Phishing Analysis
Detailed analysis of captured phishing page
100
Risk Score
High Risk
Threat Level: BAJO
• Impersonating: Dropbox
- • Threat: Legitimate Dropbox Paper sign-in
- • Target: Dropbox Paper users
- • Method: Prompt to sign in to continue using Dropbox Paper
- • Exfil: No data exfiltration
- • Indicators: Official Dropbox domain, standard sign-in prompt
- • Risk: LOW - Standard sign-in process
⚠ Risk Factors
- JavaScript obfuscation detected (7 patterns)
- Credential harvesting indicators detected
- OTP/2FA stealing indicators detected
Visual Capture
No screenshot available
Detection Info
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOCxSAp3?auth_token=cd.AFtEbjMlE9DiLGV0ibslk5pXqflYghkVGvBg9eHg58vBmgAyAi0Y58SzdK6MuocOCCGC018jpLvqyzk-nxI2f3Sftx9SVnlWFKB0lGM1mHZqNwNDSRBBOzT1nEJotOadsQkc2SdbHuChbm_JVFcFY3Awdh1BCohiH4_3HZubfkSUCu8cxczUujHCfl6OCCwcQk-nFC0I0C_JEDDneV3ZgFrm3lM5G4_e7ZvUqfZlERdWzcLsBoq2xhmD1YizFW1lVkajhRpUhjAWQIN_mw95Xd4MVgHHJ7WU3uWX4BZ4kgqGqCkelxH1JuYoAMGoM_Q-HxDqgtuoOzvxNyUFfDKf7BJtTbQha6ID-Uu72OVqs4YDzoW0M68-VNPVj6GVvA0hdvvsDpP030vFmf4KkzAWHzTH5R3cgAz7ErNu6xCueR47gx5r0D-Pu7E37YW9JBfWASNiGYy3ccpoD1QGPlfUMU9J&doc_id=VwQXfJ1Gah9r3kPzh_kSd&redirect=https%3A%2F%2Fwww.dropbox.com%2Fscl%2Ffi%2Fzhxm0lvzqj96vj0koq9sm%2FBT-BROADBAND.paper%3Fdl%3D0%26noscript%3D1%26rlkey%3Dzgea6oxadtawn8s94r71p2om1
Detected Brand
Dropbox
Country
International
Confidence
100%
HTTP Status
200
Report ID
3e8aff57-db4…
Analyzed
2026-01-11 15:05
Final URL (after redirects)
https://www.dropbox.com/scl/fi/zhxm0lvzqj96vj0koq9sm/My-Paper-doc.paper?dl=0&noscript=1&rlkey=zgea6oxadtawn8s94r71p2om1
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C3131BF160B8547C01338EDED6672A24BB5AE19CE59418D1EA5DC3E811EAC75FC0FB0A |
|
CONTENT
ssdeep
|
768:AWYUt+ezeyqW6E6lnFqlYN3e3bezHb+LeeecSDYXYvxl7weqVeqEbeqMzHeqvc9O:AWYUt+ezeyqS6lnFql63e3bezHb+LeeZ |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f117d44558d55cc5 |
|
VISUAL
aHash
|
7ce7fecfcfffefd6 |
|
VISUAL
dHash
|
b009609818a040b0 |
|
VISUAL
wHash
|
18e73f0fc0f0f1d0 |
|
VISUAL
colorHash
|
070000001c0 |
|
VISUAL
cropResistant
|
b009609818a040b0 |
Code Analysis
Risk Score
100/100
Threat Level
BAJO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Legitimate Dropbox Paper sign-in
• Target: Dropbox Paper users
• Method: Prompt to sign in to continue using Dropbox Paper
• Exfil: No data exfiltration
• Indicators: Official Dropbox domain, standard sign-in prompt
• Risk: LOW - Standard sign-in process
🔒 Obfuscation Detected
- atob
- eval
- fromCharCode
- unescape
- hex_escape
- unicode_escape
- base64_strings
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
No screenshot
Dropbox
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOCxSAp3?auth...
Jan 11, 2026
No screenshot
Dropbox
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOCxSAp3?auth...
Jan 11, 2026
No screenshot
Dropbox
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOCxSAp3?auth...
Jan 11, 2026
No screenshot
Dropbox
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOCxSAp3?auth...
Jan 11, 2026
Dropbox
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOCxSAp3?auth...
Jan 11, 2026
Scan History for www.dropbox.com
Found 10 other scans for this domain
-
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOC...
https://www.dropbox.com/paper/doc/4hFsYZqIdYd7k0Md...
https://www.dropbox.com/paper/doc/ajzD8mjTHKChWJ2p...
https://www.dropbox.com/paper/doc/46eiZGM6YS4Up1aR...
https://www.dropbox.com/paper/doc/ajzD8mjTHKChWJ2p...
https://www.dropbox.com/paper/doc/46eiZGM6YS4Up1aR...
https://www.dropbox.com/paper/doc/smfNkrLUs7ttROOC...
https://www.dropbox.com/paper/doc/4hFsYZqIdYd7k0Md...
https://www.dropbox.com/paper/doc/4hFsYZqIdYd7k0Md...
https://www.dropbox.com/paper/doc/ajzD8mjTHKChWJ2p...