Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Información de Detección
https://omegaastronomico.cl/wp-includes/assets/gptttyya/ABCDEFGH/index.html?websrc=tfRC7wocOsU7YL7AlXkoHxfbDUkQNIU2MokzJ8CjspPq0hMFMn76Fe4y1mTDsNgJ5oYIb11NBX96VMCdh0ppZsRGl3pkP8YaKHznbr2a46HhvkcaqPM70wsXWcaZzG3YQZ90ehXDmXCWuadKDLF3aiUnYL6g1jIpyRlpPq4MleOUH9nVs1Uyn12EBa0feS03P1FSbTOd4XeKT5nPozMz8rytfm9maaHk3RK7PIJHuZIGDBBNynAzX1iHqHg5
Detected Brand
Outlook
Country
International
Confidence
100%
HTTP Status
200
Report ID
7781c833-b11…
Analyzed
2026-02-17 15:01
Final URL (after redirects)
https://omegaastronomico.cl/wp-includes/assets/gptttyya/ABCDEFGH/index.html?websrc=tfRC7wocOsU7YL7AlXkoHxfbDUkQNIU2MokzJ8CjspPq0hMFMn76Fe4y1mTDsNgJ5oYIb11NBX96VMCdh0ppZsRGl3pkP8YaKHznbr2a46HhvkcaqPM70wsXWcaZzG3YQZ90ehXDmXCWuadKDLF3aiUnYL6g1jIpyRlpPq4MleOUH9nVs1Uyn12EBa0feS03P1FSbTOd4XeKT5nPozMz8rytfm9maaHk3RK7PIJHuZIGDBBNynAzX1iHqHg5?websrc=NYVVu6tFAJIFJ7bn3Lb94BX8z8YInvlpsmiCUMVaeDsMtacLWwO6xvWlS4JQVudfdn6KW2Gf1muJlfPr5n7kBu4YwXx4e0ITMHIKHGwkbYGYHY7A7TavSBsxbbKKPMLyFHGPDmhB3DuMNNciYxvqdusJiHyEGhYBa4xQ3OhaahW9FRtbDfsinToTHn5ooM1Od4e24uW5QRsd0kLMh3MyEFbcfLHvZEDnZHbKNAKyz5V20hjM14MMGy2ha3M4
Hashes de Contenido (Similitud HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T17461F0609069AC335113E1E8A6E5AB4B3287C305C7C7294823F0C37D2EE7C59DF96269 |
|
CONTENT
ssdeep
|
96:nV82lUyVxnvb6q9uvz/nyBPPMmBrPwIe1:V8Ghxz6Lvz/qPkOPG |
Hashes Visuales (Similitud de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
83f67f09090999fc |
|
VISUAL
aHash
|
3f3f3f3f3f3f3f3f |
|
VISUAL
dHash
|
d0ccccdad0d0d0d0 |
|
VISUAL
wHash
|
3f273f3f3f300000 |
|
VISUAL
colorHash
|
060000001c0 |
|
VISUAL
cropResistant
|
a09c9892a0808080,f184acb6b6ac84f3,0e71710e20000000 |
Análisis de Código
Risk Score
80/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🔬 Threat Analysis Report
• Amenaza: Phishing
• Objetivo: Usuarios de Outlook
• Método: Suplantación de identidad a través de una página de inicio de sesión falsa.
• Exfil: Credenciales (correo electrónico y contraseña)
• Indicadores: Dominio no coincidente, formulario que solicita información sensible.
• Riesgo: Alto
🔒 Obfuscation Detected
- atob
- fromCharCode
- unescape
- document.write
- base64_strings
📊 Desglose de Puntuación de Riesgo
Total Risk Score
90/100
Contributing Factors
Domain Mismatch
The domain does not belong to the brand.
Form on Login Page
Login page asks for email and password.
Obfuscation
JavaScript obfuscation detected.
Impersonation
Visual similarity to Outlook login page.
🔬 Análisis Integral de Amenazas
Tipo de Amenaza
Two-Factor Authentication Stealer
Objetivo
Outlook users (International)
Método de Ataque
Brand impersonation + credential harvesting forms + obfuscated JavaScript
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Credential Harvester, OTP Stealer
- 15 obfuscation techniques
🏢 Análisis de Suplantación de Marca
Impersonated Brand
Outlook
Official Website
null
Fake Service
Outlook Login
⚔️ Metodología de Ataque
Primary Method: Credential Harvesting
The attacker sets up a fake login page that mimics the appearance of the Outlook login. When a user enters their credentials, the information is sent directly to the attacker.
🌐 Indicadores de Compromiso de Infraestructura
Domain Information
Domain
omegaastronomico.cl
Registered
Unknown
Registrar
Unknown
Status
Unknown
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Microsoft Outlook
https://www.5mp.eu/fajlok2/onjcat/index_www.5mp.eu_.html
Abr 01, 2026
Microsoft Outlook
https://stellarbegonia-hu.netlify.app/
Abr 01, 2026
Microsoft Outlook
https://omegaastronomico.cl/wp-includes/assets/gptttyya/ABCD...
Mar 29, 2026
Microsoft Outlook
http://musicx.live/pspsosao
Mar 24, 2026
Microsoft Outlook
http://demo.sisimpex.com.br/cron-jobs/PHPMailer-master/PHPMa...
Mar 23, 2026
Scan History for omegaastronomico.cl
Found 1 other scan for this domain
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.