Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
http://m.padisahbet-application.com/
Detected Brand
Padisahbet
Country
International
Confidence
95%
HTTP Status
200
Report ID
d6a3183d-83dā¦
Analyzed
2026-06-15 10:13
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1D2C263A191D2F83B02B7C2C762AA9B7B72E6920ED813160253FD876D0BDED41FC53416 |
|
CONTENT
ssdeep
|
384:2Sv+5o5uoHHrEUgWMDMLhUCDqhraaXNjcKiO708qu5wUE696bQb:2S25oIoHIqJoR9whO708qCwUEgeQb |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c13e3c3d738cc0e3 |
|
VISUAL
aHash
|
02007c7464783060 |
|
VISUAL
dHash
|
9698c0c4c8c2e4c8 |
|
VISUAL
wHash
|
42047e7666787e66 |
|
VISUAL
colorHash
|
16000038000 |
|
VISUAL
cropResistant
|
a42727555797953a,aa2b2826a6e42b93,61254d2d795b7929,0206b02e0f904a02,9698c0c4c8c2e4c8 |
Code Analysis
Risk Score
53/100
Threat Level
ALTO
ā ļø Phishing Confirmed
š£ OTP Stealer
š¬ Threat Analysis Report
ā¢ Threat: Credential Phishing / Gambling Fraud
ā¢ Target: Padisahbet users
ā¢ Method: Typosquatting/Newly registered domain
ā¢ Exfil: Unknown (Likely via credential harvesting form)
ā¢ Indicators: Domain age < 24 hours, obfuscation
ā¢ Risk: High
š Obfuscation Detected
- unescape
š” API Calls Detected
- POST
š Risk Score Breakdown
Total Risk Score
95/100
Contributing Factors
Domain Age
Domain is 0 days old
JS Obfuscation
Detected unescape obfuscation
š¬ Comprehensive Threat Analysis
Threat Type
Two-Factor Authentication Stealer
Target
Padisahbet users (International)
Attack Method
Brand impersonation + obfuscated JavaScript
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
ā ļø Indicators of Compromise
- Kit types: OTP Stealer
- 2 obfuscation techniques
š¢ Brand Impersonation Analysis
Impersonated Brand
Padisahbet
Official Website
Unknown
Fake Service
Betting/Casino
Fraudulent Claims
āļø Attack Methodology
Primary Method: Credential Harvesting
Impersonates a betting site to trick users into entering their login credentials or registering new accounts to capture PII.
Secondary Method: Phishing-as-a-Service
Uses obfuscated JS to evade simple signature-based scanners.
š Infrastructure Indicators of Compromise
Domain Information
Domain
m.padisahbet-application.com
Registered
2026-06-14
Registrar
Unknown
Status
Suspicious
š¤ AI-Extracted Threat Intelligence
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.