://www.opensea-nftbox02-dusky.vercel.app/
Apr 07, 2026
 Screenshot
OpenSea Pro
https://mint-nftbox-orpin.vercel.app/
Mar 29, 2026
 Screenshot
OpenSea
http://mint-nftbox-orpin.vercel.app/
Mar 27, 2026
 Screenshot
OpenSea
http://mystery-box4-two.vercel.app
Mar 20, 2026
 Screenshot
OpenSea
http://opensea-nftbox-wine.vercel.app/
Jan 30, 2026

Scan History for mint-nftboxx-six-xi.vercel.app

Found 1 other scan for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.