diff --git a/indicators/netflix-n3s7h9g2.yml b/indicators/netflix-n3s7h9g2.yml
new file mode 100644
index 00000000..8c46b061
--- /dev/null
+++ b/indicators/netflix-n3s7h9g2.yml
@@ -0,0 +1,24 @@
+title: Netflix Phishing Kit n3s7h9g2
+description: |
+    Phishing kit for Netflix credentials with assets hosted on ImgBB.
+   
+references:
+    - https://urlscan.io/result/859d4083-fb92-4c14-a01f-dd16bb7c461e
+    - https://urlscan.io/result/ffbabb8f-5397-4c01-8731-582ab3ecbb24
+    - https://urlscan.io/search/#hash%3Acaf69067b53f840529b7cc3a2494e90878dc9f62307fc458dd893fac746d37a0%20%7C%7C%20hash%3Ae80af08a4fc42043410733f64494a8094c202e1f8cf1fc2edfd39f40cf4124bd
+
+detection:
+
+  pageTitle:
+      title|contains: "Netflix"
+
+  assets:
+      dom|contains:
+        - "i.ibb.co/vXqDmnh/background.jpg"
+        - "i.ibb.co/r5krrdz/logo.png"
+
+  condition: all of them
+
+tags:
+  - kit
+  - target.netflix