EN ES PT

Phishing Analysis

Detailed analysis of captured phishing page

Back to Stats

Visual Capture

Screenshot of sekhariam.github.io

Detection Info

https://sekhariam.github.io/Netflix-Clone/
Detected Brand
Netflix
Country
International
Confidence
95%
HTTP Status
200
Report ID
b46eeea0-bc6…
Analyzed
2026-03-17 17:15

Content Hashes (HTML Similarity)

Used to detect similar phishing pages based on HTML content

Algorithm Hash Value
CONTENT TLSH
T1DEE1A77A5644116F02C343A13B799B2BB7994190E717272824D9834E6FEAF09CD7F3E8
CONTENT ssdeep
96:TusSIQ7HSmnUAhciW8t9BmRFn8lDUwO4TShBi0fTECCzJ7+/LRg4RK8oAsIp:6v5ymn+wE8lD/9TqACC+Fg4RnoAvp

Visual Hashes (Screenshot Similarity)

Used to detect visually similar phishing pages based on screenshots

Algorithm Hash Value
VISUAL pHash
cc6532cd7131cd33
VISUAL aHash
423060d83c3c0705
VISUAL dHash
8664aeb272602c0d
VISUAL wHash
c63070fe3e3c8707
VISUAL colorHash
39e00000000
VISUAL cropResistant
80c0804040800098,8664aeb272602c0d

Code Analysis

Threat Level ALTO
⚠️ Phishing Confirmed

🔬 Threat Analysis Report

• Threat: Phishing
• Target: Netflix users
• Method: Impersonation through a look-alike website on free hosting.
• Exfil: Email address.
• Indicators: Free hosting, Netflix logo, form.
• Risk: HIGH

📊 Risk Score Breakdown

Total Risk Score
90/100

Contributing Factors

Free Hosting + Brand Logo
The combination of free hosting and the Netflix logo is a very strong indicator of phishing.
Form for data capture
A form designed to collect user data, in this case, email address.

🔬 Comprehensive Threat Analysis

Threat Type
Netflix Credential Harvester
Target
Netflix users (International)
Attack Method
Brand impersonation + credential harvesting forms
Exfiltration Channel
Form submission (backend endpoint not detected - likely JavaScript-based)
Risk Assessment
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)

🏢 Brand Impersonation Analysis

Impersonated Brand
Netflix
Official Website
https://www.netflix.com/
Fake Service
Netflix Membership creation/renewal

Fraudulent Claims

⚔️ Attack Methodology

Primary Method: Credential Harvesting

The attackers are using a phishing website hosted on free hosting to mimic the Netflix website. They display the Netflix logo and offer a 'Get Started' button to lure users into providing their email address. This is a common tactic to collect email addresses for spam or other malicious activities.

Secondary Method: Brand Impersonation

The website closely mirrors the visual design of Netflix. This creates a sense of familiarity and trust, making users more likely to enter their credentials.

🌐 Infrastructure Indicators of Compromise

Domain Information

Domain
sekhariam.github.io
Registered
None
Registrar
None
Status
Active

🤖 AI-Extracted Threat Intelligence

Similar Websites

Pages with identical visual appearance (based on perceptual hash)

Screenshot
Netflix
https://netflix-clone-zeta-nine.vercel.app/
Apr 06, 2026
 Screenshot
Netflix
http://deepasureshadhiladhik-sketch.github.io/netflix-clone-...
Mar 23, 2026
 Screenshot
Netflix
https://suryaenders.github.io/Netflix-Clone/
Mar 23, 2026
 Screenshot
Netflix
http://mrinmayeerasal.github.io/Netflixhomepage
Mar 17, 2026
 Screenshot
Netflix
http://keshavshrivastava.github.io/Netflix-clone-full-websit...
Mar 17, 2026

Scan History for sekhariam.github.io

Found 2 other scans for this domain

😰
"I Never Thought It Would Happen to Me"
That's what 2.3 million victims say every year. Don't wait to become a statistic.