Phishing Analysis
Detailed analysis of captured phishing page
100
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: Melrose Finance
- • Threat: Phishing attack targeting financial information.
- • Target: Users who believe they are interacting with Melrose Finance.
- • Method: Fake website with form actions redirecting to an unrelated domain to steal personal information.
- • Exfil: Data is likely being sent to a server controlled by the attacker.
- • Indicators: Domain mismatch (ln.run vs. legitimate Melrose Finance domain), form actions pointing to melroseplacerestaurant.com, obfuscated JavaScript.
- • Risk: HIGH - Potential for immediate credential theft and financial fraud.
⚠ Risk Factors
- Brand impersonation of Melrose Finance on non-official domain
- Contains 1 credential harvesting form(s)
- JavaScript obfuscation detected (5 patterns)
- Credential harvesting indicators detected
- OTP/2FA stealing indicators detected
Visual Capture
Detection Info
https://ln.run/Zn2rF
Detected Brand
Melrose Finance
Country
International
Confidence
100%
HTTP Status
200
Report ID
a535e4aa-a99…
Analyzed
2026-01-01 20:22
Final URL (after redirects)
https://melroseplacerestaurant.com/responsible-borrowing-long-term-financial-health/?utm_source=ln.run.Zn2rF&utm_medium=referral&utm_campaign=lnnf
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1E633F72BE30032740B560242BF429BDAD71590AD8B915FE29C99C01C77C7AABEC767DD |
|
CONTENT
ssdeep
|
768:jFPKNiv5476RNtWan5jznjEZ5E+L9zbrjmbwb2N4c/GQk:jFPKp76XV5jXm5EOrj+m9Qk |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b0cfcd309832cdcd |
|
VISUAL
aHash
|
ffffff87878787df |
|
VISUAL
dHash
|
320cc02d1f1e2f1a |
|
VISUAL
wHash
|
dffffe8082828183 |
|
VISUAL
colorHash
|
06000000c00 |
|
VISUAL
cropResistant
|
320cc02d1f1e2f1a,c4dcdcec5cf4e4d8,0cd0e6ce8ea45984 |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Phishing attack targeting financial information.
• Target: Users who believe they are interacting with Melrose Finance.
• Method: Fake website with form actions redirecting to an unrelated domain to steal personal information.
• Exfil: Data is likely being sent to a server controlled by the attacker.
• Indicators: Domain mismatch (ln.run vs. legitimate Melrose Finance domain), form actions pointing to melroseplacerestaurant.com, obfuscated JavaScript.
• Risk: HIGH - Potential for immediate credential theft and financial fraud.
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- atob
- fromCharCode
- hex_escape
- unicode_escape
- base64_strings
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for ln.run
Found 10 other scans for this domain