![](/screenshots/92e8dbfa-2198-4f19-ac18-23b776af3538.png)
mrfuga.com
Open in
urlscan Pro
66.29.141.134
Malicious Activity!
Public Scan
Submission: On December 29 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 22nd 2022. Valid for: a year.
This is the only time mrfuga.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 66.29.141.134 66.29.141.134 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
14 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
10 | 2606:4700::68... 2606:4700::6810:9440 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:86c0:206... 2a00:86c0:2068:2068::131 | 2906 (AS-SSI) (AS-SSI) | |
1 | 2606:4700::68... 2606:4700::6812:1a55 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2600:141b:f00... 2600:141b:f000:589::33c4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2600:1f18:631... 2600:1f18:631e:2f83:49ee:beaa:2dfd:ae8f | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2406:da00:ff0... 2406:da00:ff00::22c7:5f77 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:809::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2607:f8b0:400... 2607:f8b0:4006:823::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.176.194 142.250.176.194 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:81c::2004 | 15169 (GOOGLE) (GOOGLE) | |
45 | 12 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium214-3.web-hosting.com
mrfuga.com |
ASN14618 (AMAZON-AES, US)
www.netflix.com |
ASN14618 (AMAZON-AES, US)
ichnaea-web.netflix.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
www.googleadservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 748 |
2 MB |
10 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 682 |
155 KB |
8 |
mrfuga.com
mrfuga.com |
42 KB |
4 |
netflix.com
www.netflix.com — Cisco Umbrella Rank: 1482 ichnaea-web.netflix.com — Cisco Umbrella Rank: 2268 |
2 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 16 |
656 B |
2 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 |
3 KB |
2 |
nflximg.net
ae.nflximg.net — Cisco Umbrella Rank: 22294 |
5 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 175 |
2 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123 |
69 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1036 |
306 B |
1 |
nflxso.net
occ-0-1323-2705.1.nflxso.net |
257 KB |
45 | 11 |
Domain | Requested by | |
---|---|---|
14 | assets.nflxext.com |
mrfuga.com
assets.nflxext.com |
10 | cdn.cookielaw.org |
mrfuga.com
cdn.cookielaw.org |
8 | mrfuga.com |
mrfuga.com
assets.nflxext.com |
2 | www.google.com |
ae.nflximg.net
|
2 | googleads.g.doubleclick.net |
1 redirects
www.googletagmanager.com
|
2 | ichnaea-web.netflix.com |
ae.nflximg.net
|
2 | www.netflix.com |
ae.nflximg.net
|
2 | ae.nflximg.net |
assets.nflxext.com
ae.nflximg.net |
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
ae.nflximg.net
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | occ-0-1323-2705.1.nflxso.net |
mrfuga.com
|
45 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
media.netflix.com |
ir.netflix.com |
jobs.netflix.com |
fast.com |
www.netflix.com |
optout.aboutads.info |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mrfuga.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-22 - 2023-08-22 |
a year | crt.sh |
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2022-12-23 - 2023-01-26 |
a month | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2022-05-01 - 2023-05-01 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2022-12-13 - 2023-12-13 |
a year | crt.sh |
assets.nflxext.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-08 - 2023-03-11 |
a year | crt.sh |
www.netflix.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-12-14 - 2024-01-14 |
a year | crt.sh |
ichnaea-web.netflix.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-01-09 - 2023-02-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://mrfuga.com/
Frame ID: 721E8C8564721065F780FBCB10DDCAA9
Requests: 34 HTTP requests in this frame
Frame:
https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DO%22%2C%22region_code%22%3A%2204%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Frame ID: F040EC4DA979B1BB7C3B1A927005EF05
Requests: 2 HTTP requests in this frame
Frame:
