38+ Detection Methods Across 9 Dimensions

Clone Detector employs a comprehensive multi-layer detection system that analyzes potential clones across 9 critical dimensions using 38+ specialized analysis methods.

Start Free – Get 10 Credits

No credit card required. 10 free credits included.

12+ Fuzzing Techniques
6 Visual Algorithms
9 Analysis Dimensions
38+ Detection Methods

Domain Discovery & Fuzzing

We start by generating and validating hundreds of potential clone domains using 12+ advanced techniques

Typosquatting

Exploits common typing mistakes – missed keys, adjacent key presses, transposed characters

google.com → gogle.com

Homoglyphs

Cyrillic, Greek, and Unicode characters that look identical to Latin letters

google.com → gооgle.com (Cyrillic ‘о’)

Bitsquatting

Exploits hardware bit-flip errors – memory corruption redirects to malicious sites

google.com → gmogle.com

Hyphenation

Strategic hyphen insertion creates convincing variations

paypal.com → pay-pal.com

TLD Swaps

Common TLD variations – .com/.net/.org/.io/.co and country codes

example.com → example.net

Addition/Repetition

Extra characters that users might not notice

google.com → googgle.com

Omission

Missing characters from common typing errors

facebook.com → facebok.com

Replacement

Leet speak substitutions (1 for l, 0 for o)

google.com → goog1e.com

Vowel Swap

Vowel substitutions exploit pronunciation-based memory

amazon.com → amezon.com

Subdomain Attacks

Legitimate domain as subdomain of malicious domain

google.com-login.phish.com

Transposition

Swapped adjacent characters from fast typing

google.com → gogole.com

Combo Techniques

Multiple techniques combined for sophisticated variations

paypal.com → pay-pa1.com
🎨

Visual Similarity Analysis

6 Algorithms for Comprehensive Visual Clone Detection

Multi-method visual analysis catches everything from pixel-perfect copies to sophisticated redesigns. We capture both desktop (1920×1080) and mobile (375×667) screenshots for comprehensive analysis.

🔷 SSDeep Fuzzy Hashing

Context-triggered piecewise hashing detects similar but modified screenshots – catches partial clones and variations

🔶 Perceptual Hashing (pHash)

DCT-based visual fingerprinting resistant to minor modifications, resizing, and compression artifacts

🌊 Wavelet Hashing (wHash)

Frequency-domain analysis detects visual similarity across different scales and resolutions

⚡ Average Hash (aHash)

Fast initial filtering for quick pre-screening of potential matches before deeper analysis

🎯 SIFT Keypoint Detection

Feature matching identifies stolen logos, icons, and distinctive visual elements even when resized or rotated

🎨 Color Histogram Analysis

Brand color palette matching using Bhattacharyya distance measures – catches brand impersonation

📄

Content Intelligence

7 Methods for Deep HTML, CSS, and JavaScript Analysis

Deep content analysis detects code theft, template cloning, and malicious patterns hidden in website structure.

🖼️ Logo Detection

ML-based brand logo extraction and identification across all images on the page

🏗️ DOM Structure Analysis

HTML template fingerprinting via structural hashing detects copied layouts and page structures

🎨 CSS Analysis

Stylesheet comparison and framework detection (Bootstrap, Tailwind, custom CSS theft)

📝 HTML Tags Analysis

Tag distribution and metadata comparison reveals template theft and copied structures

⭐ Favicon Detection

Brand identifier matching across all favicon formats (.ico, .png, Apple Touch icons)

📄 Text Content Similarity

Plagiarism detection using Jaccard similarity, Cosine similarity, and TF-IDF algorithms

⚠️ JavaScript Security

Obfuscation and malicious pattern detection: entropy scoring, code injection, 9+ obfuscation technique identification

🔒

Certificate Intelligence

4 Methods for SSL/TLS Security Analysis

SSL/TLS certificate and trust infrastructure analysis identifies suspicious certificate patterns common in phishing sites.

🔍 Certificate Transparency

CT log monitoring tracks suspicious certificate issuances for your brand name and variations

📅 Certificate Age

Issuer reputation and validity period analysis – newly issued certificates are a major red flag

🔗 Certificate Chain

Certificate hierarchy and trust path verification – detects self-signed and untrusted chains

🔒 TLS Security

Protocol version, cipher strength, and vulnerability assessment (weak configs indicate suspicious sites)

🌐

Domain Intelligence

6 Methods for Registration, DNS, and Hosting Analysis

Deep investigation of domain registration, DNS configuration, IP addresses, and hosting providers reveals suspicious patterns.

📋 WHOIS Analysis

Registration data, registrar reputation, and privacy protection detection – hidden WHOIS is a red flag

🌐 DNS Records

Name server configuration, MX records, and DNS security assessment (DNSSEC, SPF, DMARC)

🗺️ IP Geolocation

Physical location mapping of hosting infrastructure – geographic anomalies indicate suspicious hosting

🔢 ASN Analysis

Autonomous system and ISP identification – some networks are known for hosting malicious content

🏢 Hosting Reputation

Host provider risk assessment and reputation scoring based on abuse reports and takedown history

⏱️ Domain Age

Registration date and maturity scoring – newly registered domains are significantly higher risk

🔐

Behavioral Analysis

4 Methods for Website Functionality Analysis

Analysis of website functionality and security behavior identifies credential harvesting and malicious redirect patterns.

🔐 Login Form Detection

Basic and advanced credential harvesting attempt identification – password fields, fake login forms

🔄 Redirect Analysis

Redirect chain tracking (max 10 hops), loop detection, and external redirect identification

🖼️ Iframe Detection

Embedded content analysis and external iframe identification – hidden iframes are a critical indicator

📤 Form Action Analysis

Form submission URL inspection – forms posting to external domains is a critical phishing indicator

Risk Scoring Algorithm

Weighted 6-category scoring system produces a 0-100 risk score for each potential clone

30%

Visual Similarity

Screenshot and design matching

20%

Domain Intelligence

Registration and hosting analysis

15%

Certificate Analysis

SSL/TLS security assessment

15%

Content Analysis

Code and structure comparison

10%

Behavioral Analysis

Functionality and redirects

10%

Threat Intelligence

Blacklist and reputation checks

Coming Soon

Next-generation features in active development

🤖 Deep Learning Similarity

ResNet/VGG transfer learning for semantic visual comparison – understands design intent, not just pixels

🛡️ AlienVault OTX

Community threat intelligence feed with 100,000+ indicators of compromise

🎣 OpenPhish Database

Real-time phishing detection against 5,000-15,000 active phishing URLs

🔬 VirusTotal API

File and URL reputation checking via 90+ antivirus engines

🔒 Google Safe Browsing

Google’s official phishing/malware blacklist (40B+ URLs checked daily)

🆕 NRD Feeds

Newly Registered Domain tracking for early threat detection

📈 Interactive Visualizations

Risk charts, similarity graphs, and data treemaps for deeper analysis

🔔 Webhook Integration

Real-time scan completion notifications for your security tools

🔌 REST API Platform

Comprehensive API for third-party integrations and automation

🧩 Browser Extension

One-click analysis from any webpage you visit

🧠 Machine Learning

Trained models for predictive phishing risk assessment

📱 Mobile Application

iOS/Android native applications for on-the-go scanning

Protect Your Brand Today

Don’t wait for customers to report phishing attacks. Discover threats proactively with Clone Detector’s 38+ detection methods.

Start Free – Get 10 Credits

No credit card required. 10 free credits included.