Phishing Analysis
Detailed analysis of captured phishing page
Captura Visual
Informações de Detecção
http://netflix-clone-site.vercel.app/
Detected Brand
Netflix
Country
International
Confidence
95%
HTTP Status
200
Report ID
9e162335-15c…
Analyzed
2026-03-12 20:26
Final URL (after redirects)
https://netflix-clone-site.vercel.app/
Hashes de Conteúdo (Similaridade HTML)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1643285B311496537130391D1A32B1787B7E6C65CD5934B0063FE93382FE9CA9ED662A8 |
|
CONTENT
ssdeep
|
192:GM6GdXV7qbiJK5Prq8NzTuSJXQWl8o+dM3p4syBMUy3GorodHjGmd3dQHF:GS/78RlAGpR3UBIuX/i |
Hashes Visuais (Similaridade de Captura)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
85d80d7a2d7a8d5a |
|
VISUAL
aHash
|
187e7e7e7e7e003a |
|
VISUAL
dHash
|
b0f0e0c4c8c48cf2 |
|
VISUAL
wHash
|
187e7e3e3c7e0032 |
|
VISUAL
colorHash
|
180000001c0 |
|
VISUAL
cropResistant
|
26e64839d4c42900,98ddddd6c723a3a7,b040d0d051d1f0e8,b0f0e0c4c8c48cf2 |
Análise de Código
Threat Level
ALTO
⚠️ Phishing Confirmed
🔬 Threat Analysis Report
• Ameaça: Phishing
• Alvo: Usuários da Netflix
• Método: Impersonação por meio de um site clonado
• Exfil: Detecção de envio de formulário JavaScript (não está claro para onde vão os dados)
• Indicadores: Hospedagem gratuita, marca Netflix, chamada para ação de login
• Risco: Alto
🎯 Kit Endpoints
- https://www.netflix.com/in/login
📊 Detalhamento da Pontuação de Risco
Total Risk Score
90/100
Contributing Factors
Free hosting with Brand Logo
The use of free hosting and the presence of the Netflix logo is a clear indicator of a phishing attempt.
Login Attempt
Presence of a login sign-in button pointing to credentials theft.
🔬 Análise Integral de Ameaças
Tipo de Ameaça
Netflix Phishing Landing Page
Alvo
Netflix users (International)
Método de Ataque
Brand impersonation
Canal de Exfiltração
Form submission (backend endpoint not detected - likely JavaScript-based)
Avaliação de Risco
LOW - Automated credential harvesting with Form submission (backend endpoint not detected - likely JavaScript-based)
🏢 Análise de Falsificação de Marca
Impersonated Brand
Netflix
Official Website
https://www.netflix.com/
Fake Service
Netflix
⚔️ Metodologia de Ataque
Primary Method: Credential Harvesting
The attacker attempts to steal user credentials by creating a website that looks like Netflix. It is hosted on a free platform to avoid security detections.
🌐 Indicadores de Compromisso de Infraestrutura
Domain Information
Domain
netflix-clone-site.vercel.app
Registered
None
Registrar
None
Status
None
🤖 AI-Extracted Threat Intelligence
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for netflix-clone-site.vercel.app
Found 3 other scans for this domain
"Nunca pensei que aconteceria comigo"
Isso dizem os 2,3 milhões de vítimas a cada ano. Não espere para ser uma estatística.