URL: https://nefprime.com/
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On October 17 via api from IT — Scanned from IT

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 216.250.113.123, located in United States and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is nefprime.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 17th 2024. Valid for: a year.
This is the only time nefprime.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
1 216.250.113.123 8560 (IONOS-AS ...)
19 45.57.90.1 2906 (AS-SSI)
1 45.173.218.130 267828 (Senal Nac...)
21 3
Apex Domain
Subdomains
Transfer
19 nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4879
1 MB
1 nflxso.net
occ-0-5340-3934.1.nflxso.net
248 KB
1 nefprime.com
nefprime.com
24 KB
21 3
Domain Requested by
19 assets.nflxext.com nefprime.com
assets.nflxext.com
1 occ-0-5340-3934.1.nflxso.net nefprime.com
1 nefprime.com
21 3

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
media.netflix.com
ir.netflix.com
jobs.netflix.com
fast.com
www.netflix.com
Subject Issuer Validity Valid
*.nefprime.com
Sectigo RSA Domain Validation Secure Server CA
2024-10-17 -
2025-10-17
a year crt.sh
*.1.nflxso.net
DigiCert Secure Site ECC CA-1
2024-10-13 -
2024-11-17
a month crt.sh

This page contains 1 frames:

Primary Page: https://nefprime.com/
Frame ID: 97936B33E4E9975FDEA911F00C748B2F
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Netflix Guatemala: Ve series online, ve películas online

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1531 kB
Transfer

1723 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nefprime.com/
141 KB
24 KB
Document
General
Full URL
https://nefprime.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.250.113.123 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
perfora.net
Software
Apache /
Resource Hash
a04e040fed22b3cdea05f6053c271744d8ad5bd961a5ea78b4f910299d520dd2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 17 Oct 2024 11:06:47 GMT
etag
W/"233be-624a8a4b2614b"
last-modified
Thu, 17 Oct 2024 09:16:36 GMT
server
Apache
nmhp.a1bcda71010575046231.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/
5 KB
2 KB
Stylesheet
General
Full URL
https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
ab3b3f1c5c419cc52904a972ecdda71f7270196b884b06597ebe0590e0cd91bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Cache-Control
max-age=604801
Timing-Allow-Origin
*
Content-Encoding
gzip
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
1340
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
text/css
Last-Modified
Wed, 28 Feb 2024 14:09:01 GMT
Server
nginx
nmhp-reskin.6a003302aa4c93b29722.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/
523 B
858 B
Stylesheet
General
Full URL
https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp-reskin.6a003302aa4c93b29722.css
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
bcf36fe4e5ddd746faff3173d643fb713f0056a92b4b5e24462865f989c0bac9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Cache-Control
max-age=604801
Timing-Allow-Origin
*
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
523
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
text/css
Last-Modified
Thu, 27 Jul 2023 20:30:51 GMT
Server
nginx
GT-es-20240722-POP_SIGNUP_TWO_WEEKS-perspective_WEB_a72bb443-6c64-4a76-9700-33f4552479d5_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/21a8ba09-4a61-44f8-8e2e-70e949c00c6f/315dd218-d92f-4b80-a30d-1f041c4099a5/
388 KB
389 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/vlv3/21a8ba09-4a61-44f8-8e2e-70e949c00c6f/315dd218-d92f-4b80-a30d-1f041c4099a5/GT-es-20240722-POP_SIGNUP_TWO_WEEKS-perspective_WEB_a72bb443-6c64-4a76-9700-33f4552479d5_large.jpg
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
5e93d7b00e564ae3776232bb9442e231ac3d2419beb11437c5d04cd1b55bae0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
M8tZDF6Z6yDDjI3O0lKVNg==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
397555
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 25 Jul 2024 01:14:20 GMT
Server
nginx
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
11 KB
11 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
d5lKZzJ7qVff2IDjOpHwQQ==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
11418
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/png
Last-Modified
Wed, 14 Nov 2018 18:20:41 GMT
Server
nginx
mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
48 KB
49 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
pIMz1DwZYS7WGYf6Xb/zxQ==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
49614
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 14 Aug 2019 17:59:05 GMT
Server
nginx
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
20 KB
20 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/boxshot.png
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
WH4EDyAll5IJSQHKlzlmng==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
20506
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/png
Last-Modified
Wed, 14 Nov 2018 18:48:14 GMT
Server
nginx
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
134 KB
134 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
Cz2CFJPVdI2CnIUrvW0pLQ==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
137040
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/png
Last-Modified
Wed, 23 Jan 2019 00:35:07 GMT
Server
nginx
AAAABS2wPb0M8BZZsg7maAVHhc1rfAZm9RWMpYfL95TcWCTiT1OvZGx4qg2NVvAtqK_AONqNNWbJYzdgVvbgrQGgag-qgYnKEi2RKM9A.png
occ-0-5340-3934.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/
248 KB
248 KB
Image
General
Full URL
https://occ-0-5340-3934.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/AAAABS2wPb0M8BZZsg7maAVHhc1rfAZm9RWMpYfL95TcWCTiT1OvZGx4qg2NVvAtqK_AONqNNWbJYzdgVvbgrQGgag-qgYnKEi2RKM9A.png?r=25d
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.173.218.130 Guatemala City, Guatemala, ASN267828 (Senal Nacional S.A., GT),
Reverse DNS
Software
nginx /
Resource Hash
4f1eee3e979fbe7613b785159cce6e5aefa3b0ad08842f7daad6fa419f7a4063

