Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
No screenshot available
Detection Info
http://a1.1faw.com/go/59919402
Detected Brand
WaEGY
Country
International
Confidence
95%
HTTP Status
200
Report ID
ad6ab1e7-b60…
Analyzed
2025-12-20 16:37
Final URL (after redirects)
https://a1.hb1p.com/index.html#/pages/register/register?inviter=59919402&domain=a1.hb1p.com&landing=a1.hb1p.com
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1453221347002396761374AD1F5A10F0E2117C33AC6452919B3B81BEA6FCACE99D723AD |
|
CONTENT
ssdeep
|
192:o5bngLCbetbgSLheoX0jtPJQlQc2QcPQjM0kIvErEFZ5LfiQLfcLbLfNLVLfdLq1:in20o8PC2cVc4jvFZ5LfiQLfcLbLfNL2 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
fa81817a7e855a6a |
|
VISUAL
aHash
|
ffffffff0000ffff |
|
VISUAL
dHash
|
8a8c900045498a01 |
|
VISUAL
wHash
|
00ffffff0000ff00 |
|
VISUAL
colorHash
|
06038000040 |
|
VISUAL
cropResistant
|
8a8c900045498a01,4fcca0a04424d06c |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Credential harvesting phishing targeting WaEGY users
• Target: WaEGY users creating a new account
• Method: Fake sign-up form to steal email and password.
• Exfil: Unknown (Likely a custom API)
• Indicators: Domain mismatch, and unusual email address (@mail.wasdk.com)
• Risk: HIGH - Immediate credential theft
📡 API Calls Detected
- POST
- GET
- https://www.google.com/ccm/geo
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for a1.1faw.com
Found 4 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.