Phishing Analysis
Detailed analysis of captured phishing page
94
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: Microsoft Office
⚠ Risk Factors
- Brand impersonation of Microsoft Office on non-official domain
- Contains 5 form(s) with JavaScript submission
- Credential harvesting indicators detected
- OTP/2FA stealing indicators detected
Visual Capture
Detection Info
https://kuyhaa-me.pw/dhtanx/Office/index.php
Detected Brand
Microsoft Office
Country
Unknown
Confidence
100%
HTTP Status
200
Report ID
e4889b1a-088…
Analyzed
2026-01-09 22:37
Final URL (after redirects)
https://kuyhaa-me.pw/office-2013-2019-activator-c2r-full-download-2025/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T13653E977416AE73D1317A3C25FB87A0AE293418FCBD1898472F8856EE682ED0E57114F |
|
CONTENT
ssdeep
|
1536:8GXaYPy/f+R//FRDeTaPzcil9Mw2iSj2s7L09UC4:89YPy/YXPI2J4 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
b19c8ec6ce3931cc |
|
VISUAL
aHash
|
9fcfcbc3e3e3c3cf |
|
VISUAL
dHash
|
332b929e0ede969c |
|
VISUAL
wHash
|
9f81cb83c3c3c3c6 |
|
VISUAL
colorHash
|
070000084c0 |
|
VISUAL
cropResistant
|
332b929e0ede969c |
Code Analysis
Risk Score
94/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- fromCharCode
- unicode_escape
- base64_strings
Scan History for kuyhaa-me.pw
Found 3 other scans for this domain