SafeMode - Analysis: owa.bdo.com

Visual Capture

Detection Info

https://owa.bdo.com/

Detected Brand

Outlook

Country

International

Confidence

100%

HTTP Status

200

Report ID

783cf49f-451…

Analyzed

2026-01-01 04:38

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1CD51F1A080186C33A113E2FCA7E06A9B7787CA068A87254953F0C3BD1FF7C49DD56619
CONTENT ssdeep	48:2STw/JaFoEvU6zWQ8CEoT8QI15xqeZZZsw2rZEhgcMKdD/Inon1LP5CnMHU:NdA6zWHy8QI15xq+ZwZEXMKdDAoBxaD

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	83e67f0103039bfe
VISUAL aHash	3f3f3f3f3f3f3f3f
VISUAL dHash	d0c6ccd8d0d0d0d0
VISUAL wHash	3f233f3f3f000000
VISUAL colorHash	060000001c0
VISUAL cropResistant	808c989080808080,f184acb6b6ac84f3,0e71710e20000000

Code Analysis

Risk Score 58/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Threat: Credential harvesting phishing targeting Outlook Web App users.
• Target: Users of Outlook Web App.
• Method: Fake login form stealing username and password.
• Exfil: Data likely sent via JavaScript form submission and possibly obfuscated via document.write.
• Indicators: Domain mismatch (owa.bdo.com), obfuscated JavaScript, JavaScript form submission.
• Risk: CRITICAL - Immediate credential theft.