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Cache-Control
max-age=31104000, public, s-maxage=604800
Timing-Allow-Origin
*
Accept-CH
Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag
"5d7f0fb08ad1c092e80a1796757d8a7f"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
253970
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/png
Last-Modified
Thu, 01 Jun 2023 21:27:10 GMT
Server
nginx
transparent_1x1.png
assets.nflxext.com/ffe/siteui/acquisition/common/
272 B
591 B
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/common/transparent_1x1.png
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
6e43a8bb3f972ef0b96dc5e7b24340934646fb8932bda39a8feea67cbbe3e145

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
X+USZj4auAKkdpQanOb1tQ==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
272
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/png
Last-Modified
Wed, 01 Jul 2020 17:38:24 GMT
Server
nginx
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
32 KB
0
Media
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://nefprime.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-MD5
PLEtt8Zyszc1AGSApFXscg==
Cache-Control
max-age=604801
Connection
keep-alive
Content-Range
bytes 0-270045/270046
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Content-Length
270046
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
video/x-m4v
Last-Modified
Mon, 12 Aug 2019 20:49:12 GMT
Server
nginx
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
22 KB
22 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/download-icon.gif
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
3Ty3jbeMPgoTybd+4Z3u5g==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Accept-Ranges
bytes
Content-Length
22171
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
image/gif
Last-Modified
Mon, 12 Nov 2018 22:40:57 GMT
Server
nginx
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/
52 KB
52 KB
Font
General
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nefprime.com
Referer
https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css

Response headers

Content-MD5
C/MXfx/tbZUxeCIfukPH6A==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
53304
Date
Thu, 17 Oct 2024 11:06:49 GMT
Content-Type
font/woff2
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/
53 KB
53 KB
Font
General
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nefprime.com
Referer
https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css

Response headers

Content-MD5
6naZIbDPpPxtTRouCx+l/w==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
53940
Date
Thu, 17 Oct 2024 11:06:49 GMT
Content-Type
font/woff2
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
NetflixSans_W_Blk.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/
54 KB
54 KB
Font
General
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Blk.woff2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
eaa7941cbc06d30c54d52c6d3272a7549d45a23baf7405c6712d97904692da9d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nefprime.com
Referer
https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css

Response headers

Content-MD5
OgmLqkPAapscbKKJ/wIyUA==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
55436
Date
Thu, 17 Oct 2024 11:06:49 GMT
Content-Type
font/woff2
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
32 KB
0
Media
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://nefprime.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

Content-MD5
PlXFYgWonIWf7QBa4XKfqg==
Cache-Control
max-age=604801
Connection
keep-alive
Content-Range
bytes 0-266159/266160
Expires
Thu, 24 Oct 2024 11:06:49 GMT
Content-Length
266160
Date
Thu, 17 Oct 2024 11:06:48 GMT
Content-Type
video/x-m4v
Last-Modified
Wed, 09 Jan 2019 20:47:49 GMT
Server
nginx
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
8 KB
8 KB
Media
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
1539d357b1c2f6d1e95d9f3c568c0f694e9040bcee32f87f3ffa24f18d4b865d

Request headers

Referer
https://nefprime.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=262144-

