Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://nikhil7897.github.io/Amazon-clone-webpage
Detected Brand
Amazon
Country
UK
Confidence
90%
HTTP Status
200
Report ID
26e69d26-8ec…
Analyzed
2026-03-12 22:21
Final URL (after redirects)
https://nikhil7897.github.io/Amazon-clone-webpage/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1C30209E1C9BAD6B3149352F0C7753ED63FC09241C6621E00A3E5938AEAEED49DF6251C |
|
CONTENT
ssdeep
|
96:neIJ2pjUD2WWcTH6sMd+uya5oMDlel7lclxl6lnl4ltlDlGlLsMd+LgKm:e8jwtjlel7lclxl6lnl4ltlDlGlLUgKm |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
f84f134a13875b4e |
|
VISUAL
aHash
|
00fbf8ffc0c0ffcf |
|
VISUAL
dHash
|
c11702b295959b9d |
|
VISUAL
wHash
|
00d1f0ffc0c0ff4e |
|
VISUAL
colorHash
|
07401010000 |
|
VISUAL
cropResistant
|
808082c2c2c28080,9313629695979b9d,e9c1036397176222,1c3d4cc6799d8523,981f3ba1c5c5b909,070e4c4e0606c667,41694d6c5e5e7e3e |
Code Analysis
Threat Level
ALTO
⚠️ Phishing Confirmed
🔬 Threat Analysis Report
• Threat: Phishing
• Target: Amazon users
• Method: Fake login page
• Exfil: User credentials
• Indicators: Brand logo on free hosting
• Risk: High
🎯 Kit Endpoints
- /login.html
📊 Risk Score Breakdown
Total Risk Score
95/100
Contributing Factors
Brand Impersonation
The site uses Amazon's branding and logos.
Free Hosting
The site is hosted on a free platform commonly used for phishing.
🔬 Comprehensive Threat Analysis
Threat Type
Amazon Phishing Landing Page
Target
Amazon users (UK)
Attack Method
Brand impersonation
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
🏢 Brand Impersonation Analysis
Impersonated Brand
Amazon
Official Website
https://www.amazon.com
Fake Service
Online Shopping
Fraudulent Claims
⚔️ Attack Methodology
Primary Method: Phishing
The site impersonates Amazon to steal user credentials.
Secondary Method: Credential Harvesting
Users enter their credentials which are then sent to the attacker.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
nikhil7897.github.io
Registered
Date Unknown
Registrar
GitHub, Inc.
Status
Active
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Unknown
https://cdn.gosafemode.com/screenshots/a66a089b3cde.png
Apr 06, 2026
Amazon
http://amazon-ui-clone-pi.vercel.app/
Jan 17, 2026
Amazon
http://www.amazon-ui-clone-pi.vercel.app/
Jan 17, 2026
Amazon
https://pankajkumar-7255.github.io/Amazon-Project
Jan 12, 2026
Amazon
http://zaffar9702.github.io/amazon-clone
Jan 10, 2026
Scan History for nikhil7897.github.io
Found 1 other scan for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.