EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of oauth---en--sso----kucoin.webflow.io

Informações de Detecção

https://oauth---en--sso----kucoin.webflow.io/
Detected Brand
KuCoin
Country
International
Confidence
95%
HTTP Status
200
Report ID
4788c1de-016…
Analyzed
2026-03-08 08:38

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T19981737795A8E815D320C3F86DA5229CE247918FC6C0D99776D2802E23FCA1D442BE65
CONTENT ssdeep
96:tXv4a9TPSw/eARlHAttADAfAR11luuKo74ATON1r:9l9TPSwmsstE8XGON1r

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
ec68669793999991
VISUAL aHash
e18191d9ffff8fff
VISUAL dHash
e32733b34436562c
VISUAL wHash
010101d1ff9f83ff
VISUAL colorHash
07038000000
VISUAL cropResistant
e32733b34436562c

Análise de Código

Risk Score 53/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários KuCoin
• Método: Personificação através de um site semelhante hospedado em hospedagem gratuita.
• Exfil: Potencialmente roubo de credenciais (e-mail/telefone e senha)
• Indicadores: Hospedagem gratuita, logotipo da marca, formulários
• Risco: Alto

🔒 Obfuscation Detected

  • fromCharCode

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

Free Hosting
The use of webflow.io, a free hosting service, is a major indicator of phishing.
Brand Impersonation
The site uses KuCoin branding to trick users.
Forms Present
Presence of forms indicates an attempt to collect user data.

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Credential Harvesting Kit
Alvo
KuCoin users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester
  • 2 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
KuCoin
Official Website
https://www.kucoin.com/
Fake Service
KuCoin cryptocurrency exchange

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The attacker is attempting to steal user's KuCoin account credentials by creating a fake login page that mimics the legitimate website's design. Users are tricked into entering their information into the malicious form.

Secondary Method: Social Engineering

The attacker may use various social engineering techniques to direct users to the fake site. This could include phishing emails, social media posts, or search engine optimization.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domain
oauth---en--sso----kucoin.webflow.io
Registered
None
Registrar
None
Status
None

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
KuCoin
https://auth-kucon-help-sso.webflow.io/
Abr 06, 2026
 Screenshot
KuCoin
http://auth-kucon-help-sso.webflow.io/
Mar 22, 2026
 Screenshot
KuCoin
http://service-sso-kucoin-vdn.webflow.io
Mar 22, 2026
 Screenshot
KuCoin
https://service-sso-kucoin-vdn.webflow.io/
Mar 22, 2026
 Screenshot
KuCoin
https://service-sso-kucoin-vdn.webflow.io/
Mar 21, 2026

Scan History for oauth---en--sso----kucoin.webflow.io

Found 1 other scan for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.