# netflix-clone-jose-pimentas-projects.vercel.app — MALICIOUS > netflix-clone-jose-pimentas-projects.vercel.app poses as Netflix in a credential theft scam. Google Safe Browsing flags it as social engineering. ## Summary PhishDestroy identifies netflix-clone-jose-pimentas-projects.vercel.app as an active Netflix-themed phishing domain deployed to harvest user credentials under the guise of a streaming service clone. The domain mimics Netflix’s branding to trick victims into entering login details on a fraudulent login page hosted on Vercel’s platform. Security researchers have observed this infrastructure being used in spear-phishing campaigns targeting Spanish-speaking users, leveraging familiar platform hosting (Vercel) to evade traditional URL-based detection. The inclusion of 'jose-pimentas-projects' in the subdomain suggests possible attribution to a known threat actor operating under this alias in recent campaigns. This domain exhibits multiple red flags validated by authoritative threat intelligence sources. Resolving to IP 216.198.79.67, it operates under a legitimate certificate issued by Google Trust Services, increasing its credibility to unsuspecting users. However, VirusTotal analysis confirms detection by 22 out of 95 security vendors—including major platforms like Phishunt and OpenPhish—with Google Safe Browsing explicitly classifying it as SOCIAL_ENGINEERING. Registered through Vercel Inc., the domain’s recent creation aligns with observed phishing campaign timelines, and it has already been blacklisted by two independent threat intelligence feeds. These indicators collectively elevate the risk profile to HIGH, indicating active exploitation. If you accessed this domain, assume your Netflix credentials may have been compromised. Immediately change your Netflix password and enable two-factor authentication. Review recent account activity for unauthorized logins and revoke any unfamiliar devices linked to your account. Consider changing passwords for other services if you reused credentials. Report the incident to Netflix support and consider running a malware scan on your device. Avoid entering any personal information on this domain moving forward. ## Threat Details - Verdict: MALICIOUS - Site status: unknown (HTTP ?) ## Domain Intelligence - Registrar: Vercel Inc. - IP: 216.198.79.67 ## Detection Status - VirusTotal: 22 vendors flagged - Google Safe Browsing: FLAGGED - Blocklists: 2 hits Lists: ["Phishunt", "OpenPhish"] ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/d1689dc6-69b3-4bfa-b0e7-1f12b2051652 - PhishDestroy: https://phishdestroy.io/domain/netflix-clone-jose-pimentas-projects.vercel.app/ - LLM endpoint: https://phishdestroy.io/domain/netflix-clone-jose-pimentas-projects.vercel.app/llm.txt ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/netflix-clone-jose-pimentas-projects.vercel.app/ Last updated: 2026-03-31