EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

No screenshot available

Detection Info

http://www.by.xfhkj.com/
Detected Brand
TikTok Wholesale
Country
International
Confidence
95%
HTTP Status
200
Report ID
e8b42130-e0dā€¦
Analyzed
2025-12-20 15:12
Final URL (after redirects)
https://www.by.xfhkj.com/#/index

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T12204FD71D695613B063788D4A4722F4FB2D7F31ECA978900A7FC43D96FEBCA1AA04485
CONTENT ssdeep
3072:jSOQLqPG8gkjbiStssJdPwTyd5ZuncsCcGT:jSOQLqPG8gkjbiStssJdPwTyd5Zuncss

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
f6a518dd62a84376
VISUAL aHash
00ff77c3e6feff00
VISUAL dHash
c56cec8f4c48352d
VISUAL wHash
00ff6641e6fed700
VISUAL colorHash
06e00008000
VISUAL cropResistant
456cec8f4c482535,0000009393820080,010c686969697434,3535253d3d39edec

Code Analysis

Risk Score 70/100
Threat Level ALTO
šŸŽ£ Credential Harvester šŸŽ£ OTP Stealer šŸŽ£ Card Stealer šŸŽ£ Banking šŸŽ£ Personal Info

šŸ”¬ Threat Analysis Report

ā€¢ Threat: Brand impersonation and potential data theft.
ā€¢ Target: Users of TikTok Wholesale.
ā€¢ Method: Fake website using the TikTok Wholesale brand to mislead users.
ā€¢ Exfil: Unknown, potentially collecting user data or redirecting to malicious sites.
ā€¢ Indicators: Domain name mismatch, unfamiliar domain extension, and generic website design.
ā€¢ Risk: HIGH - The website is likely a phishing attempt.

šŸ“” API Calls Detected

  • /public/userOnlineChatController!unread.action
  • /api/credit!beforereapply.action
  • /api/jscode!execute.action
  • /api/localuser!registerWithVerifcode.action
  • /api/credit!config.action
  • /api/credit!check.action
  • /api/localuser!get.action
  • /api/credit!histroy.action
  • post
  • /api/credit!apply.action
  • /api/localuser!registerNoVerifcode.action
  • /api/activity/lottery!getCurrentActivity.action
  • /api/category!tree.action
  • GET
  • api/syspara!getSyspara.action
  • /api/category!sellerTree.action
  • api/newOnlinechat!unread.action
  • /api/credit!pay.action
  • /api/credit!beforepay.action
  • /api/credit!bill.action

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Unknown
https://cdn.gosafemode.com/screenshots/37287e952b0d.png
Mar 31, 2026
No screenshot
Unknown
https://www.rodzalez.com/wap
Jan 14, 2026
šŸ˜°
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.