Phishing Analysis
Detailed analysis of captured phishing page
96
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: Ascend Fundalis
- • Threat: Investment scam / Credential harvesting
- • Target: UK residents interested in crypto/AI trading.
- • Method: Promising high daily returns through 'automated AI trading' to lure users to enter personal details and potentially invest money. Input form on the landing page captures user information.
- • Exfil: validation/thankyou.php
- • Indicators: Recent domain registration, forms detected, obfuscated javascript, promises of unrealistic earnings, TLD .net.
- • Risk: HIGH - Potential financial loss and credential theft.
⚠ Risk Factors
- OTP/2FA stealing indicators detected
- Banking fraud indicators detected
Visual Capture
Detection Info
https://ascendfundalis.net
Detected Brand
Ascend Fundalis
Country
UK
Confidence
100%
HTTP Status
200
Report ID
25c31eba-bdb…
Analyzed
2026-01-07 08:31
Final URL (after redirects)
https://ascendfundalis.net/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10703763511059EBF11A3C2F5F765AF6BB398C740C927DA56A2FC83291BC6C42CE62264 |
|
CONTENT
ssdeep
|
384:hQm63CSLuldFbxk6SDPUjPUq0lSWh59DTURucgvX7Pk5VbbkVA7eBPjbc/9lPH68:hiZ6kPUjPUDRTGAy7eBvUo8 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
ca16e9e9146b9663 |
|
VISUAL
aHash
|
0000040410fbf9ff |
|
VISUAL
dHash
|
deccecaca4231333 |
|
VISUAL
wHash
|
00000404fffff9ff |
|
VISUAL
colorHash
|
1b202008080 |
|
VISUAL
cropResistant
|
e4e42290e0b48080,80a080b034f080a0,8080a0b030808080,a080b8aaa8888080,00100a68707c0640,0033331313133330,d6acccccececa4a3,75b1b3717171d0d4 |
Code Analysis
Risk Score
96/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Investment scam / Credential harvesting
• Target: UK residents interested in crypto/AI trading.
• Method: Promising high daily returns through 'automated AI trading' to lure users to enter personal details and potentially invest money. Input form on the landing page captures user information.
• Exfil: validation/thankyou.php
• Indicators: Recent domain registration, forms detected, obfuscated javascript, promises of unrealistic earnings, TLD .net.
• Risk: HIGH - Potential financial loss and credential theft.
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- document.write
- unicode_escape