EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

Screenshot of tiopy.top

Informações de Detecção

https://tiopy.top/
Detected Brand
TikTok Shop
Country
International
Confidence
100%
HTTP Status
N/A
Report ID
770e33bb-85d…
Analyzed
2026-03-05 13:30
Final URL (after redirects)
https://tiopy.top/h5/#/pages/login/index

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T15E1210307046387762379A91F8A18B0D2217D335D746196CB7A417B6BBCDCE48A72BF8
CONTENT ssdeep
192:lMMcbbRgSLGnERjIFTfSDtFTfRZEu3JMLfPvErEFt5LfJyLfkTLfWlLfljLfxAM1:iMEvGnER+f2XfPEu3uLFFt5LfJyLfkTA

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
b333266666cccccc
VISUAL aHash
e7e7ffe7e7ffffff
VISUAL dHash
4d4d004d4d000c00
VISUAL wHash
00002424e4fcfcfc
VISUAL colorHash
07000000606
VISUAL cropResistant
4d4d004d4d000c00,212101617103630b,45008c30b2300155

Análise de Código

Risk Score 85/100
Threat Level ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Phishing
• Alvo: Usuários do TikTok Shop
• Método: Coleta de credenciais
• Exfil: Provavelmente através de ofuscação Javascript
• Indicadores: Idade do domínio, ofuscação Javascript e envio de formulário.
• Risco: ALTO

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

📡 API Calls Detected

  • GET
  • POST

📊 Detalhamento da Pontuação de Risco

Total Risk Score
90/100

Contributing Factors

Recent Domain
Domain age of 2 days is highly suspicious.
Domain Mismatch
Domain tiopy.top is completely unrelated to the official TikTok Shop domain.
Obfuscation Detected
Javascript Obfuscation increases the chance of malicious code.
Form Submission
Javascript form submission detected

🔬 Análise Integral de Ameaças

Tipo de Ameaça
Banking Credential Harvester
Alvo
TikTok Shop users (International)
Método de Ataque
Brand impersonation + obfuscated JavaScript
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
CRITICAL - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

  • Kit types: Credential Harvester, OTP Stealer, Card Stealer, Banking, Personal Info
  • 33 obfuscation techniques

🏢 Análise de Falsificação de Marca

Impersonated Brand
TikTok Shop
Official Website
null
Fake Service
Login

⚔️ Metodologia de Ataque

Primary Method: Credential Harvesting

The site is designed to trick users into entering their TikTok Shop login credentials (phone number & password), which are then stolen by the attackers.

Secondary Method: Javascript Obfuscation

The attackers are using Javascript obfuscation to hide and potentially execute malicious code on the victim's browser.

🌐 Indicadores de Compromisso de Infraestrutura

Domain Information

Domain
tiopy.top
Registered
2024-03-02
Registrar
None
Status
active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
TikTok
https://tiktok.ymiznf.cn/app/#/
Abr 06, 2026
 Screenshot
TikTok Shop
https://tiktok.ymiznf.cn/
Abr 06, 2026
 Screenshot
TikTok
https://tiakt.com/
Mar 20, 2026
 Screenshot
TikTok Shop
https://www.gvgmall606.vip/
Jan 31, 2026
 Screenshot
TikTok Shop
https://tkgoshop.shop/
Jan 04, 2026
😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.