Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
https://login.microsoftonline.us.office.rp1.abangaritest.govshn.net/organizations/oauth2/v2.0/authorize?response_type=id_token&scope=openid%20profile&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https://gov.teams.microsoft.us.office.rp1.abangaritest.govshn.net/go&state=eyjpzci6ija4ngflodi2lwqzntitnda1my05zwi2lwy0ntcxzjfhztq2osisinrzijoxnjqxnjkxmdmwlcjtzxrob2qioijyzwrpcmvjdeludgvyywn0aw9uin0=&nonce=4e0683a8-4523-4576-98a3-feaa52f0ef86&client_info=1&x-client-sku=msal.js&x-client-ver=1.3.4&client-request-id=d3ee0b67-2d68-4797-99cf-338f7272d253&response_mode=fragment&sso_reload=true
Detected Brand
Microsoft
Country
International
Confiança
100%
HTTP Status
200
Report ID
94ab9450-5c1…
Analyzed
2025-12-28 20:16
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T196A2E971B0106C3B829BC9FEF235D9412B68E244D3478BB5F9AC83CD1DD691CE923669 |
|
CONTENT
ssdeep
|
192:QjJqO7UHx9ZaP72eoxvb5aOLa7QoduQW7EKbhFJZ7fOlQ3yudWYR8G+G:pO7B72eoxrLCQuuz7EAhlGC3yudWWJ+G |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
8459717646d9596e |
|
VISUAL
aHash
|
0000383b37373737 |
|
VISUAL
dHash
|
88e4d2d3e5eee6e6 |
|
VISUAL
wHash
|
00003b3f373f3737 |
Análise de Código
Risk Score
100/100
Nível de Ameaça
CRITICAL
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Ameaça: Ataque de phishing para coleta de credenciais
• Alvo: Usuários da Microsoft
• Método: Formulário de login falso roubando credenciais de e-mail, telefone ou Skype
• Exfil: Desconhecido, provavelmente para um servidor malicioso
• Indicadores: Incompatibilidade de domínio, personificação da marca, extensão de domínio suspeita
• Risco: CRÍTICO - Roubo de credenciais em tempo real
🔐 Credential Harvesting Forms
📤 Form Action Targets
- https://login.microsoftonline.us.office.rp1.abangaritest.govshn.net/common/login
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Swisscom
https://loginservice.cloud/E.r-VKYDshtqoTqgumQA?/redirect=45...
Jun 12, 2026
Microsoft
https://investments-portfoolio.eot-podolsk.su/?v=1&sso_reloa...
Jun 12, 2026
Microsoft/Office 365
https://signin.broker/E.5fkbnPxVXJB8NEI?/BULATSA/?trk_event=...
Jun 09, 2026
Neoenergia
https://authentication.ms/E.S8LKJ4CkhYI?/VGhlIG5leHQgZ2VuZXJ...
Jun 09, 2026
ScottishPower
https://authentication.ms/E.CHgqGrGD-KXY?/VGhlIG5leHQgZ2VuZX...
Jun 08, 2026
Scan History for login.microsoftonline.us.office.rp1.abangaritest.govshn.net
Found 10 other scans for this domain
-
http://login.microsoftonline.us.office.rp1.abangar...
http://login.microsoftonline.us.office.rp1.abangar...
http://login.microsoftonline.us.office.rp1.abangar...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
https://login.microsoftonline.us.office.rp1.abanga...
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.