Phishing Analysis
Detailed analysis of captured phishing page
58
Risk Score
Medium Risk
Threat Level: BAJO
• Impersonating: Microsoft
- • Threat: Potential credential harvesting due to domain mismatch.
- • Target: Microsoft users.
- • Method: Standard Microsoft login page with a non-Microsoft domain; potential for credential theft if users enter their information.
- • Exfil: Potentially to an unknown server.
- • Indicators: Domain name mismatch, presence of login form, use of atob obfuscation
- • Risk: LOW - While the page looks like Microsoft, the domain is unrelated, creating a potential risk of credential harvesting if the site is compromised.
⚠ Risk Factors
- Brand impersonation of Microsoft on non-official domain
- Contains 1 credential harvesting form(s)
- Credential harvesting indicators detected
Visual Capture
No screenshot available
Detection Info
https://channelhub.online/ie3b646a56cc634f3at8897daf8jbb5f7794.html
Detected Brand
Microsoft
Country
International
Confidence
90%
HTTP Status
200
Report ID
2f5c72c3-44c…
Analyzed
2026-01-07 01:12
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T173D1F0316040AD3712D3D6D8B3B56B5B3384C205DE8757AA97E8C39E4EFBE61CC19292 |
|
CONTENT
ssdeep
|
96:qvWFAzQgIeu0nPK/AmvUAK5KbdPs/l+veRzKDafEAD9NltZdSsTZS4g5QQOGAM2B:3gI0/lnRWDeZ9NVhg5UEIf |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9c497326cc99d966 |
|
VISUAL
aHash
|
180018181d1f1f9f |
|
VISUAL
dHash
|
7161713325727d38 |
|
VISUAL
wHash
|
191818181f1f1fff |
|
VISUAL
colorHash
|
07000000180 |
|
VISUAL
cropResistant
|
7161713325727d38 |
Code Analysis
Risk Score
58/100
Threat Level
BAJO
🎣 Credential Harvester
🔬 Threat Analysis Report
• Threat: Potential credential harvesting due to domain mismatch.
• Target: Microsoft users.
• Method: Standard Microsoft login page with a non-Microsoft domain; potential for credential theft if users enter their information.
• Exfil: Potentially to an unknown server.
• Indicators: Domain name mismatch, presence of login form, use of atob obfuscation
• Risk: LOW - While the page looks like Microsoft, the domain is unrelated, creating a potential risk of credential harvesting if the site is compromised.
🔒 Obfuscation Detected
- atob
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Microsoft
https://datagivers.com/5a59bb807e9e1b451b6b0b1b34aq17ec3bd3....
Jan 10, 2026
Microsoft
http://inner.website/pf634f4f2hd8ab4b242bbe81b751df04e613.ht...
Jan 10, 2026
Microsoft
https://channelhub.online/i726b304461aba42d8t9fdfa816j7fa03d...
Jan 10, 2026
Microsoft
http://channelhub.online/ia7581e5e63fc64c89ta0b064c8j1210e4f...
Jan 10, 2026
Microsoft
https://channelhub.online/ia7581e5e63fc64c89ta0b064c8j1210e4...
Jan 10, 2026
Scan History for channelhub.online
Found 10 other scans for this domain
-
https://channelhub.online/i726b304461aba42d8t9fdfa...
http://channelhub.online/ia7581e5e63fc64c89ta0b064...
https://channelhub.online/ia7581e5e63fc64c89ta0b06...
https://channelhub.online/ie272b0556ef63460bta3169...
https://channelhub.online/i0723f3fa60db44929ta636e...
https://channelhub.online/i5e5ed4ff6188e403ctaa145...
https://channelhub.online/iea59006f6ed914129tb5ef5...
https://channelhub.online/i314218b76d51b4940tb9920...
https://channelhub.online/i052db0a3686bc474bta3594...
https://channelhub.online/i078b36cf6ab2d4911tb6566...