# netflix-clone-khaki-seven.vercel.app — MALICIOUS

> Stay safe: the domain netflix-clone-khaki-seven.vercel.app impersonates Netflix and is flagged for social engineering.

## Summary
PhishDestroy identifies netflix-clone-khaki-seven.vercel.app as a high-risk phishing domain impersonating the Netflix brand. The site uses deceptive branding to trick users into divulging sensitive information, posing significant social engineering threats. This malicious intent is underscored by the domain’s recent creation date and suspicious page title referencing Netflix.

Technically, the domain resolves to IP address 64.29.17.3 and is registered through Vercel Inc. It has been flagged on two security blocklists and identified by Google Safe Browsing for social engineering. VirusTotal analysis reveals that 22 out of 95 security vendors detect threats associated with this domain, confirming its malicious nature. The domain was registered on March 5, 2026, indicating recent and likely targeted phishing activity.

Currently, netflix-clone-khaki-seven.vercel.app has been taken offline, mitigating immediate risks. Users are strongly advised to avoid accessing this site and be vigilant against similar brand impersonation scams. Security teams should continue monitoring for related domains and educate users on recognizing phishing attempts. Prompt reporting of suspicious URLs remains essential to reduce exposure to such threats.

## Threat Details
- Verdict: MALICIOUS
- Site status: dead (HTTP ?)
- Target brand: Netflix
- Page title: Netflix || swamithedev

## Domain Intelligence
- Registered: 2026-03-05 13:07:01
- Registrar: Vercel Inc.
- Country: US
- IP: 64.29.17.3
- IP Country: US
- IP City: Walnut
- IP Org: AS16509 Amazon.com, Inc.
- Nameservers: NS_NOT_FOUND
- SSL Issuer: Google Trust Services / WR1

## Detection Status
- VirusTotal: 22 vendors flagged
  Vendors: ["ADMINUSLabs", "Criminal IP", "alphaMountain.ai", "BitDefender", "CyRadar", "ESET", "Emsisoft", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Google Safebrowsing", "Gridinsoft", "Kaspersky", "Lionic", "MalwareURL", "Mimecast", "Netcraft", "SafeToOpen", "Sophos", "Trustwave", "VIPRE", "Webroot"]
- Google Safe Browsing: FLAGGED
- Blocklists: 2 hits
  Lists: ["PhishDestroy", "Phishunt"]

## Evidence
- Screenshot: https://urlscan.io/screenshots/019cbdf4-33cb-73cc-ad40-2dbed35c8cbd.png
- Cloudflare Radar: https://radar.cloudflare.com/domains/netflix-clone-khaki-seven.vercel.app
- Wayback Machine: https://web.archive.org/web/https://netflix-clone-khaki-seven.vercel.app
- PhishDestroy: https://phishdestroy.io/domain/netflix-clone-khaki-seven.vercel.app/
- LLM endpoint: https://phishdestroy.io/domain/netflix-clone-khaki-seven.vercel.app/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/netflix-clone-khaki-seven.vercel.app/
Last updated: 2026-03-19