Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18E31DC6671444E3508838FB2F596EB5B31E0D618C747161929F983DC07D9EE2DCAA3CA |
|
CONTENT
ssdeep
|
24:hR/CvR3ChLBQbE6GSZ1sSmiu+F0SmmBFBCS287UqwFZqhuP6E5lKmFblWFkqhaS:T7hLebE1gCSvcSVCSEvOuTkFrh |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
99cc663399cccc33 |
|
VISUAL
aHash
|
0000181818180000 |
|
VISUAL
dHash
|
10003030b2300010 |
|
VISUAL
wHash
|
0c0c3c3c3c3c0000 |
|
VISUAL
colorHash
|
380000001c0 |
|
VISUAL
cropResistant
|
10003030b2300010 |
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.
JavaScript intercepts form submissions before they reach the fake backend. This allows real-time credential harvesting and validation without server round-trips.
Pages with identical visual appearance (based on perceptual hash)
Found 1 other scan for this domain