https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DO%22%2C%22region_code%22%3A%2204%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Frame ID: 607A3A4E36BDCF710AE091B04BD89314
Requests: 7 HTTP requests in this frame
Screenshot
![](/screenshots/92e8dbfa-2198-4f19-ac18-23b776af3538.png)
Page Title
Netflix República Dominicana: Ve series online, ve pelÃculas onlineBack ButtonFilter ButtonDetected technologies
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/OneTrust.png)
Detected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Preguntas frecuentes
Search URL Search Domain Scan URL
Title: Centro de ayuda
Search URL Search Domain Scan URL
Title: Prensa
Search URL Search Domain Scan URL
Title: Relaciones con inversionistas
Search URL Search Domain Scan URL
Title: Empleo
Search URL Search Domain Scan URL
Title: Términos de uso
Search URL Search Domain Scan URL
Title: Privacidad
Search URL Search Domain Scan URL
Title: Información corporativa
Search URL Search Domain Scan URL
Title: Contáctanos
Search URL Search Domain Scan URL
Title: Prueba de velocidad
Search URL Search Domain Scan URL
Title: Avisos legales
Search URL Search Domain Scan URL
Title: Solo en Netflix
Search URL Search Domain Scan URL
Title: Cookies and Internet Advertising
Search URL Search Domain Scan URL
Title: here.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 40- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1475346625&cv=11&fst=1672326465475&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1600&u_h=1200&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DO%2522%252C%2522region_code%2522%253A%252204%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D>m_ee=1&auid=914246893.1672326465&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Qa2tY_PrKNHs_gTCyr3gDw&sscte=1&crd=&pscrd=Ek5DaEVJZ0pLMW5RWVFwLWJ6LTdyLTU3Q05BUklsQUFvQ0h5SlNxaHpSX1JSU2hpY3FXbkY2Qy14MWM0ckp1cS1HVENLcWxzTTZ2VkZQTWcaV0NoQUlnSksxblFZUTQ5RFQ5N3V0M1paaEVpMEEyNnRWaExIYk5pODlsVzQxcGNDSEM5OFJhRmNPMFU0bHJqQy1TTXNBRVBLTk40M0V5TGhyV3p5TEw2dw HTTP 302
- https://www.google.com/pagead/1p-conversion/981179826/?random=1475346625&cv=11&fst=1672326465475&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1600&u_h=1200&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DO%2522%252C%2522region_code%2522%253A%252204%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D>m_ee=1&auid=914246893.1672326465&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0pLMW5RWVFwLWJ6LTdyLTU3Q05BUklsQUFvQ0h5SlNxaHpSX1JSU2hpY3FXbkY2Qy14MWM0ckp1cS1HVENLcWxzTTZ2VkZQTWcaV0NoQUlnSksxblFZUTQ5RFQ5N3V0M1paaEVpMEEyNnRWaExIYk5pODlsVzQxcGNDSEM5OFJhRmNPMFU0bHJqQy1TTXNBRVBLTk40M0V5TGhyV3p5TEw2dw&is_vtc=1&ocp_id=Qa2tY_PrKNHs_gTCyr3gDw&cid=CAQSKQDq26N9lMgKLOOSD6yEplKm35xsg6dtLZQRHrGwzTZOlC456WI7OpYdIBM&random=2810340487
45 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mrfuga.com/ |
271 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nmhpFrameworkClient.js.378b5d70fc49dfc3193b.js
assets.nflxext.com/web/ffe/wp/signup/nmhp/ |
1 MB 370 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteDetect
mrfuga.com/personalization/cl2/freeform/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error-page.b4d75d715f60a9ee1887.css
assets.nflxext.com/web/ffe/wp/less/core/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nmhp.f79954211b07a8be8845.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ |
85 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DO-es-20220912-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/a795ee10-8c6d-467c-8159-254be2b69013/630baf3a-e751-4321-82df-040b34ad2632/ |
333 KB 334 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AAAABWhA7S8gKgO2_QQSYRTfuHJsMzqlrD0dFYILnwCBe0hjblWT1cNH7K1cDnOR_6ogaNeR404obloJ4HjEw-V-7ngs_k7W1kNNv89C.png
occ-0-1323-2705.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ |
257 KB 257 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteDetect
mrfuga.com/personalization/cl2/freeform/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteScreen
mrfuga.com/personalization/cl2/freeform/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
87b6a5c0-0104-4e96-a291-092c11350111.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ |
5 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
264 KB 264 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
