SafeMode - Analysis: krishna31012007.github.io

Visual Capture

Detection Info

http://krishna31012007.github.io/Netflix-Ui-clone

Detected Brand

Netflix

Country

Unknown

Confidence

100%

HTTP Status

200

Report ID

8a21ef53-c2c…

Analyzed

2026-06-21 10:20

Final URL (after redirects)

https://krishna31012007.github.io/Netflix-Ui-clone/

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm	Hash Value
CONTENT TLSH	T131D153728193AC0B0693E1E1B5372B0BA2D7834CC6424B6462FDC7EDAEC5D51FC621C9
CONTENT ssdeep	96:TXES1RH6yLxX3KjHjXzf9meYDZXV1Ya1MLnV1/j0/nN48jg:7VRH6OX3KjDXzf9meKT1YoMh1cnN48c

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm	Hash Value
VISUAL pHash	9da8a5ac2799ce91
VISUAL aHash	93c6180c8a985e26
VISUAL dHash	369eb2183632944e
VISUAL wHash	b7c65c8c8a985ea6
VISUAL colorHash	39600018000
VISUAL cropResistant	369eb2183632944e

Code Analysis

Risk Score 50/100

Threat Level ALTO

⚠️ Phishing Confirmed

🎣 Credential Harvester

🎯 Kit Endpoints

https://www.netflix.com/in/login?nextpage=https%3A%2F%2Fwww.netflix.com%2Fyouraccount&serverState=%7B%22realm%22%3A%22growth%22%2C%22name%22%3A%22IDENTIFICATION%22%2C%22clcsSessionId%22%3A%224d5f1cde-57f8-478f-8430-fc94a3169bc4%22%2C%22sessionContext%22%3A%7B%22session-breadcrumbs%22%3A%7B%22funnel_name%22%3A%22loginWeb%22%7D%2C%22login.navigationSettings%22%3A%7B%22nextPage%22%3A%22https%3A%2F%2Fwww.netflix.com%2Fyouraccount%22%7D%7D%7D

📊 Risk Score Breakdown

Total Risk Score

70/100

Contributing Factors

Active Phishing Kit

Detected kit types: Credential Harvester

🔬 Comprehensive Threat Analysis

Threat Type

Credential Harvesting Kit

Target

Netflix users

Attack Method

Phishing webpage

Exfiltration Channel

Form submission (backend endpoint not detected - likely JavaScript-based)

Risk Assessment

MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

⚠️ Indicators of Compromise

Kit types: Credential Harvester

🏢 Brand Impersonation Analysis

Impersonated Brand

Netflix

Official Website

https://www.netflix.com

Fake Service

Credential harvesting service

⚔️ Attack Methodology

Primary Method: Credential Harvesting

Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.

Secondary Method: Standard Phishing Techniques

Uses typical phishing tactics including brand impersonation, urgency tactics, and social engineering to trick victims into providing sensitive information.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain

krishna31012007.github.io

Registered

Unknown

Registrar

Unknown

Status

Hosting platform (subdomain)

Hosting Information

Provider

Unknown

ASN

Phishing Analysis

Visual Capture

Detection Info

Content Hashes (HTML Similarity)

Visual Hashes (Screenshot Similarity)

Code Analysis

🎯 Kit Endpoints

📊 Risk Score Breakdown

Contributing Factors

🔬 Comprehensive Threat Analysis

⚠️ Indicators of Compromise

🏢 Brand Impersonation Analysis

⚔️ Attack Methodology

Primary Method: Credential Harvesting

Secondary Method: Standard Phishing Techniques

🌐 Infrastructure Indicators of Compromise

Domain Information

Hosting Information

🤖 AI-Extracted Threat Intelligence