EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats
94 Risk Score

High Risk

Threat Level: BAJO • Impersonating: Ln.run
  • • Threat: Legitimate URL shortening service.
  • • Target: General internet users seeking to shorten URLs.
  • • Method: Provides a form to input long URLs and generate shortened versions.
  • • Exfil: No data exfiltration detected.
  • • Indicators: Uses legitimate domain and provides a functional service.
  • • Risk: LOW - Standard URL shortening service.

⚠ Risk Factors

  • Brand impersonation of Ln.run on non-official domain
  • Contains 3 credential harvesting form(s)
  • Credential harvesting indicators detected
  • OTP/2FA stealing indicators detected

Visual Capture

No screenshot available

Detection Info

https://shorten.tv/s7TJU
Detected Brand
Ln.run
Country
International
Confidence
100%
HTTP Status
200
Report ID
3b65361e-6bc…
Analyzed
2026-01-02 09:21
Final URL (after redirects)
https://ln.run/blog/what-is-a-url-shortener-benefits-the-pros-and-cons/?utm_source=shorten.tv.s7TJU&utm_medium=referral&utm_campaign=lnnf

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T14123A6768904D2BB011780C7FE652F59F6E0034BD7111F96E0A8C24CB38AFE5997FAA4
CONTENT ssdeep
768:yjBh4Bf81cVqcWGv6uad44c46q44V6qa2aCMavENQR1K8b9QxmzDmpqyPfJ1uXaV:t244c4R44E9htLiHyIst

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
dd5c55b1a1a44d4d
VISUAL aHash
000000ffffffffff
VISUAL dHash
021061475e5e5f53
VISUAL wHash
00000080ffffbfff
VISUAL colorHash
070000001c0
VISUAL cropResistant
70610f5b5b5e5b5b,a68080a8e8e88080,0202001010607101

Code Analysis

Risk Score 94/100
Threat Level BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Legitimate URL shortening service.
• Target: General internet users seeking to shorten URLs.
• Method: Provides a form to input long URLs and generate shortened versions.
• Exfil: No data exfiltration detected.
• Indicators: Uses legitimate domain and provides a functional service.
• Risk: LOW - Standard URL shortening service.

🔐 Credential Harvesting Forms

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • base64_strings

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
ln.run
https://ln.run/0vQa5
Jan 07, 2026
No screenshot
Ln.run
https://ln.run/j2BAQ
Jan 03, 2026

Scan History for shorten.tv

Found 2 other scans for this domain