Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Información de Detección
https://sonaligusain.github.io/netflix-clone
Detected Brand
Netflix
Country
International
Confianza
95%
HTTP Status
200
Report ID
5c14cc10-4bf…
Analyzed
2026-03-02 00:53
Final URL (after redirects)
https://sonaligusain.github.io/netflix-clone/
Hashes de Contenido (Similitud HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1FDB145A61341DD2E4567C2E2FB36776A23B7A188D98A031495FDC3181FD9D49EC3B8C4 |
|
CONTENT
ssdeep
|
96:TXY81ReAt7kJLoWKjR9kHo2f9me2/LbosKOe:DYwReykloWKjDkHo2f9me2noste |
Hashes Visuales (Similitud de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d2c9363469966dd2 |
|
VISUAL
aHash
|
007c7c387c026604 |
|
VISUAL
dHash
|
d4c5f1ebe884cccc |
|
VISUAL
wHash
|
6a70fe7c7e046606 |
|
VISUAL
colorHash
|
31401008000 |
|
VISUAL
cropResistant
|
e4f43230e4a1a1e0,d4c5f1ebe884cccc |
Análisis de Código
Nivel de Amenaza
ALTO
⚠️ Phishing Confirmed
🔬 Threat Analysis Report
• Amenaza: Phishing
• Objetivo: Usuarios de Netflix
• Método: Suplantación de identidad a través de una página de inicio de sesión falsa
• Exfil: Correo electrónico y probablemente contraseña
• Indicadores: Alojamiento gratuito, logo de la marca, formulario
• Riesgo: ALTO
📊 Desglose de Puntuación de Riesgo
Total Risk Score
90/100
Contributing Factors
Free Hosting
The site is hosted on a free hosting platform, a common indicator of phishing.
Brand Impersonation
The site closely mimics the Netflix website design.
Form on Landing Page
The presence of a form to collect user information increases the risk.
🔬 Análisis Integral de Amenazas
Tipo de Amenaza
Netflix Phishing Landing Page
Objetivo
Netflix users (International)
Método de Ataque
Brand impersonation
Canal de Exfiltración
Form submission (backend endpoint not detected - likely JavaScript-based)
Evaluación de Riesgo
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
🏢 Análisis de Suplantación de Marca
Impersonated Brand
Netflix
Official Website
https://www.netflix.com/
Fake Service
Netflix streaming service
⚔️ Metodología de Ataque
Primary Method: Credential Harvesting
The attacker attempts to steal user credentials (email, and potentially password) by creating a fake login page that mimics Netflix.
🌐 Indicadores de Compromiso de Infraestructura
Domain Information
Dominio
sonaligusain.github.io
Registered
Not Available
Registrar
Not Available
Estado
Active
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Netflix
http://gauri426.github.io/netflix-clone
May 10, 2026
Netflix
http://netflix-clone-lilac-iota.vercel.app
May 08, 2026
Netflix
https://netflix-clone-lilac-iota.vercel.app/
May 06, 2026
Netflix
http://vrushabhgvs.github.io/net-clone
May 05, 2026
Netflix
http://sufyan17809.github.io/Project-10
May 02, 2026
Scan History for sonaligusain.github.io
Found 3 other scans for this domain
"Nunca pensé que me pasaría a mí"
Esto dicen las 2.3 millones de víctimas cada año. No esperes a ser una estadística.