Phishing Analysis
Detailed analysis of captured phishing page
100
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: GMX
⚠ Risk Factors
- Brand impersonation of GMX on non-official domain
- Contains 5 form(s) with JavaScript submission
- JavaScript obfuscation detected (7 patterns)
- Credential harvesting indicators detected
- OTP/2FA stealing indicators detected
Visual Capture
Detection Info
https://gmxwourqg2.weebly.com/
Detected Brand
GMX
Country
International
Confidence
100%
HTTP Status
200
Report ID
efd6cd9c-5a6…
Analyzed
2026-01-08 09:36
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T131C161E1C414DD37436385D8ABF5AB0B76D1C349CB430D80A3F883AB5BDAC60CA656E9 |
|
CONTENT
ssdeep
|
96:nkm7ENEzeFvMSfuSTCctu6EESSoIT+ptFvqXIHF5zjneXPz/9PBYfGJ:kEENEzeFdjWck6ETv/0zlPBuA |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c9be36c0c09d98be |
|
VISUAL
aHash
|
ff00187878780000 |
|
VISUAL
dHash
|
b04c32d2c1d032cd |
|
VISUAL
wHash
|
ff001c7cfcff1800 |
|
VISUAL
colorHash
|
010000001c0 |
|
VISUAL
cropResistant
|
0000000000000000,2ccda2b6d692919e,cc32b2d0c0f232cd |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Banking
🎣 Personal Info
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- atob
- eval
- fromCharCode
- unescape
- hex_escape
- unicode_escape
- base64_strings