Phishing Analysis
Detailed analysis of captured phishing page
Visual Capture
No screenshot available
Detection Info
http://heinthu1.github.io
Detected Brand
Netflix
Country
International
Confidence
95%
HTTP Status
200
Report ID
01cd95ef-4cd…
Analyzed
2025-12-22 10:17
Final URL (after redirects)
https://heinthu1.github.io/
Content Hashes (HTML Similarity)
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1F931EE7B900590A70583D1F267A65F133E82824ADB530A0810FFD39F2BDAD0CDC9B384 |
|
CONTENT
ssdeep
|
24:nF8CaYirpM6U6OaI22oORQ0OxgSm08VTNW4wSehiTfKrL5AejaL0:njoptlIJohm9RTfS2eP |
Visual Hashes (Screenshot Similarity)
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
d39723eec6618c94 |
|
VISUAL
aHash
|
a32c7e7cfefc4000 |
|
VISUAL
dHash
|
4a48fae8a03189c2 |
|
VISUAL
wHash
|
822c7e7efefc6000 |
|
VISUAL
colorHash
|
32600008040 |
|
VISUAL
cropResistant
|
ac00a8c2d2820090,4a48fae8a03189c2 |
Code Analysis
Threat Level
ALTO
🔬 Threat Analysis Report
• Threat: Credential harvesting phishing
• Target: Netflix users
• Method: Fake email input form to steal email addresses.
• Exfil: Likely sent to a remote server for later use.
• Indicators: Free hosting, Netflix brand impersonation, email input field on main landing page
• Risk: HIGH - Potential for credential theft and account compromise
Similar Websites
Pages with identical visual appearance (based on perceptual hash)
Scan History for heinthu1.github.io
Found 3 other scans for this domain