Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
No screenshot available
Detection Info
http://a1.1faw.com
Detected Brand
WaEGY
Country
Unknown
Confidence
95%
HTTP Status
200
Report ID
11634679-559…
Analyzed
2025-12-20 16:37
Final URL (after redirects)
https://a1.1faw.com/#/pages/guide/guide
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CEF1013070063877922B56C1F4624B1E2213C335D752195CB7B957A7BFCECE989B26A4 |
|
CONTENT
ssdeep
|
192:oqnZbogS+gVdikIvErEFZ5LfiQLfcLbLfNLVLfdLqgLfKL4McfYNqyTzhBeC3L:bnVgoFZ5LfiQLfcLbLfNLVLfdLJLfKLb |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b373cc4cb1b14ccc |
|
VISUAL
aHash
|
ffe7e7c70000ffff |
|
VISUAL
dHash
|
10280c4c714d0000 |
|
VISUAL
wHash
|
30200000ff00ffff |
|
VISUAL
colorHash
|
07000000e00 |
|
VISUAL
cropResistant
|
10280c4c714d0000,0000101010100000 |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Credential harvesting phishing attack
• Target: WaEGY users
• Method: Fake login, register and forget password pages to steal account credentials
• Exfil: Unknown, likely to a attacker controlled server.
• Indicators: Mismatched domain name 'a1.1faw.com' vs likely real domain, login/register prompt.
• Risk: HIGH - Credentials can be stolen if entered.
📡 API Calls Detected
- POST
- GET
- https://www.google.com/ccm/geo
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for a1.1faw.com
Found 4 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.