SafeMode - Analysis: absltiks-shop.com

Captura Visual

No screenshot available

Información de Detección

https://absltiks-shop.com/

Detected Brand

TikTok

Country

International

Confianza

100%

HTTP Status

200

Report ID

2bf0c0f6-2ea…

Analyzed

2026-01-26 23:58

Final URL (after redirects)

https://absltiks-shop.com/#/home

Hashes de Contenido (Similitud HTML)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1AEC2207C20EC15B7903B8CCAB824395DA871934BCF26C8976AAD53D63FD2811B550E7B
CONTENT ssdeep	384:DybgbzkDBuDBP8pYy5E2zu7TVBq9XqLTV5tDUTghoVupJVCzN:DybgbzT8pYytIqqLTV5tD+gqAGN

Hashes Visuales (Similitud de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9616bb391cb97911
VISUAL aHash	0e060e1600ffffff
VISUAL dHash	6cecece46495080e
VISUAL wHash	0c06041404ffffff
VISUAL colorHash	16600000002
VISUAL cropResistant	9f9b9f9fadedcfc6,9e0c000c0f370c4c,7c6cececf4646471

Análisis de Código

Risk Score 82/100

Nivel de Amenaza BAJO

🎣 Credential Harvester 🎣 OTP Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Amenaza: Posible abuso de marca / tienda no autorizada.
• Objetivo: Usuarios de TikTok.
• Método: Posiblemente una tienda de TikTok de terceros no verificada.
• Exfil: No hay evidencia de exfiltración de datos.
• Indicadores: Dominio no oficial, pero sin signos claros de phishing.
• Riesgo: BAJO - Posible tergiversación de la marca, pero sin amenaza directa.

📡 API Calls Detected

https://xf.xfgfdgre.shop/XP26hG

📊 Desglose de Puntuación de Riesgo

Total Risk Score

100/100

Contributing Factors

Active Phishing Kit

Detected Credential Harvester and OTP Stealer kits targeting TikTok users for account takeover.

Brand Impersonation

Domain absltiks-shop.com impersonates TikTok with high visual similarity and fake service claims.

Lack of Detection Evasion

No obfuscation techniques, Telegram bots, Discord webhooks, or WebSocket URLs detected, indicating low operational security.

High-Risk Target

Targeting TikTok, a high-value platform for account takeover and financial fraud.

🔬 Análisis Integral de Amenazas

Tipo de Amenaza

Banking Credential Harvester

Objetivo

TikTok users (International)

Método de Ataque

Phishing webpage

Canal de Exfiltración

Unknown

Evaluación de Riesgo

CRITICAL - Automated credential harvesting with Unknown

⚠️ Indicators of Compromise

Kit types: Credential Harvester, OTP Stealer, Banking, Personal Info

🏢 Análisis de Suplantación de Marca

Impersonated Brand

TikTok

Official Website

https://www.tiktok.com

Fake Service

TikTok Store or promotional offer

⚔️ Metodología de Ataque

Primary Method: Credential Harvesting

The phishing kit captures TikTok login credentials via a fake login portal. Submitted credentials are likely exfiltrated to an attacker-controlled server for immediate account takeover.

Secondary Method: OTP Stealer

If multi-factor authentication (MFA) is enabled, the kit may prompt victims to enter OTP codes, which are intercepted and relayed to the attacker in real-time.

🌐 Indicadores de Compromiso de Infraestructura

Domain Information

Dominio

absltiks-shop.com

Registered

2025-10-21 13:13:53+00:00

Registrar

Amazon Registrar, Inc.

Estado

Active (97 days old)

📊 Diagrama de Flujo de Ataque

┌──────────────────────────────────────────────────────────┐
│ 1. VICTIM RECEIVES PHISHING LURE                          │
│    - Fake TikTok email/notification with malicious link   │
└────────────────────┬─────────────────────────────────────┘
                     │
                     ▼
┌──────────────────────────────────────────────────────────┐
│ 2. VICTIM VISITS FAKE TIKTOK PAGE                        │
│    - Phishing site mimics legitimate TikTok login        │
└────────────────────┬─────────────────────────────────────┘
                     │
                     ▼
┌──────────────────────────────────────────────────────────┐
│ 3. CREDENTIAL INPUT                                      │
│    - Victim enters Banking/login credentials             │
└────────────────────┬─────────────────────────────────────┘
                     │
                     ▼
┌──────────────────────────────────────────────────────────┐
│ 4. DATA CAPTURE & EXFILTRATION                           │
│    - Credentials sent via HTTP POST (form submission)    │
└──────────────────────────────────────────────────────────┘

🤖 AI-Extracted Threat Intelligence

📊 Attack Flow

┌──────────────────────────────────────────────────────────┐
│ 1. VICTIM RECEIVES PHISHING LURE                          │
│    - Fake TikTok email/notification with malicious link   │
└────────────────────┬─────────────────────────────────────┘
                     │
                     ▼
┌──────────────────────────────────────────────────────────┐
│ 2. VICTIM VISITS FAKE TIKTOK PAGE                        │
│    - Phishing site mimics legitimate TikTok login        │
└────────────────────┬─────────────────────────────────────┘
                     │
                     ▼
┌──────────────────────────────────────────────────────────┐
│ 3. CREDENTIAL INPUT                                      │
│    - Victim enters Banking/login credentials             │
└────────────────────┬─────────────────────────────────────┘
                     │
                     ▼
┌──────────────────────────────────────────────────────────┐
│ 4. DATA CAPTURE & EXFILTRATION                           │
│    - Credentials sent via HTTP POST (form submission)    │
└──────────────────────────────────────────────────────────┘

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

TikTok

http://www.tkshops-tj.com/

May 30, 2026

TikTok

https://www.dont-kshop.com/

Dic 27, 2025