![](/screenshots/f1e9e0e3-317a-471b-b6b0-6f39a7186e33.png)
www.netflixindirim.com
Open in
urlscan Pro
166.62.6.49
Malicious Activity!
Public Scan
Submission: On June 17 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 17th 2019. Valid for: a year.
This is the only time www.netflixindirim.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 166.62.6.49 166.62.6.49 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
4 | 2a02:26f0:6c0... 2a02:26f0:6c00:286::33c4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN - Netflix Streaming Services Inc.) | |
2 | 2a01:578:3::3... 2a01:578:3::341f:2de8 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
24 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-166-62-6-49.ip.secureserver.net
www.netflixindirim.com |
ASN20940 (AKAMAI-ASN1, US)
assets.nflxext.com | |
ae.nflximg.net |
ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US)
codex.nflxext.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
www.netflix.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
netflixindirim.com
www.netflixindirim.com |
772 KB |
5 |
nflxext.com
assets.nflxext.com codex.nflxext.com |
791 KB |
2 |
netflix.com
www.netflix.com |
1 KB |
1 |
nflximg.net
ae.nflximg.net |
|
24 | 4 |
Domain | Requested by | |
---|---|---|
16 | www.netflixindirim.com |
www.netflixindirim.com
|
3 | assets.nflxext.com |
www.netflixindirim.com
|
2 | www.netflix.com |
www.netflixindirim.com
|
2 | codex.nflxext.com |
www.netflixindirim.com
|
1 | ae.nflximg.net |
www.netflixindirim.com
|
24 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.netflix.com |
garantisubem.com |
help.netflix.com |
media.netflix.com |
ir.netflix.com |
jobs.netflix.com |
fast.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
netflixindirim.com Go Daddy Secure Certificate Authority - G2 |
2019-06-17 - 2020-06-17 |
a year | crt.sh |
assets.nflxext.com DigiCert SHA2 Secure Server CA |
2018-03-09 - 2020-03-09 |
2 years | crt.sh |
*.1.nflxso.net DigiCert SHA2 Secure Server CA |
2019-05-08 - 2019-06-27 |
2 months | crt.sh |
www.netflix.com DigiCert SHA2 Secure Server CA |
2018-02-07 - 2020-02-07 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.netflixindirim.com/
Frame ID: 54EFE4E37D96B0268FAE46228E114CF6
Requests: 23 HTTP requests in this frame
Frame:
https://ae.nflximg.net/monet/scripts/adtech_iframe_target_04.html?data=%7B%22is_member%22%3A%22anonymous%22%2C%22membership_status%22%3A%22NON_REGISTERED_MEMBER%22%2C%22session%22%3A%22n%2Fa%22%2C%22country%22%3A%22US%22%2C%22referrer%22%3A%22nmLanding%22%2C%22source%22%3A%22%22%2C%22fbaId%22%3A%2278d17348-921f-4897-839a-df1b64649e69%22%7D
Frame ID: D7BE5312D2154F53307D2EA670A23A84
Requests: 1 HTTP requests in this frame
19 Outgoing links
These are links going to different origins than the main page.
Title: Netflix
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Title: 30 GÜN ÜCRETSİZ DENEYİN
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Account
Search URL Search Domain Scan URL
Title: Media Center
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Gift Cards
Search URL Search Domain Scan URL
Title: Ways to Watch
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Preferences
Search URL Search Domain Scan URL
Title: Corporate Information
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Speed Test
Search URL Search Domain Scan URL
Title: Legal Notices
Search URL Search Domain Scan URL
Title: Netflix Originals
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.netflixindirim.com/ |
75 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none(1)
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
14 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none(2)
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
56 KB 17 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteDetect
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
0 82 B |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
114 KB 17 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
US-en-20180917-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/b09c7d01-44a8-4786-93e6-90c9bc7a4c0a/558e5776-1f8d-4b60-863c-108bedacbdd9/ |
363 KB 364 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset_cancelanytime_withdevice.png
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
169 KB 171 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset_TV_UI.png
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
242 KB 244 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset_mobile_tablet_UI_2.png
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
119 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset_website_UI.png
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
170 KB 171 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DebugEvent
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
0 49 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DebugEvent(1)
www.netflixindirim.com/Netflix%20-%20Watch%20TV%20Shows%20Online,%20Watch%20Movies%20Online_files/ |
0 73 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteDetect
www.netflixindirim.com/ichnaea/cl2/freeform/ |
351 B 379 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteScreen
www.netflixindirim.com/ichnaea/cl2/freeform/ |
351 B 401 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chevron-right-whitespace.png
assets.nflxext.com/ffe/siteui/acquisition/home/ |
216 B 403 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-v0df333bf/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4Y034Q4r4p4c4t4F07484y4X060s014Z4x4k4A4u0c4O4M4K4g4z4n4C4i4h17024T/l/true/ |
1 MB 325 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-v0df333bf/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0z0O030H080w0G0T0W0P0I0U0N0V0_/none/true/ |
176 KB 29 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DebugEvent
www.netflixindirim.com/ichnaea/cl2/freeform/ |
348 B 348 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteTTI
www.netflixindirim.com/ichnaea/cl2/freeform/ |
348 B 376 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DebugEvent
www.netflixindirim.com/ichnaea/cl2/freeform/ |
348 B 348 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adtech_iframe_target_04.html
ae.nflximg.net/monet/scripts/ Frame D7BE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
cl2
www.netflix.com/ichnaea/ |
0 0 |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cl2
www.netflix.com/ichnaea/ |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| netflix object| Codex object| C object| global object| process object| __core-js_shared__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ae.nflximg.net
assets.nflxext.com
codex.nflxext.com
www.netflix.com
www.netflixindirim.com
166.62.6.49
2a00:86c0:2090::1
2a01:578:3::341f:2de8
2a02:26f0:6c00:286::33c4
103646e75938c72c1e14b79899b6a6ae8050f255a35fefadae283e55b2b48127
42e8a4b822717b382a3990fd9ec89fcd2b1cdb14faa9d2a5158617837b4dc677
440cc27903d9e36897d008725186ff70f95fc40411e8631df89974400666b889
55bc0f00df3c8622dc3ea9146aadf47791ea0730f1a98f452f4843366bc894b9
683a009225aa7261784c9028ccbd33fcd6f4c5da296eac1281f4085249f3571d
7ad8c8c2d47662b3de7b09f5c789b09cbe453c66f7fa6fde6c9c7ab6c77bc3d1
8fc5d3471cdc4528648c8c143710397e1a6cd0a8c9743e32914e8f5ff5d5f9c9
976d7eb52a1b2919d1692898062a4006f904cfeace77697cf4d9edf5470e51d8
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
a0697fba47a777af8b13c7e83dba14ecd40ae75a225a744de20017729594fb35
c12b186e660a2ab83e7619cea71a9e1a22b7b9b62fdf7f1bb106dfead95ca696
ccd38d8104f6f128c3d076c2cd9185ac686a068fcd19aafe717ed20b268c16f2
cd65a77c69e41af10a472a82934cbbeb226cd7d52b7914a00a7a762a87381a9b
d0a1d3ab0e60382d7cd4c92eea1d6381b9b71b5c403a95877d67fff18ac6779d
e2f2a2e6c4b3ffff97e6f51606e756d9a888de438c1bf8eeaf68425df8112038
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f91f9b912721d13e879269b58530a681c52ad1c33efc31903e61bf1e94f14ff1
fcb40d090bcfa2ef6b71c945cc84cb6c339b8b5b053df9e7d759961257dd9b8d