Phishing Analysis
Detailed analysis of captured phishing page
88
Risk Score
High Risk
Threat Level: ALTO
• Impersonating: SafePal
- • Threat: Cryptocurrency wallet phishing
- • Target: SafePal users
- • Method: Fake website impersonating SafePal
- • Exfil: Potential data exfiltration via obfuscated JavaScript
- • Indicators: Domain mismatch, recent domain registration, obfuscated JS
- • Risk: HIGH - Potential theft of cryptocurrency assets
⚠ Risk Factors
- OTP/2FA stealing indicators detected
- Banking fraud indicators detected
Visual Capture
Detection Info
http://safepalwallet.online
Detected Brand
SafePal
Country
International
Confidence
100%
HTTP Status
200
Report ID
984fe631-7e4…
Analyzed
2026-01-11 06:31
Final URL (after redirects)
https://safepalwallet.online/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T12532113533006AFE85FF8BF4B7256BA7A165C294D117822CA3F84255EBCBC95CCE1294 |
|
CONTENT
ssdeep
|
96:n5XA75QXC1XmApjiZg8s4GoPI81pdnC7Gz7EYzrIM89oEYTqw9F:5t6jiZns4c81pFCCzoY/XF |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c3e7943c2dc1989e |
|
VISUAL
aHash
|
66766e6000187c7c |
|
VISUAL
dHash
|
c4ccd8d032b2d4d4 |
|
VISUAL
wHash
|
46767e7800187e7e |
|
VISUAL
colorHash
|
31000030000 |
|
VISUAL
cropResistant
|
0020c32b29840000,c4ccd8d032b2d4d4 |
Code Analysis
Risk Score
88/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Threat: Cryptocurrency wallet phishing
• Target: SafePal users
• Method: Fake website impersonating SafePal
• Exfil: Potential data exfiltration via obfuscated JavaScript
• Indicators: Domain mismatch, recent domain registration, obfuscated JS
• Risk: HIGH - Potential theft of cryptocurrency assets
🔒 Obfuscation Detected
- fromCharCode
- unicode_escape