Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
Detection Info
https://www.netflix-clone-mu-seven.vercel.app/
Detected Brand
Netflix
Country
International
Confidence
98%
HTTP Status
200
Report ID
af7c9d69-5fe…
Analyzed
2026-03-13 14:22
Final URL (after redirects)
https://netflix-clone-mu-seven.vercel.app/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T10E41B96670A4F41645C7E2F3BB630A53A6B18101D7B3170061F6D2694FF5D18CC6768F |
|
CONTENT
ssdeep
|
48:TMMTMx1pbSIIqzFxYLnNIKqfyyLN1e7pIKb:TM0Q1pWqzFiLnNIKqtLN1e7pIKb |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c1c991cdb971e2b8 |
|
VISUAL
aHash
|
6b79e0c098b02627 |
|
VISUAL
dHash
|
d2d3890233624c4e |
|
VISUAL
wHash
|
7b79e0e0d8b03627 |
|
VISUAL
colorHash
|
12401008000 |
|
VISUAL
cropResistant
|
e766ace8eacad4f1,b2b376f2aa7ce4fc,27d4e0f8c05818b9,bcb4b272321a30a3,d2d3890233624c4e |
Code Analysis
Risk Score
50/100
Threat Level
ALTO
⚠️ Phishing Confirmed
🎣 Credential Harvester
🔬 Threat Analysis Report
• Threat: Phishing
• Target: Netflix users
• Method: Impersonation through a fake login or signup page.
• Exfil: Email address.
• Indicators: Free hosting, Netflix branding.
• Risk: High
📊 Risk Score Breakdown
Total Risk Score
95/100
Contributing Factors
Free Hosting
The site is hosted on a free hosting platform which is commonly abused for phishing.
Brand Impersonation
The site attempts to impersonate Netflix.
Form Present
There is a form to collect user's email.
🔬 Comprehensive Threat Analysis
Threat Type
Credential Harvesting Kit
Target
Netflix users (International)
Attack Method
Brand impersonation
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
MEDIUM - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
⚠️ Indicators of Compromise
- Kit types: Credential Harvester
🏢 Brand Impersonation Analysis
Impersonated Brand
Netflix
Official Website
https://www.netflix.com/
Fake Service
Netflix streaming service.
Fraudulent Claims
⚔️ Attack Methodology
Primary Method: Credential Harvesting
The attacker attempts to collect email addresses, using a fake sign-in form.
🌐 Infrastructure Indicators of Compromise
Domain Information
Domain
www.netflix-clone-mu-seven.vercel.app
Registered
None
Registrar
None
Status
None
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for www.netflix-clone-mu-seven.vercel.app
Found 1 other scan for this domain
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.