EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Captura Visual

No screenshot available

Informações de Detecção

https://www.efmhyj.com/start/
Detected Brand
TikTok Shop
Country
International
Confidence
100%
HTTP Status
200
Report ID
99447a20-8b8…
Analyzed
2026-01-25 00:08
Final URL (after redirects)
https://www.efmhyj.com/start/#/index

Hashes de Conteúdo (Similaridade HTML)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T147E30C70D695613B063389E4A4722F4FB2D7F31ECA97890067FC43D96FEBC95AA04486
CONTENT ssdeep
1536:nqV0Ak55xRcHS9ZP9rQVW3UT6CLyMrGc9sPtM42blAjR7I2MumevZhfGGq+QGjVJ:nKic27I2MumevZhfGGq+QGK2

Hashes Visuais (Similaridade de Captura)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
f6a51add62a80376
VISUAL aHash
00ff77c3e6feff00
VISUAL dHash
c56cec8f4c48352d
VISUAL wHash
00ff6641e6fed700
VISUAL colorHash
06e00008000
VISUAL cropResistant
4d6cec8f4c482535,0000009393820080,010c686969697434,3535253d3db9edec

Análise de Código

Risk Score 100/100
Threat Level BAJO
🎣 Credential Harvester 🎣 OTP Stealer 🎣 Card Stealer 🎣 Banking 🎣 Personal Info

🔬 Threat Analysis Report

• Ameaça: Site de comércio eletrônico suspeito com domínio não relacionado à marca
• Alvo: Compradores online
• Método: Potencialmente vendendo produtos falsificados ou realizando outras práticas enganosas
• Exfil: Nenhuma exfiltração de dados explícita detectada, mas potencial para roubo de cartão de crédito ou dados pessoais se as compras forem feitas
• Indicadores: Domínio não relacionado, data de criação do domínio no futuro
• Risco: BAIXO - Potencial de golpe ou produtos de baixa qualidade, mas sem roubo direto de credenciais

🔒 Obfuscation Detected

  • atob
  • fromCharCode
  • unescape
  • document.write
  • unicode_escape
  • base64_strings

📡 API Calls Detected

  • /api/credit!config.action
  • /api/credit!beforereapply.action
  • /api/credit!pay.action
  • /api/localuser!registerNoVerifcode.action
  • /api/credit!bill.action
  • /api/localuser!registerWithVerifcode.action
  • /public/userOnlineChatController!unread.action
  • /api/credit!histroy.action
  • /api/category!sellerTree.action
  • GET
  • /api/credit!check.action
  • /api/category!tree.action
  • post
  • /api/activity/lottery!getCurrentActivity.action
  • /api/localuser!get.action
  • /api/credit!apply.action
  • /api/credit!beforepay.action
  • api/newOnlinechat!unread.action
  • api/syspara!getSyspara.action
  • /api/jscode!execute.action

🔬 JavaScript Deep Analysis

Operator Language
Portuguese (0%)
Sophistication Level
Advanced
Total Code Size
4,8 MB

🔗 API Endpoints Detected

Other
32
WebSocket (Real-time)
1

🔐 Obfuscation Detected

  • : Light
  • : Light
  • : Heavy
  • : Moderate

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Unknown
https://cdn.gosafemode.com/screenshots/620a493ab40c.png
Abr 03, 2026
 Screenshot
Unknown
https://cdn.gosafemode.com/screenshots/0dd104c2bbe7.png
Mar 29, 2026
 Screenshot
Unknown
https://api.huiyi321.com/start/
Mar 08, 2026
 Screenshot
Unknown
https://tiktok.1d2by.com/start/
Jan 29, 2026
No screenshot
Unknown
https://www.efmhyj.com/
Jan 22, 2026

Scan History for www.efmhyj.com

Found 2 other scans for this domain

😰
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.