Phishing Analysis
Detailed analysis of captured phishing page
95
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: ActiveCampaign
⚠ Factores de Riesgo
- Suplantación de marca ActiveCampaign en dominio no oficial
- Contiene 5 formulario(s) con envío JavaScript
- Ofuscación JavaScript detectada (7 patrones)
- Indicadores de robo de credenciales detectados
- Indicadores de robo de otp/2fa detectados
Visual Capture
Detection Info
https://kindbea48.activehosted.com/admin/archived_user.php
Detected Brand
ActiveCampaign
Country
International
Confidence
100%
HTTP Status
200
Report ID
6e91e975-07b…
Analyzed
2026-01-07 08:50
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T18F816320C4374D7A317DB1E4EA953B1990C7D707CB812BE492B4432ECAECECAAC57480 |
|
CONTENT
ssdeep
|
96:nEaoB/Bp9VS9NiJsUW23Jxj3qwElFmlfjRIbV8Imd7tZMTgYFb3:ToB/Bp989NiJsnOjambYp |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
e65b992c998caa9c |
|
VISUAL
aHash
|
f0e0e0e0e0e0f0e0 |
|
VISUAL
dHash
|
41414d4f0d0d454d |
|
VISUAL
wHash
|
f0f0f0f0e0e0f1f1 |
|
VISUAL
colorHash
|
0e000680000 |
|
VISUAL
cropResistant
|
41414d4f0d0d454d,3749711d55697331,c7a7b3bc1eceecf1,c486d68e8edab0f8,0002527c76533ca0 |
Code Analysis
Risk Score
95/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- atob
- eval
- fromCharCode
- unescape
- hex_escape
- unicode_escape
- base64_strings
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
ActiveCampaign
http://via291.activehosted.com/f/1sis.php
Ene 06, 2026
ActiveCampaign
http://via291.activehosted.com/f/1
Ene 06, 2026
ActiveCampaign
https://via291.activehosted.com/f/1sis.php
Ene 04, 2026
ActiveCampaign
https://via291.activehosted.com/f/1
Ene 04, 2026
No screenshot
ActiveCampaign
https://nzci085.activehosted.com/admin/archived_user.php
Ene 02, 2026