![](/screenshots/0fe1e687-7849-4268-aa7c-a7f66c961854.png)
netfliix-arr.com
Open in
urlscan Pro
2606:4700:3032::6815:1220
Malicious Activity!
Public Scan
Effective URL: https://netfliix-arr.com/
Submission Tags: #phishing @phishunt_io Search All
Submission: On June 17 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on June 16th 2022. Valid for: 3 months.
This is the only time netfliix-arr.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 2606:4700:303... 2606:4700:3032::6815:1220 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2a00:86c0:209... 2a00:86c0:2091::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
6 | 2606:4700::68... 2606:4700::6810:9540 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2800:810:202:... 2800:810:202:7::110 | 27747 (Telecentr...) (Telecentro S.A.) | |
1 | 2606:4700:10:... 2606:4700:10::6814:b844 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 6 |
ASN40027 (NETFLIX-ASN, US)
codex.nflxext.com | |
assets.nflxext.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
nflxext.com
codex.nflxext.com — Cisco Umbrella Rank: 13827 assets.nflxext.com — Cisco Umbrella Rank: 3747 |
1 MB |
6 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 489 |
113 KB |
5 |
netfliix-arr.com
1 redirects
netfliix-arr.com |
35 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 818 |
448 B |
1 |
nflxso.net
occ-0-1186-1740.1.nflxso.net |
257 KB |
0 |
netflix.com
Failed
www.netflix.com Failed |
|
30 | 6 |
Domain | Requested by | |
---|---|---|
13 | assets.nflxext.com |
netfliix-arr.com
codex.nflxext.com |
6 | cdn.cookielaw.org |
netfliix-arr.com
cdn.cookielaw.org |
5 | netfliix-arr.com |
1 redirects
netfliix-arr.com
codex.nflxext.com |
4 | codex.nflxext.com |
netfliix-arr.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | occ-0-1186-1740.1.nflxso.net |
netfliix-arr.com
|
0 | www.netflix.com Failed |
netfliix-arr.com
|
30 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
media.netflix.com |
ir.netflix.com |
jobs.netflix.com |
fast.com |
www.netflix.com |
onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netfliix-arr.com E1 |
2022-06-16 - 2022-09-14 |
3 months | crt.sh |
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-18 - 2022-06-23 |
a month | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-01-12 - 2023-01-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://netfliix-arr.com/
Frame ID: 8851B588C37681635FF4022CFD59BE43
Requests: 30 HTTP requests in this frame
Screenshot
![](/screenshots/0fe1e687-7849-4268-aa7c-a7f66c961854.png)
Page Title
Netflix Argentina: Ve series online, ve pelĂculas onlineBack ButtonFilter ButtonPage URL History Show full URLs
-
http://netfliix-arr.com/
HTTP 301
https://netfliix-arr.com/ Page URL
Detected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/OneTrust.png)
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: Preguntas frecuentes
Search URL Search Domain Scan URL
Title: Centro de ayuda
Search URL Search Domain Scan URL
Title: Prensa
Search URL Search Domain Scan URL
Title: Relaciones con inversionistas
Search URL Search Domain Scan URL
Title: Empleo
Search URL Search Domain Scan URL
Title: TĂ©rminos de uso
Search URL Search Domain Scan URL
Title: Privacidad
Search URL Search Domain Scan URL
Title: InformaciĂłn corporativa
Search URL Search Domain Scan URL
Title: Contáctanos
Search URL Search Domain Scan URL
Title: Prueba de velocidad
Search URL Search Domain Scan URL
Title: Avisos legales
Search URL Search Domain Scan URL
Title: Solo en Netflix
Search URL Search Domain Scan URL
Title: Cookies y publicidad en Internet
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://netfliix-arr.com/
HTTP 301
https://netfliix-arr.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
netfliix-arr.com/ Redirect Chain
|
234 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-ve3688f5d/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b38022Q2K052I2V37070l00392U342N2X2S332W2Z2L2F01/bck/true/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-ve3688f5d/js/js/signup%7Cnmhp%7CnmhpFrameworkClient.js/2/0b38022Q2K052I2V37070l00392U342N2X2S332W2Z2L2F01/l/true/ |
1 MB 381 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
WebsiteDetect
www.netflix.com/personalization/cl2/freeform/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-ve3688f5d/css/css/less%7Ccore%7Cerror-page.less/1/amrou4tskneq/none/true/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-ve3688f5d/css/css/less%7Csignup%7Cnmhp%7Cnmhp.less/1/amrou4tskneq/none/true/ |
107 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.6.0/ |
338 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AR-es-20220307-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/87a1d9d8-a21d-4109-ba3a-c10d9055f5cf/38b49e26-340b-4f65-99a9-c4f53c124355/ |
335 KB 335 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AAAABeLa_an51Ptz6LMzNXnM9oDvlKl4yIJQKZJRJ9fVFPpPFK5toVuo-KytXEdqPI64KCph1OKms7nLxtCsXm_CARaR50wx.png
occ-0-1186-1740.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ |
257 KB 257 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteDetect
netfliix-arr.com/personalization/cl2/freeform/ |
278 B 536 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteScreen
netfliix-arr.com/personalization/cl2/freeform/ |
278 B 486 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
87b6a5c0-0104-4e96-a291-092c11350111.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
178 B 448 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
264 KB 264 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
95 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/7bd49a2e-20ff-400d-bb6d-45a39d25cfa3/ |
52 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log
netfliix-arr.com/personalization/ |
278 B 751 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ |
12 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ |
57 KB 14 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
4 KB 4 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
196 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.netflix.com
- URL
- https://www.netflix.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| OneTrustStub function| OptanonWrapper string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| netflix string| __public_path__ object| Codex object| C object| global object| process object| util function| jQuery object| jQuery111102206349937277321 object| Optanon object| OneTrust1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.netfliix-arr.com/ | Name: cL Value: 1655465587898%7C165546558736235007%7C165546558747325025%7C%7C4%7Cnull |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
cdn.cookielaw.org
codex.nflxext.com
geolocation.onetrust.com
netfliix-arr.com
occ-0-1186-1740.1.nflxso.net
www.netflix.com
www.netflix.com
2606:4700:10::6814:b844
2606:4700:3032::6815:1220
2606:4700::6810:9540
2800:810:202:7::110
2a00:86c0:2091::1
04935856454903ee988f8e408f7bd9cc8bfc691efb9cca0b9fcc068e489379d5
1a6622bbfd2f4017f391cae1040e22f99a923116427a0ccb25543581f5d92257
216ee415e27391e75247a6e31acb1bcfc0b6a749176eb2a46dfceba38192516a
297a187b33b3d6a2d3d33f33615be7a6fbd40e01ccf758a1817e8f6b30773ad7
40e60c47d3427729f5bee88ab2c82775076e1c574c1fc458ea676c51dd86a8c2
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
715dfaf30d119b390892371795fb11df7f642d02f341cf0e6756617dc0aceea3
79005ee4ce93a227051153386276a8ca05b4745f14e00107880c43d75b80eac9
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
874e323651908cea8563fd8bc8319fa64f969ac6decb0163235e1958efdc3d8b
8d681d34686a09ddfa097bf82291602946387e92f89d63eca340a457110792f7
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9be11229293e459307ab7a0c57d5b6d885bac6c1aff892d1ea0812139224cc81
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b3a4dc70bc10520f6ee44604172006a9135c042068140612d47e147a681e4fec
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c0d72044272c28d4b7dcbd727fb38a34b73d7a0d5d624086941f05dac7debf95
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6