Response headers

Content-MD5
PLEtt8Zyszc1AGSApFXscg==
Cache-Control
max-age=604801
Content-Range
bytes 262144-270045/270046
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Content-Length
7902
Date
Thu, 17 Oct 2024 11:06:49 GMT
Last-Modified
Mon, 12 Aug 2019 20:49:12 GMT
Content-Type
video/x-m4v
Server
nginx
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
4 KB
4 KB
Media
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
216ee415e27391e75247a6e31acb1bcfc0b6a749176eb2a46dfceba38192516a

Request headers

Referer
https://nefprime.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=262144-

Response headers

Content-MD5
PlXFYgWonIWf7QBa4XKfqg==
Cache-Control
max-age=604801
Content-Range
bytes 262144-266159/266160
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Content-Length
4016
Date
Thu, 17 Oct 2024 11:06:49 GMT
Last-Modified
Wed, 09 Jan 2019 20:47:49 GMT
Content-Type
video/x-m4v
Server
nginx
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
232 KB
224 KB
Media
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
e1ec9fb767c9d0a79492bea9c9ff79ebc44cf7d1862d6a013987b42aa2d649fa

Request headers

Referer
https://nefprime.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

Content-MD5
PLEtt8Zyszc1AGSApFXscg==
Cache-Control
max-age=604801
Content-Range
bytes 32768-270045/270046
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Content-Length
237278
Date
Thu, 17 Oct 2024 11:06:49 GMT
Last-Modified
Mon, 12 Aug 2019 20:49:12 GMT
Content-Type
video/x-m4v
Server
nginx
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/
228 KB
224 KB
Media
General
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by
Host: nefprime.com
URL: https://nefprime.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
c2a780c3566b87ca54ba0bb232f971e5de0181e3b5b29c30590cea0ee61be02a

Request headers

Referer
https://nefprime.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

Content-MD5
PlXFYgWonIWf7QBa4XKfqg==
Cache-Control
max-age=604801
Content-Range
bytes 32768-266159/266160
Expires
Thu, 24 Oct 2024 11:06:50 GMT
Content-Length
233392
Date
Thu, 17 Oct 2024 11:06:49 GMT
Last-Modified
Wed, 09 Jan 2019 20:47:49 GMT
Content-Type
video/x-m4v
Server
nginx
nficon2023.ico
assets.nflxext.com/us/ffe/siteui/common/icons/
10 KB
10 KB
Other
General
Full URL
https://assets.nflxext.com/us/ffe/siteui/common/icons/nficon2023.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nefprime.com/

Response headers

Content-MD5
WPVNnqFRdmcYAr6+7k2kyw==
Cache-Control
max-age=604801
Connection
keep-alive
Expires
Thu, 24 Oct 2024 11:06:51 GMT
Accept-Ranges
bytes
Content-Length
9854
Date
Thu, 17 Oct 2024 11:06:50 GMT
Content-Type
image/x-icon
Last-Modified
Thu, 31 Aug 2023 18:57:29 GMT
Server
nginx

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| redirectToLogin

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
nefprime.com
occ-0-5340-3934.1.nflxso.net
216.250.113.123
45.173.218.130
45.57.90.1
1539d357b1c2f6d1e95d9f3c568c0f694e9040bcee32f87f3ffa24f18d4b865d
216ee415e27391e75247a6e31acb1bcfc0b6a749176eb2a46dfceba38192516a
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4f1eee3e979fbe7613b785159cce6e5aefa3b0ad08842f7daad6fa419f7a4063
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5e93d7b00e564ae3776232bb9442e231ac3d2419beb11437c5d04cd1b55bae0f
6e43a8bb3f972ef0b96dc5e7b24340934646fb8932bda39a8feea67cbbe3e145
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3
a04e040fed22b3cdea05f6053c271744d8ad5bd961a5ea78b4f910299d520dd2
ab3b3f1c5c419cc52904a972ecdda71f7270196b884b06597ebe0590e0cd91bd
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
bcf36fe4e5ddd746faff3173d643fb713f0056a92b4b5e24462865f989c0bac9
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c2a780c3566b87ca54ba0bb232f971e5de0181e3b5b29c30590cea0ee61be02a
e1ec9fb767c9d0a79492bea9c9ff79ebc44cf7d1862d6a013987b42aa2d649fa
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
eaa7941cbc06d30c54d52c6d3272a7549d45a23baf7405c6712d97904692da9d