Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
http://epstn-event.fun
Detected Brand
Unknown (Jeffrey Epstein related)
Country
International
Confiança
95%
HTTP Status
200
Report ID
5167c390-643…
Analyzed
2026-02-01 11:20
Final URL (after redirects)
https://epstn-event.fun/
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17452A7A26154302F212B89CB5F29676C31B760BFDEB70241BBECC785D79AD40FD0A545 |
|
CONTENT
ssdeep
|
384:N03RZ6KgDqcOx0ARZ6pnzGxCevxGPB0F8:6BZ6KgDqlOKZ6NGx3O |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92928c6d6de49e96 |
|
VISUAL
aHash
|
7e6c2c6400180018 |
|
VISUAL
dHash
|
f4cccdc9d278b270 |
|
VISUAL
wHash
|
ff7e7c6c003c1838 |
|
VISUAL
colorHash
|
31e00000000 |
|
VISUAL
cropResistant
|
f4cccdc9d278b270 |
Análise de Código
Risk Score
3/100
Nível de Ameaça
ALTO
⚠️ Phishing Confirmed
🔬 Threat Analysis Report
• Ameaça: Golpe de criptomoeda
• Alvo: Usuários interessados em airdrops de criptomoeda
• Método: Site enganoso que promove um airdrop falso.
• Exfil: Desconhecido, provavelmente conectado a uma carteira criptográfica.
• Indicadores: Novo domínio, tema incomum, airdrop, ofuscação.
• Risco: Alto
🔒 Obfuscation Detected
- atob
🎯 Kit Endpoints
- #blog
📡 API Calls Detected
- https://lite-api.jup.ag/price/v3?ids=
- POST
📊 Detalhamento da Pontuação de Risco
Total Risk Score
95/100
Contributing Factors
Recent Domain
Domain created recently is a strong phishing indicator.
Unusual Topic
Combination of Epstein name and airdrop is highly suspicious
Obfuscation
Obfuscation detected using atob suggests an attempt to hide malicious code.
Airdrop
Airdrops can be used to trick users and potentially steal funds.
🔬 Análise Integral de Ameaças
Tipo de Ameaça
Unknown (Jeffrey Epstein related) Phishing Landing Page
Alvo
Unknown (Jeffrey Epstein related) users (International)
Método de Ataque
obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- 36 obfuscation techniques
🏢 Análise de Falsificação de Marca
Impersonated Brand
None (unbranded, Epstein name used)
Fake Service
Crypto Airdrop
Fraudulent Claims
⚔️ Metodologia de Ataque
Primary Method: Social Engineering
The site leverages the notoriety of Jeffrey Epstein and the allure of free crypto tokens to entice users into interacting with the site.
Secondary Method: Potential Malicious Smart Contract Interaction
Users might be asked to connect their wallets to claim the airdrop which could lead to theft of funds or approval of malicious contracts.
🌐 Indicadores de Compromisso de Infraestrutura
Domain Information
Domínio
epstn-event.fun
Registered
None
Registrar
Unknown
Estado
ACTIVE
🔬 JavaScript Deep Analysis
Operator Language
English (1%)
Total Code Size
11,4 KB
🔗 API Endpoints Detected
Other
4
Discord Webhooks
1
🔐 Obfuscation Detected
- : Light
- : None
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.