netflix.iqbalpa.com Open in urlscan Pro
76.76.21.98 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://netflix.iqbalpa.com/
Submission: On July 13 via manual (July 13th 2024, 8:32:39 am UTC) from HU — Scanned from FI

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 76.76.21.98, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is netflix.iqbalpa.com.
TLS certificate: Issued by R10 on July 11th 2024. Valid for: 3 months.

This is the only time netflix.iqbalpa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
6	76.76.21.98 76.76.21.98	16509 (AMAZON-02) (AMAZON-02)
3	45.57.91.1 45.57.91.1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	36.93.244.35 36.93.244.35	7713 (TELKOMNET...) (TELKOMNET-AS-AP PT Telekomunikasi Indonesia)
10	3

6 76.76.21.98 (Walnut, United States)

ASN16509 (AMAZON-02, US)

netflix.iqbalpa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.57.91.1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 36.93.244.35 (Sukabumi, Indonesia)

ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID)

occ-0-6701-64.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	iqbalpa.com netflix.iqbalpa.com	3 MB
3	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 3867	194 KB
1	nflxso.net occ-0-6701-64.1.nflxso.net — Cisco Umbrella Rank: 522957	263 KB
10	3

	Domain	Requested by
6	netflix.iqbalpa.com	netflix.iqbalpa.com
3	assets.nflxext.com
1	occ-0-6701-64.1.nflxso.net
10	3

This site contains no links.

Subject Issuer	Validity	Valid
netflix.iqbalpa.com R10	`2024-07-11` - `2024-10-09`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2024-06-19` - `2024-07-24`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://netflix.iqbalpa.com/
Frame ID: CC57D75A396EE28E6C5893E715113DEB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3493 kB
Transfer

3603 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
netflix.iqbalpa.com/ 642 B
876 B 532ms
354ms Document
text/html 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix.iqbalpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e066947c784da725c3803127f87d548f82c93fd7b116ab00c4049c37b8036509

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 192325
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-length: 642
content-type: text/html; charset=utf-8
date: Sat, 13 Jul 2024 08:32:31 GMT
etag: "25bdfa76d8fb59317d3f684f9ef9b1b7"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: arn1::4s8rr-1720859551294-0e36db433224

GET
H2 200 main.7970ff46.js Show response
netflix.iqbalpa.com/static/js/ 160 KB
54 KB 316ms
316ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix.iqbalpa.com/static/js/main.7970ff46.js

Requested by

Host: netflix.iqbalpa.com
URL: https://netflix.iqbalpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0f26874579ecde789f151051d05b497844b27fabb98b42b65f8b30c985302598

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 08:32:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::vlcns-1720859551729-0147e04c36dd
age: 192325
etag: W/"c2214dc6d1e3a59ce9a0a8a0e559417c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.7970ff46.js"

GET
H2 200 main.86461680.css
netflix.iqbalpa.com/static/css/ 9 KB
3 KB 138ms
138ms Stylesheet
text/css 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix.iqbalpa.com/static/css/main.86461680.css

Requested by

Host: netflix.iqbalpa.com
URL: https://netflix.iqbalpa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1545a50991f45f17536f351e6a22be257f81f40de10e0e5ace0ae65a8915b39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 08:32:31 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::4s8rr-1720859551679-dc37e6c7abc4
age: 192325
etag: W/"d171248d2cffcf90e864c8290dbca119"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.86461680.css"

GET
H2 200 netflix-logo.b8299f5ddba8f0db2953.png
netflix.iqbalpa.com/static/media/ 11 KB
11 KB 92ms
90ms Image
image/png 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflix.iqbalpa.com/static/media/netflix-logo.b8299f5ddba8f0db2953.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

758cae6893433b03ad9b3e89ea7458884415e279a26a1289a6b1bc23a7600315

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 08:32:32 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::bq97r-1720859552003-6609894a0d84
age: 192323
etag: "38777045889cd4d71c421c44907a8b26"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="netflix-logo.b8299f5ddba8f0db2953.png"
accept-ranges: bytes
content-length: 11435

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 1773ms
133ms Image
image/png 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 08:32:33 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Sat, 20 Jul 2024 08:32:34 GMT

