EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats
100 Risk Score

High Risk

Threat Level: ALTO • Impersonating: Tomerex

⚠ Risk Factors

  • JavaScript obfuscation detected (5 patterns)
  • Credential harvesting indicators detected
  • OTP/2FA stealing indicators detected
  • WebSocket connection for real-time C2 communication

Visual Capture

Screenshot of tomerex.com

Detection Info

https://tomerex.com
Detected Brand
Tomerex
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
f809f1ff-a96…
Analyzed
2026-01-10 21:37
Final URL (after redirects)
https://tomerex.com/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1AE7418BFA72812B9E105C7DCC952A034316E24FE3B6186E4F7198F36B118CDD9869D93
CONTENT ssdeep
1536:uF+6yc9BoUpQ5rTADK7awVJA4E11gXqFM3UBWXc9BoUpQ5AWtkXOWIbZTIeYiFTX:Dc9HQqeVJA4E118c9HQGXyHo8m36

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
939939e6a66c6d84
VISUAL aHash
362c3c043e3c2c3c
VISUAL dHash
e4d9d0c4e4c4d8dc
VISUAL wHash
163c7c343e3c3c3c
VISUAL colorHash
30003600000
VISUAL cropResistant
e4d9d0c4e4c4d8dc

Code Analysis

Risk Score 100/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info
WebSocket C2

🔒 Obfuscation Detected

  • atob
  • eval
  • fromCharCode
  • unescape
  • base64_strings

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Gezonex
https://gezonex.com/
Jan 10, 2026
 Screenshot
Gudomex
https://gudomex.com/
Jan 10, 2026
 Screenshot
Ceromex
https://ceromex.com
Jan 10, 2026
 Screenshot
Nesogex
https://nesogex.com
Jan 10, 2026
 Screenshot
Eloxspin
https://eloxspin.com
Jan 02, 2026