EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of oauth---en--sso----kucoin.webflow.io

Información de Detección

https://oauth---en--sso----kucoin.webflow.io/
Detected Brand
KuCoin
Country
International
Confidence
95%
HTTP Status
200
Report ID
4788c1de-016…
Analyzed
2026-03-08 08:38

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T19981737795A8E815D320C3F86DA5229CE247918FC6C0D99776D2802E23FCA1D442BE65
CONTENT ssdeep
96:tXv4a9TPSw/eARlHAttADAfAR11luuKo74ATON1r:9l9TPSwmsstE8XGON1r

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
ec68669793999991
VISUAL aHash
e18191d9ffff8fff
VISUAL dHash
e32733b34436562c
VISUAL wHash
010101d1ff9f83ff
VISUAL colorHash
07038000000
VISUAL cropResistant
e32733b34436562c

Análisis de Código

Risk Score 53/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de KuCoin
• Método: Suplantación de identidad a través de un sitio web similar alojado en hosting gratuito.
• Exfil: Potencialmente robo de credenciales (correo electrónico/teléfono y contraseña)
• Indicadores: Hosting gratuito, logo de la marca, formularios
• Riesgo: Alto

🔒 Obfuscation Detected

  • fromCharCode

📊 Desglose de Puntuación de Riesgo

Total Risk Score
90/100

Contributing Factors

Free Hosting
The use of webflow.io, a free hosting service, is a major indicator of phishing.
Brand Impersonation
The site uses KuCoin branding to trick users.
Forms Present
Presence of forms indicates an attempt to collect user data.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza
Credential Harvesting Kit
Objetivo
KuCoin users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 2 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand
KuCoin
Official Website
https://www.kucoin.com/
Fake Service
KuCoin cryptocurrency exchange

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The attacker is attempting to steal user's KuCoin account credentials by creating a fake login page that mimics the legitimate website's design. Users are tricked into entering their information into the malicious form.

Secondary Method: Social Engineering

The attacker may use various social engineering techniques to direct users to the fake site. This could include phishing emails, social media posts, or search engine optimization.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Domain
oauth---en--sso----kucoin.webflow.io
Registered
None
Registrar
None
Status
None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
KuCoin
https://auth-kucon-help-sso.webflow.io/
Abr 06, 2026
 Screenshot
KuCoin
http://auth-kucon-help-sso.webflow.io/
Mar 22, 2026
 Screenshot
KuCoin
http://service-sso-kucoin-vdn.webflow.io
Mar 22, 2026
 Screenshot
KuCoin
https://service-sso-kucoin-vdn.webflow.io/
Mar 22, 2026
 Screenshot
KuCoin
https://service-sso-kucoin-vdn.webflow.io/
Mar 21, 2026

Scan History for oauth---en--sso----kucoin.webflow.io

Found 1 other scan for this domain

😰
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.