GET
H/1.1 200
OK mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 48 KB
49 KB 1773ms
133ms Image
image/jpeg 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 08:32:33 GMT
Last-Modified: Wed, 14 Aug 2019 17:59:05 GMT
Server: nginx
Content-MD5: pIMz1DwZYS7WGYf6Xb/zxQ==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49614
Expires: Sat, 20 Jul 2024 08:32:34 GMT

GET
H/1.1 200
OK device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 1772ms
132ms Image
image/png 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 08:32:33 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Sat, 20 Jul 2024 08:32:34 GMT

GET
H/1.1 200
OK AAAABfpnX3dbgjZ-Je8Ax3xn0kXehZm_5L6-xe6YSTq_ucht9TI5jwDMqusWZKNYT8DfGudD0_wWVVTFLiN2_kaQJumz2iivUWbIbAtF.png
occ-0-6701-64.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ 263 KB
263 KB 2098ms
285ms Image
image/png 36.93.244.35
TELKOMNET-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://occ-0-6701-64.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/AAAABfpnX3dbgjZ-Je8Ax3xn0kXehZm_5L6-xe6YSTq_ucht9TI5jwDMqusWZKNYT8DfGudD0_wWVVTFLiN2_kaQJumz2iivUWbIbAtF.png?r=11f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.93.244.35 Sukabumi, Indonesia, ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID),
Reverse DNS
Software: nginx /
Resource Hash: 50803a486b17eb4696683745a65ccbaa85392cb97c4f773ddee4dda8d694a42e

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 13 Jul 2024 08:32:33 GMT
Last-Modified: Wed, 20 Jul 2022 22:34:04 GMT
Server: nginx
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "3da9bb52f0be925ec4f2d172af4ffe11"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public, s-maxage=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 269111

GET
H2 200 landing-page.3a25aa77c4b6c92dad5a.png
netflix.iqbalpa.com/static/media/ 3 MB
3 MB 106ms
106ms Image
image/png 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflix.iqbalpa.com/static/media/landing-page.3a25aa77c4b6c92dad5a.png

Requested by

Host: netflix.iqbalpa.com
URL: https://netflix.iqbalpa.com/static/css/main.86461680.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

db06d5ba3f93ea1073915c409328872da2768ac3ed495fef3278a02378fe3e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://netflix.iqbalpa.com/static/css/main.86461680.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 08:32:32 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::hws4l-1720859552003-b1483da74c9e
age: 192323
etag: "5ad93018e83d723ade42cbc173aeb8a0"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="landing-page.3a25aa77c4b6c92dad5a.png"
accept-ranges: bytes
content-length: 3026062

GET
H2 200 favicon.ico
netflix.iqbalpa.com/ 10 KB
9 KB 1579ms
1579ms Other
image/vnd.microsoft.icon 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix.iqbalpa.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a1e67c9c0dc473f681d556ae615cce7100c144fc8107da03da6504a5cf352cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://netflix.iqbalpa.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 08:32:32 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::ftcvs-1720859552056-35bf88b8cfcb
age: 134824
etag: W/"e2a0619d7d0d62a9eb1880971328f101"
x-vercel-cache: HIT
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="favicon.ico"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunknetflix

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
netflix.iqbalpa.com
occ-0-6701-64.1.nflxso.net
36.93.244.35
45.57.91.1
76.76.21.98
0f26874579ecde789f151051d05b497844b27fabb98b42b65f8b30c985302598
1545a50991f45f17536f351e6a22be257f81f40de10e0e5ace0ae65a8915b39d
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
50803a486b17eb4696683745a65ccbaa85392cb97c4f773ddee4dda8d694a42e
758cae6893433b03ad9b3e89ea7458884415e279a26a1289a6b1bc23a7600315
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
a1e67c9c0dc473f681d556ae615cce7100c144fc8107da03da6504a5cf352cba
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
db06d5ba3f93ea1073915c409328872da2768ac3ed495fef3278a02378fe3e0e
e066947c784da725c3803127f87d548f82c93fd7b116ab00c4049c37b8036509

netflix.iqbalpa.com Open in urlscan Pro 76.76.21.98 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

3493 kBTransfer

3603 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

netflix.iqbalpa.com Open in urlscan Pro
76.76.21.98 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3493 kB
Transfer

3603 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!