Phishing Analysis
Detailed analysis of captured phishing page
100
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: AOL
⚠ Risk Factors
- Brand impersonation of AOL on non-official domain
- Contains 3 credential harvesting form(s)
- JavaScript obfuscation detected (5 patterns)
- Credential harvesting indicators detected
- OTP/2FA stealing indicators detected
Visual Capture
Detection Info
https://docu-share-direct-lnk-5378edjksjhdb.vercel.app/docu-share-download98yhjkfdyidy8idyi.html#[email protected]
Detected Brand
AOL
Country
International
Confidence
100%
HTTP Status
200
Report ID
b6fcc496-b16…
Analyzed
2026-01-07 09:39
Final URL (after redirects)
https://docu-share-direct-lnk-5378edjksjhdb.vercel.app/docu-share-download98yhjkfdyidy8idyi.html?13Z44SQZC3Ej6rjmt28Mh3smjx5CXmxwd4fghhd13Z44SQZC3Ej6rjmt28Mh3smjx5CXmxwd4fghhd&#[email protected]
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12AB21DB110A07827520359E0F1E1E7DF7E9293CDC546EB01E2B586A84FE8C6EDC564AF |
|
CONTENT
ssdeep
|
192:Q+vp5oxIE8PVw0oNG1FaHnzrwpEcVvioxIEihSVw0IFaHnzrwpEcvuoxgA0lPhUM:QIpeIErGdpZPIEapvDgAJ1w |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
92936d6c6d936c92 |
|
VISUAL
aHash
|
000c0e0e0e0e0c00 |
|
VISUAL
dHash
|
235858585c545827 |
|
VISUAL
wHash
|
0c0e0e4e7e0e0e8c |
|
VISUAL
colorHash
|
07007000000 |
|
VISUAL
cropResistant
|
b0a0a0898a3236c8,235858585c545827,08164979618e2001 |
Code Analysis
Risk Score
100/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Personal Info
🔒 Obfuscation Detected
- atob
- fromCharCode
- unescape
- document.write
- base64_strings
Scan History for docu-share-direct-lnk-5378edjksjhdb.vercel.app
Found 2 other scans for this domain