Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://esavisos.com/qzanm3674/indexem.html
Detected Brand
America First Credit Union
Country
USA
Confidence
100%
HTTP Status
200
Report ID
4499e6af-6c9…
Analyzed
2026-01-07 01:06
Final URL (after redirects)
https://esavisos.com/qzanm3674/indexem.html#wa=wsignin1.0&rpsnv=13&ct=1539585327&rver=7.0.6737.0&wp=MBI_SSL&wreply=https%3a%2f%2foutlook.live.com%2fowa%2f%3fnlp%3d1%26RpsCsrfState%3d715d44a2-2f11-4282-f625-a066679e96e2&id=292841&CBCXT=out&lw=1&fl=dob%2cflname%2cwld&cobrandid=90015&domain=
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T175F17832B047982A16A3C0E3B160BF0966D3E70ACB0A465AD5ED638A0FC7D75FE13515 |
|
CONTENT
ssdeep
|
192:nwj18dlKYz6buSEsRhrfhOlg+dKr8GyPEY:hdlKYwQsR5glg+wrAPEY |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9dbf41e14161674d |
|
VISUAL
aHash
|
00ffffffffff0000 |
|
VISUAL
dHash
|
90202800100032d0 |
|
VISUAL
wHash
|
000080f000000000 |
|
VISUAL
colorHash
|
0f0000001c0 |
|
VISUAL
cropResistant
|
3020282000000000,20d0d0d0d0d0d0d0,3010b232e8d4c008 |
Code Analysis
Risk Score
73/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🔬 Threat Analysis Report
• Threat: Credential harvesting phishing kit
• Target: America First Credit Union customers
• Method: Fake login form stealing Pin Number and Mobile Phone
• Exfil: Potential data exfiltration via obfuscated JavaScript
• Indicators: Domain mismatch, obfuscation detected, forms for sensitive data
• Risk: HIGH - Immediate credential theft
🔒 Obfuscation Detected
- fromCharCode
Scan History for esavisos.com
Found 2 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.