# couriguydeliever.netlify.app — MALICIOUS

> PhishDestroy identifies couriguydeliever.netlify.app as an active Netflix credential phishing scam hosted on Netlify.

## Summary
PhishDestroy identifies couriguydeliever.netlify.app as an active Netflix credential phishing domain posing an elevated risk to users. This generic phishing page impersonates Netflix to harvest login credentials and payment information through a convincing fake login portal.  

This domain was flagged by 13 of 95 VirusTotal security vendors, indicating widespread detection of its malicious intent. It resolves to IP 35.157.26.135 and is registered through Netlify’s platform with a DigiCert SSL certificate, which adds superficial legitimacy. The domain shows clear signs of being a spoofed service designed to mimic legitimate Netflix authentication flows. While no creation date is provided in the available data, the combination of poor detection ratio, suspicious hosting infrastructure, and active campaign status suggests this is a recently deployed threat vector targeting streaming service users.  

Users should immediately avoid interacting with couriguydeliever.netlify.app and verify any Netflix-related communications through official channels only. If credentials were entered, users must change their Netflix password immediately, enable two-factor authentication, and monitor accounts for unauthorized activity. Report suspicious emails or links to Netflix directly and consider using password managers with domain verification features to prevent future exposure. Netlify should be notified of this misuse to expedite takedown under their abuse policy.

## Threat Details
- Verdict: MALICIOUS
- Site status: unknown (HTTP ?)

## Domain Intelligence
- Registrar: Netlify
- IP: 35.157.26.135

## Detection Status
- VirusTotal: 13 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/c1fa5d5b-619b-4ed5-af2c-9cea7757180d
- PhishDestroy: https://phishdestroy.io/domain/couriguydeliever.netlify.app/
- LLM endpoint: https://phishdestroy.io/domain/couriguydeliever.netlify.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/couriguydeliever.netlify.app/
Last updated: 2026-03-21