Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://a1.wazaf.cc
Detected Brand
WaEGY
Country
Egypt
Confidence
100%
HTTP Status
200
Report ID
6130cc2e-7d7…
Analyzed
2025-12-31 06:00
Final URL (after redirects)
https://a1.wazaf.cc/#/pages/guide/guide
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1CEF1013070063877922B56C1F4624B1E2213C335D752195CB7B957A7BFCECE989B26A4 |
|
CONTENT
ssdeep
|
192:oqnZbogS+gVdikIvErEFZ5LfiQLfcLbLfNLVLfdLqgLfKL4McfYNqyTzhBeC3L:bnVgoFZ5LfiQLfcLbLfNLVLfdLJLfKLb |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b373cc4cb1b14ccc |
|
VISUAL
aHash
|
ffe7e7c70000ffff |
|
VISUAL
dHash
|
10280c4c714d0000 |
|
VISUAL
wHash
|
30200000ff00ffff |
|
VISUAL
colorHash
|
07000000e00 |
|
VISUAL
cropResistant
|
10280c4c714d0000,0000101010100000 |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Brand impersonation phishing
• Target: WaEGY users
• Method: Presents a login page with the WaEGY logo to steal credentials.
• Exfil: Unknown data exfiltration, likely to a server controlled by the attacker
• Indicators: Domain mismatch, login page, impersonated brand
• Risk: HIGH - Credential theft
🔒 Obfuscation Detected
- atob
- eval
- fromCharCode
- unescape
- document.write
- hex_escape
- unicode_escape
- base64_strings
📡 API Calls Detected
- https://www.google.com/ccm/geo
- POST
- GET
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for a1.wazaf.cc
Found 3 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.