EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of secure-device-auth-office-com.dporozok.workers.dev

Detection Info

http://secure-device-auth-office-com.dporozok.workers.dev/cd527bbd01e34654
Detected Brand
Microsoft
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
a0dbef1a-b7f…
Analyzed
2026-04-03 10:25

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T125E1843653188AEE95CD938C5B293B9A336592C4B27703406B974264EC49EBBFC37950
CONTENT ssdeep
96:T6jNt2NvO4DZ+Stb/jY+eo4hAryAes9mBYYQgWLDmy43oggGFljzOIDi3auPq+:y2pToSBjlevudl9nN44PoVD+6+

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b3a68c9933269d99
VISUAL aHash
ffffe7e7e7e7ffff
VISUAL dHash
24320c4d4c4c2801
VISUAL wHash
ffffffe700001800
VISUAL colorHash
070000001d0
VISUAL cropResistant
24320c4d4c4c2801,616955554933334d

Code Analysis

Threat Level ALTO
⚠️ Phishing Confirmed

📡 API Calls Detected

  • https://microsoft.com/devicelogin

📊 Risk Score Breakdown

Total Risk Score
40/100

🔬 Comprehensive Threat Analysis

Threat Type
Microsoft Phishing Landing Page
Target
Microsoft users
Attack Method
Phishing webpage
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Brand Impersonation Analysis

Impersonated Brand
Microsoft
Official Website
https://www.microsoft.com
Fake Service
Account login portal

⚔️ Attack Methodology

Primary Method: SEO Poisoning Landing Page

Fake Microsoft page designed to appear in search results and trick users into visiting. May redirect to credential harvesting pages, malware downloads, or serve as a trust-building step before requesting sensitive information.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
secure-device-auth-office-com.dporozok.workers.dev
Registered
Unknown
Registrar
Unknown
Status
Age unknown

Hosting Information

Provider
Unknown
ASN

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Microsoft
https://secure-device-auth-office-com.dporozok.workers.dev/9...
Apr 03, 2026

Scan History for secure-device-auth-office-com.dporozok.workers.dev

Found 1 other scan for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.