Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://www.liagauthorizationaccess.com/admdecor/
Detected Brand
Microsoft
Country
International
Confidence
95%
HTTP Status
200
Report ID
3ffe474e-8f6…
Analyzed
2026-03-05 23:42
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12521C818C00496670142E1C07FD7EA0279C443CBEB192F1098EDC3AD16E2F2DCC6E284 |
|
CONTENT
ssdeep
|
24:hR/CMqc+1KuCL2vHVg345gKeU3+TcaV2tGS1/N/oJAT/tWyP9xAUMMj:TSKvL2ve36ReUOvV2tGOl/8AztxmI |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
888936667799d966 |
|
VISUAL
aHash
|
0f071f1f071f0707 |
|
VISUAL
dHash
|
ffeff3b3cdf3ffff |
|
VISUAL
wHash
|
070f1f1f071f0f07 |
|
VISUAL
colorHash
|
07000019040 |
|
VISUAL
cropResistant
|
ffeff3b3cdf3ffff |
Code Analysis
Threat Level
ALTO
⚠️ Phishing Confirmed
🔬 Threat Analysis Report
• Threat: Credential Phishing
• Target: Microsoft Users
• Method: Impersonation via fake login page
• Exfil: Email address
• Indicators: Domain mismatch, form submission.
• Risk: HIGH
📊 Risk Score Breakdown
Total Risk Score
90/100
Contributing Factors
Domain Age
Recent domain registration is a common tactic for phishing.
Domain Mismatch
The domain is completely unrelated to Microsoft.
Forms and Inputs
Presence of a form requesting sensitive information (email).
🔬 Comprehensive Threat Analysis
Threat Type
Microsoft Credential Harvester
Target
Microsoft users (International)
Attack Method
Brand impersonation + credential harvesting forms
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
🏢 Brand Impersonation Analysis
Impersonated Brand
Microsoft
Fake Service
Microsoft account login
⚔️ Attack Methodology
Primary Method: Credential Harvesting
The attacker aims to steal Microsoft account credentials. The fake login form collects email information.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
liagauthorizationaccess.com
Registered
2024-03-05
Registrar
Unknown
Status
ACTIVE
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Microsoft
https://alabamanoticiastoday.com/metalworkservice/index.php
Apr 08, 2026
Microsoft
https://unisgrouplcd.com/publicittaspa
Mar 20, 2026
Microsoft
http://www.unisgrouplcd.com/contactsrl/
Mar 20, 2026
Microsoft
https://starelectronicaccess.com/acmarca
Feb 25, 2026
Microsoft OneDrive
https://vuthisegweka.co.za/metalworkservice/index.php
Feb 13, 2026
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.