EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of mint-nftboxx-six-xi.vercel.app

Informações de Detecção

http://mint-nftboxx-six-xi.vercel.app/
Detected Brand
OpenSea Pro
Country
International
Confidence
100%
HTTP Status
200
Report ID
ffedf8dc-2ee…
Analyzed
2026-03-16 10:41
Final URL (after redirects)
https://mint-nftboxx-six-xi.vercel.app/

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T18E33F9F993A8E6F5E501D3E8DB214575736B11FAAE82C720C3F8DF9C69A584DCC58880
CONTENT ssdeep
768:BhXTRlXND9bVOvuOdIP3hyCBE8hXTRlXND9bVN:7RFVUuO2P3bRFVN

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
bb26c4d9d9c092d6
VISUAL aHash
ff0101090d0dffff
VISUAL dHash
b60f8d5b5919d8f8
VISUAL wHash
ff0101010d0cffff
VISUAL colorHash
132000c0002
VISUAL cropResistant
02b5a106a6061717,172d9b5b191980d9,170f2d1b5b591919

Análise de Código

Risk Score 79/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários OpenSea Pro
• Método: Imitação usando hospedagem gratuita.
• Exfil: Potencialmente, quaisquer dados inseridos, levando ao roubo de criptomoedas.
• Indicadores: Hospedagem gratuita, logotipo da marca.
• Risco: Crítico

🔒 Obfuscation Detected

  • eval
  • fromCharCode
  • unicode_escape

📊 Detalhamento da Pontuação de Risco

Total Risk Score
95/100

Contributing Factors

Free hosting provider
Vercel.app is a common phishing tool.
Brand Impersonation
Uses OpenSea Pro logo to impersonate the legitimate website.
Exfiltration detected
javascript obfuscation and exfiltration targets.

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Banking Credential Harvester
Alvo
OpenSea Pro users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
HIGH - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info
  • 5554 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
OpenSea Pro
Official Website
null
Fake Service
NFT Minting

Fraudulent Claims

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting / Wallet Drain

The attacker likely aims to trick users into connecting their cryptocurrency wallets to a malicious website. Once connected, the attacker can potentially steal the contents of the wallet, or redirect assets to the attacker’s account or compromise the user’s credentials.

Secondary Method: Social Engineering

The attacker uses a combination of visual cues to mirror the appearance of OpenSea Pro, and may use deceptive language, promising rewards or urgent actions, to manipulate users into taking actions that benefit the attacker.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domain
mint-nftboxx-six-xi.vercel.app
Registered
None
Registrar
None
Status
Inactive/Placeholder

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
OpenSea
https://www.opensea-nftbox02-dusky.vercel.app/
Abr 07, 2026
 Screenshot
OpenSea Pro
https://mint-nftbox-orpin.vercel.app/
Mar 29, 2026
 Screenshot
OpenSea
http://mint-nftbox-orpin.vercel.app/
Mar 27, 2026
 Screenshot
OpenSea
http://mystery-box4-two.vercel.app
Mar 20, 2026
 Screenshot
OpenSea
http://opensea-nftbox-wine.vercel.app/
Jan 30, 2026

Scan History for mint-nftboxx-six-xi.vercel.app

Found 1 other scan for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.