Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
http://qiyeyou126.cn/login
Detected Brand
NetEase
Country
China
Confiança
100%
HTTP Status
200
Report ID
3d778c6c-4d9…
Analyzed
2026-01-20 12:39
Final URL (after redirects)
http://qiyeyou126.cn/login/
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T16733DE312D980EBB03FB52CE7A54EF3B60C3BA69C3154D898AF8499D1E4CDE1AD90157 |
|
CONTENT
ssdeep
|
768:NG/9qACeoYjJU/gULbNcTW+pACeSOFm44m/s:kEAF/ULbipAF4K/s |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9a1be77ae1659812 |
|
VISUAL
aHash
|
00000c028f9fffff |
|
VISUAL
dHash
|
42383816393c64cd |
|
VISUAL
wHash
|
00000c0a8fdfffff |
|
VISUAL
colorHash
|
06007000000 |
|
VISUAL
cropResistant
|
42383816393c64cd |
Análise de Código
Risk Score
100/100
Nível de Ameaça
BAJO
🎣 Credential Harvester
🎣 OTP Stealer
🎣 Banking
🎣 Personal Info
🔬 Threat Analysis Report
• Ameaça: Portal de login potencialmente comprometido
• Alvo: Usuários de e-mail corporativo da NetEase na China
• Método: Login com código QR para o e-mail corporativo da NetEase
• Exfil: Credenciais de login potencialmente comprometidas.
• Indicadores: O URL é suspeito, mas é consistente com páginas de login mais antigas.
• Risco: BAIXO - requer verificações adicionais para determinar se este é o URL de login atual.
🔐 Credential Harvesting Forms
🔒 Obfuscation Detected
- fromCharCode
- unescape
- document.write
- unicode_escape
- base64_strings
🎯 Kit Endpoints
- https://entry.qiye.163.com/domain/domainEntLogin
- https://open.qiye.163.com/advconfig/getAdvConfig?type=login&callback=jsonp_au80snhs9dg2771
- //qiye.163.com/entry/buy-price.htm?from=login_pc
- https://ss.knet.cn/verifyseal.dll?sn=e12051044010020841301459&ct=df&pa=151131
- https://entryhz.qiye.163.com/login/action/getCtCodes?callback=jsonp_az499c69sny0rek
- https://entry.qiye.163.com/domain/domainAdminLogin
📡 API Calls Detected
- get
- POST
- GET
- //office.163.com/
📤 Form Action Targets
- https://entry.qiye.163.com/domain/domainEntLogin
- https://entry.qiye.163.com/domain/domainAdminLogin
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Desconhecido
https://cdn.gosafemode.com/screenshots/5a9b729ca0bf.png
Jun 10, 2026
NetEase (网易)
https://www.qiyeyou126.cn/login/
Mar 19, 2026
NetEase (网易)
https://www.qiyeyou126.cn/login
Mar 17, 2026
No screenshot
NetEase (163.com)
http://126qiyeyou.com/login
Jan 19, 2026
NetEase
http://qiyeyou126.cn/login
Dez 25, 2025
Scan History for qiyeyou126.cn
Found 3 other scans for this domain
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.