nefprime.com
Open in
urlscan Pro
216.250.113.123
Malicious Activity!
Public Scan
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On October 17 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 17th 2024. Valid for: a year.
This is the only time nefprime.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 216.250.113.123 216.250.113.123 | 8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS) | |
19 | 45.57.90.1 45.57.90.1 | 2906 (AS-SSI) (AS-SSI) | |
1 | 45.173.218.130 45.173.218.130 | 267828 (Senal Nac...) (Senal Nacional S.A.) | |
21 | 3 |
ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: perfora.net
nefprime.com |
ASN267828 (Senal Nacional S.A., GT)
occ-0-5340-3934.1.nflxso.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4879 |
1 MB |
1 |
nflxso.net
occ-0-5340-3934.1.nflxso.net |
248 KB |
1 |
nefprime.com
nefprime.com |
24 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
19 | assets.nflxext.com |
nefprime.com
assets.nflxext.com |
1 | occ-0-5340-3934.1.nflxso.net |
nefprime.com
|
1 | nefprime.com | |
21 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
media.netflix.com |
ir.netflix.com |
jobs.netflix.com |
fast.com |
www.netflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.nefprime.com Sectigo RSA Domain Validation Secure Server CA |
2024-10-17 - 2025-10-17 |
a year | crt.sh |
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2024-10-13 - 2024-11-17 |
a month | crt.sh |
This page contains 1 frames:
Primary Page:
https://nefprime.com/
Frame ID: 97936B33E4E9975FDEA911F00C748B2F
Requests: 21 HTTP requests in this frame
12 Outgoing links
These are links going to different origins than the main page.
Title: Preguntas frecuentes
Search URL Search Domain Scan URL
Title: Centro de ayuda
Search URL Search Domain Scan URL
Title: Prensa
Search URL Search Domain Scan URL
Title: Relaciones con inversionistas
Search URL Search Domain Scan URL
Title: Empleo
Search URL Search Domain Scan URL
Title: Términos de uso
Search URL Search Domain Scan URL
Title: Privacidad
Search URL Search Domain Scan URL
Title: Información corporativa
Search URL Search Domain Scan URL
Title: Contáctanos
Search URL Search Domain Scan URL
Title: Prueba de velocidad
Search URL Search Domain Scan URL
Title: Avisos legales
Search URL Search Domain Scan URL
Title: Solo en Netflix
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
nefprime.com/ |
141 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nmhp.a1bcda71010575046231.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nmhp-reskin.6a003302aa4c93b29722.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ |
523 B 858 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GT-es-20240722-POP_SIGNUP_TWO_WEEKS-perspective_WEB_a72bb443-6c64-4a76-9700-33f4552479d5_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/21a8ba09-4a61-44f8-8e2e-70e949c00c6f/315dd218-d92f-4b80-a30d-1f041c4099a5/ |
388 KB 389 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AAAABS2wPb0M8BZZsg7maAVHhc1rfAZm9RWMpYfL95TcWCTiT1OvZGx4qg2NVvAtqK_AONqNNWbJYzdgVvbgrQGgag-qgYnKEi2RKM9A.png
occ-0-5340-3934.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ |
248 KB 248 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transparent_1x1.png
assets.nflxext.com/ffe/siteui/acquisition/common/ |
272 B 591 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
32 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Blk.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
54 KB 54 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
32 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
8 KB 8 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
4 KB 4 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
232 KB 224 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
228 KB 224 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nficon2023.ico
assets.nflxext.com/us/ffe/siteui/common/icons/ |
10 KB 10 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| redirectToLogin0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
nefprime.com
occ-0-5340-3934.1.nflxso.net
216.250.113.123
45.173.218.130
45.57.90.1
1539d357b1c2f6d1e95d9f3c568c0f694e9040bcee32f87f3ffa24f18d4b865d
216ee415e27391e75247a6e31acb1bcfc0b6a749176eb2a46dfceba38192516a
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4f1eee3e979fbe7613b785159cce6e5aefa3b0ad08842f7daad6fa419f7a4063
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5e93d7b00e564ae3776232bb9442e231ac3d2419beb11437c5d04cd1b55bae0f
6e43a8bb3f972ef0b96dc5e7b24340934646fb8932bda39a8feea67cbbe3e145
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3
a04e040fed22b3cdea05f6053c271744d8ad5bd961a5ea78b4f910299d520dd2
ab3b3f1c5c419cc52904a972ecdda71f7270196b884b06597ebe0590e0cd91bd
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
bcf36fe4e5ddd746faff3173d643fb713f0056a92b4b5e24462865f989c0bac9
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c2a780c3566b87ca54ba0bb232f971e5de0181e3b5b29c30590cea0ee61be02a
e1ec9fb767c9d0a79492bea9c9ff79ebc44cf7d1862d6a013987b42aa2d649fa
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
eaa7941cbc06d30c54d52c6d3272a7549d45a23baf7405c6712d97904692da9d