SafeMode - Analysis: www.emesssages.com

EN ES PT

Back to Stats

Captura Visual

Screenshot of www.emesssages.com

Información de Detección

https://www.emesssages.com/?urid=gHIkX-p0oe9ekh7aWh0Nmrw4AkHf1jbViOkgjmrhcOwjQlKo4FGA1oh60TC_sI1JUVApmbttY1zq52kHA5IYsrQiiujvZpbxTPIog2tkAqkzHfux5xrVUuY8WGNBukduyIkx2iFPJAMhC&rg=CUS

Detected Brand

Microsoft

Country

International

Confianza

95%

HTTP Status

200

Report ID

c9d34d8b-9c1…

Analyzed

2026-03-14 01:39

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1D1C16070E415CD378343D2E2FBA5AB0A72DDC347CA42450866F8632E1EE3ED5CD261A1
CONTENT ssdeep	96:x1RrAPn8G36sgCD6sTUxSNgEj6sTzX1p6sIGUJvySOzrG4vSAKyFSA5S+lRHUnhi:ul9D+cVPpYgD5jHAQL

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	989973674c5932dc
VISUAL aHash	ffff3e1818000000
VISUAL dHash	f0f8f0b2b2f1dab0
VISUAL wHash	ffffff1c180c0800
VISUAL colorHash	1bc00010000
VISUAL cropResistant	e0e0f0f0c0e0c0c1,f0f8f0b2b2f1dab0

Análisis de Código

Risk Score 56/100

Nivel de Amenaza ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🔬 Threat Analysis Report

• Amenaza: Phishing
• Objetivo: Usuarios de Microsoft
• Método: Suplantación de dominio e inyección de formularios
• Exfil: Datos de entrada a través de formularios ofuscados
• Indicadores: Discordancia de dominio, suplantación de la página de inicio de sesión de Microsoft
• Riesgo: Alto

🔒 Obfuscation Detected

fromCharCode
base64_strings

📡 API Calls Detected

POST

📊 Desglose de Puntuación de Riesgo

Total Risk Score

90/100

Contributing Factors

Domain Mismatch

The domain does not match the purported brand.

Impersonation

The website uses the Microsoft logo and styling to impersonate the login page.

Forms

The page includes a form requesting sensitive information (login credentials).

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Credential Harvesting Kit

Objetivo

Microsoft users (International)

Método de Ataque

Brand impersonation + credential harvesting forms + obfuscated JavaScript

Canal de Exfiltración

Form submission (backend endpoint not detected - likely JavaScript-based)

Evaluación de Riesgo

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester
6 obfuscation techniques

🏢 Análisis de Suplantación de Marca

Impersonated Brand

Microsoft

Official Website

https://www.microsoft.com

Fake Service

Microsoft login

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The website uses a fake login form to steal a user's Microsoft account credentials (email/phone/Skype and password).

Secondary Method: Social Engineering

The site uses the familiar Microsoft branding to trick users into entering their credentials.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio

www.emesssages.com

Registered

2015-10-23 13:23:04+00:00

Registrar

Unknown

Estado

active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot

https://www.e-owa.com/?urid=AXLMLIm-StGu0wLXgY4yicAmrs5WHlDP...

Screenshot

https://www.it-communications.com/?urid=QekUmAG1SKGCkVrFPcR7...

Screenshot

http://advanced-documents.com/?urid=gJPHLRUoTQHeEqGRObxgx5Ai...

Screenshot

http://docusine.com/?urid=wZODP2jiU2CKE9V644_RWWwyH20A36rXWm...

Screenshot

https://www.e-compliants.com/?urid=A715lTXpTd36keivfADGihARp...

Scan History for www.emesssages.com

Found 2 other scans for this domain

https://www.emesssages.com/?urid=QslrbueLqGDGkwO3S... Microsoft Ene 12, 2026 00:36

https://www.emesssages.com/?rg=weu&ip=true&pf=e647... Microsoft Ene 05, 2026 07:19

😰

"Nunca pensé que me pasaría a mí"

Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.