SafeMode - Analysis: spotify-songs1.netlify.app

Visual Capture

Screenshot of spotify-songs1.netlify.app

Detection Info

https://spotify-songs1.netlify.app/

Detected Brand

Spotify

Country

Unknown

Confidence

95%

HTTP Status

200

Report ID

29b644f1-dcf…

Analyzed

2026-06-13 22:15

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T1AA81ED724005ED2BA192C3F093747B2F76D68251CB97170696F6A3A81FC6D8BEC3A158
CONTENT ssdeep	48:TXff+5oYiUQPhPGcYQbPagPsiom/L/MnpwYnCiwYn1BQrYfvhO:TH8Yp+cfhU1mzm/nCon1BQrgvhO

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	cecebb3131aa8e88
VISUAL aHash	a53038300000003f
VISUAL dHash	6964646490a08168
VISUAL wHash	bfbc38380000013f
VISUAL colorHash	31200200001
VISUAL cropResistant	6964646490a08168

Code Analysis

Risk Score 3/100

Threat Level ALTO

⚠️ Phishing Confirmed

🔒 Obfuscation Detected

fromCharCode

📡 API Calls Detected

songs.json

📊 Risk Score Breakdown

Total Risk Score

40/100

Contributing Factors

Code Obfuscation

JavaScript code obfuscated using 11 technique(s) to evade detection

🔬 Comprehensive Threat Analysis

Threat Type

Spotify Phishing Landing Page

Target

Spotify users

Attack Method

obfuscated JavaScript

Exfiltration Channel

Form submission (backend endpoint not detected - likely JavaScript-based)

Risk Assessment

LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

11 obfuscation techniques

🏢 Brand Impersonation Analysis

Impersonated Brand

Spotify

Official Website

N/A

Fake Service

Credential harvesting service

⚔️ Attack Methodology

Primary Method: Brand Impersonation Redirect

Impersonates Spotify to build victim trust through search engine manipulation or malicious advertisements. Often redirects to credential theft pages or serves malware disguised as legitimate software.