Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
No screenshot available
Detection Info
https://www.efmhyj.com/wap
Detected Brand
TikTok Shop
Country
International
Confidence
100%
HTTP Status
200
Report ID
f6e67650-3a0…
Analyzed
2026-01-21 12:10
Final URL (after redirects)
https://www.efmhyj.com/start/#/index
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1A7E30C70D655613B063389E4A4722F4FB2D7F31ECA97890067FC43D96FEBC95AA04486 |
|
CONTENT
ssdeep
|
1536:nqV0Aw49xRcHS9uP9rQVW3UT6CLyMrGc9sPtM4dblAjR7ICh6rwvZhfG6Jy7AjVJ:nKTQ+7ICh6rwvZhfG6Jy7AK2 |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f6a51add62a80376 |
|
VISUAL
aHash
|
00ff77c3e6feff00 |
|
VISUAL
dHash
|
c56cec8f4c48352d |
|
VISUAL
wHash
|
00ff6641e6fed700 |
|
VISUAL
colorHash
|
06e00008000 |
|
VISUAL
cropResistant
|
4d6cec8f4c482535,0000009393820080,010c686969697434,3535253d3db9edec |
Code Analysis
Risk Score
100/100
Threat Level
BAJO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Card Stealer
🎣 Banking
🎣 Personal Info
🔥 Firebase Backend
🔬 Threat Analysis Report
• Threat: Potential brand infringement, not a phishing attack.
• Target: Online shoppers, potentially worldwide.
• Method: Using the TikTok Shop brand name and logo on a separate platform.
• Exfil: No data exfiltration detected.
• Indicators: Unrelated domain name, potentially legitimate e-commerce site.
• Risk: LOW - Not a direct threat to user credentials.
🔒 Obfuscation Detected
- atob
- fromCharCode
- unescape
- document.write
- unicode_escape
- base64_strings
📡 API Calls Detected
- /api/localuser!get.action
- /api/activity/lottery!getCurrentActivity.action
- /public/userOnlineChatController!unread.action
- /api/category!tree.action
- api/syspara!getSyspara.action
- /api/credit!check.action
- /api/credit!histroy.action
- /api/localuser!registerWithVerifcode.action
- /api/credit!beforepay.action
- /api/credit!pay.action
- GET
- /api/jscode!execute.action
- /api/credit!config.action
- https://www.google.com/ccm/geo
- /api/credit!beforereapply.action
- api/newOnlinechat!unread.action
- /api/category!sellerTree.action
- /api/credit!bill.action
- https://play.google.com/store/apps/details?id=com.commerce.app
- post
- /api/localuser!registerNoVerifcode.action
- /api/credit!apply.action
- https://apps.apple.com/my/app/shop2u/id6448880380
☁️ Cloud Backend
- Firebase: fir-eb636.firebaseapp.com
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Unknown
https://cdn.gosafemode.com/screenshots/620a493ab40c.png
Apr 03, 2026
Unknown
https://cdn.gosafemode.com/screenshots/0dd104c2bbe7.png
Mar 29, 2026
Unknown
https://api.huiyi321.com/start/
Mar 08, 2026
Unknown
https://tiktok.1d2by.com/start/
Jan 29, 2026
No screenshot
TikTok Shop
https://www.efmhyj.com/start/
Jan 25, 2026
Scan History for www.efmhyj.com
Found 2 other scans for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.