Phishing Analysis: TK Store

Visual Capture

Detection Info

http://eq51lnf7.tscpress.com/

Detected Brand

TK Store

Country

International

Confidence

100%

HTTP Status

200

Report ID

9d59cec6-e80…

Analyzed

2026-01-13 12:40

Final URL (after redirects)

https://eq51lnf7.tscpress.com/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1CE526032A051B53740C383F2AB302BAABBE0C2A7D693464595F8C35C5BD1D52DD2F62B
CONTENT ssdeep	192:CSZeRQxgRj5sMiDM6Mc+TfyKTpfT4I40STp4MnloFnxpq/+1qp31qPaWI:CJREaP6McWa6trZyhnixpaUk0XI

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	ec6c9393c9693361
VISUAL aHash	fff3c191f9ffe7cf
VISUAL dHash	5b262723230c861e
VISUAL wHash	fde38181f1ff0103
VISUAL colorHash	07400080001
VISUAL cropResistant	5b262723230c861e,666e261fb3b6b657,5e776e2c0ccc7321

Code Analysis

Risk Score 85/100

Threat Level MEDIO

⚠️ Phishing Confirmed

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Threat: Potential phishing attempt to impersonate TK Store.
• Target: TK Store customers.
• Method: Unknown, website could attempt to gather credentials or redirect to malicious content.
• Exfil: Potentially to a custom API given the obfuscated JavaScript.
• Indicators: Domain is less than 30 days old, and the domain is not associated with the legitimate brand. Obfuscated Javascript is also an indicator.
• Risk: MEDIUM - Possible credential harvesting or malware distribution.