260 KB 260 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
68 B 306 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/ |
383 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log
mrfuga.com/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/8aced6fe-192c-4ab5-80ee-76de7ecfa812/ |
53 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ |
62 KB 13 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ |
497 B 489 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Netflix_Logo_PMS.png
cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/ |
16 KB 16 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adtech_iframe_target_05.html
ae.nflximg.net/monet/scripts/ Frame F040 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
log
www.netflix.com/ichnaea/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log
www.netflix.com/ichnaea/ Frame F040 |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
netflix_tag_05.html
ae.nflximg.net/monet/scripts/ Frame 607A |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
ichnaea-web.netflix.com/ Frame 607A |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Frame 607A |
190 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
log
ichnaea-web.netflix.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/ Frame 607A |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.googleadservices.com/pagead/conversion/981179826/ Frame 607A |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/981179826/ Frame 607A |
42 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-conversion/981179826/ Frame 607A Redirect Chain
|
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cl2
mrfuga.com/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log
mrfuga.com/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cl2
mrfuga.com/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontentvisibilityautostatechange object| OneTrustStub function| OptanonWrapper object| netflix string| __public_path__ object| webpackChunkshakti function| _ object| util string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nflximg.net/ | Name: _gcl_au Value: 1.1.914246893.1672326465 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUne41eVGWHCdtOBfJob2mlTMVNtBojACNYxOPWS4JIj85R5anWy8XAUp8kn |
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ae.nflximg.net
assets.nflxext.com
cdn.cookielaw.org
geolocation.onetrust.com
googleads.g.doubleclick.net
ichnaea-web.netflix.com
mrfuga.com
occ-0-1323-2705.1.nflxso.net
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.netflix.com
142.250.176.194
2406:da00:ff00::22c7:5f77
2600:141b:f000:589::33c4
2600:1f18:631e:2f83:49ee:beaa:2dfd:ae8f
2606:4700::6810:9440
2606:4700::6812:1a55
2607:f8b0:4006:809::2008
2607:f8b0:4006:81c::2004
2607:f8b0:4006:823::2002
2a00:86c0:2068:2068::131
2a00:86c0:2090::1
66.29.141.134
00480ed606988d8870d095c6ca94303089b007f561f6c689cce63b7415046925
04ba36a50a636c242dbbbd01842bba522f925cf22feb0c720e600bd18c68cbb9
0b4e880f278bb92082621b91784c10c5d3e34dd31f24e3c1ce1c8c16ed308e4e
1d5e8e4516ce4e4462fe724f7afcce689d3a1f024028f14a0a895fb0216d7a72
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2390acb31de1fd7a3714ea1f198e07648a684d9ad3c36b6f7e697d451354088d
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
46906a172b230be72a609fb98f3689e0baaa3292de25181121d75df0f84bf644
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5267be7e9da2401cb8414e0b87c724e04389189887eaa53f32074e6e0c32e02f
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
71cfd0bf781e3f393bca283fc9d44777a2036985a4ffe9abedf14909e63a8aef
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
abafd08c3108ad88c9ef1ff2b7ef059332e22d8810e754937de1e99d3b639119
aec27c9550c8a589347e227629b61bcc3443030ed883645a01deeeac97d6d2e0
b3939443c43a344c2a30ed6eb3e2c60b2b17a31564fb1301f5a73264ef29bb6c
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
b6a61797dbad2d137b995777a886b7bca81c1c8923fdd466784b949b4100c862
b7bf6b39988461fcd1448d5a9e81d4cb05eeef456a41b1cc74a5cf8155b222e0
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c50d81f310847f9dd5c054871180b211c7f4a9eccbb42ee95f9574880b56ef73
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c092e59d602dba2db3b338498698cd986daf65629d7c68bcc2a6ea177607ec