iremuyar.com Open in urlscan Pro
212.115.43.228 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://iremuyar.com/authentification-streamings/
Submission: On July 20 via automatic, source openphish (July 20th 2022, 12:06:26 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 12 HTTP transactions. The main IP is 212.115.43.228, located in Istanbul, Turkey and belongs to RADORE, TR. The main domain is iremuyar.com.

This is the only time iremuyar.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 6	212.115.43.228 212.115.43.228	42926 (RADORE) (RADORE)
4	2a00:86c0:209... 2a00:86c0:2091::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
2	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
12	4

6 212.115.43.228 (Istanbul, Turkey) 1 redirects

ASN42926 (RADORE, TR)
PTR: server-212.115.43.228.as42926.net

iremuyar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:86c0:2091::1 (United States)

ASN40027 (NETFLIX-ASN, US)

codex.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	nflxext.com codex.nflxext.com — Cisco Umbrella Rank: 38505 assets.nflxext.com — Cisco Umbrella Rank: 3636	380 KB
6	iremuyar.com 1 redirects iremuyar.com	346 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 695	24 KB
12	3

	Domain	Requested by
6	iremuyar.com	1 redirects iremuyar.com
4	codex.nflxext.com	iremuyar.com
2	assets.nflxext.com	iremuyar.com codex.nflxext.com
1	code.jquery.com	iremuyar.com
12	4

This site contains links to these domains. Also see Links.

Domain
policies.google.com
help.netflix.com

Subject Issuer	Validity	Valid
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1	`2022-07-14` - `2022-08-17`	a month	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://iremuyar.com/authentification-streamings/
Frame ID: 3F7BC80F0C1CAAD5EED45086E60CD228
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Page URL History Show full URLs

http://iremuyar.com/authentification-streamings HTTP 301
http://iremuyar.com/authentification-streamings/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

58 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

750 kB
Transfer

1653 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/privacy
Title: Règles de confidentialité

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Conditions d'utilisation

Search URL Search Domain Scan URL

URL: https://help.netflix.com/support/412
Title: FAQ

Search URL Search Domain Scan URL

URL: https://help.netflix.com/
Title: Centre d'aide

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Conditions d'utilisation

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Confidentialité

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/corpinfo
Title: Mentions légales

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iremuyar.com/authentification-streamings HTTP 301
http://iremuyar.com/authentification-streamings/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
iremuyar.com/authentification-streamings/
Redirect Chain

http://iremuyar.com/authentification-streamings
http://iremuyar.com/authentification-streamings/

114 KB
25 KB

255ms
255ms

Document
text/html

212.115.43.228
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: http://iremuyar.com/authentification-streamings/
Protocol: HTTP/1.1
Server: 212.115.43.228 Istanbul, Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-212.115.43.228.as42926.net
Software: LiteSpeed /
Resource Hash: 37eabc79d677b3a005bb6705c25172d706fdac4c3a92d9dd9edd9dc971a7c019

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 20 Jul 2022 00:06:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Wed, 20 Jul 2022 00:06:19 GMT
location: http://iremuyar.com/authentification-streamings/
server: LiteSpeed

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vf6355e19/js/js/bootstrap.js,common%7Cbootstrap.js/2/0a3d022S2K2U052H2Y3c070k003e2X382P2_2V372M2Z302E01390V/bck/true/ 9 KB
4 KB 326ms
20ms Script
application/javascript 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vf6355e19/js/js/bootstrap.js,common%7Cbootstrap.js/2/0a3d022S2K2U052H2Y3c070k003e2X382P2_2V372M2Z302E01390V/bck/true/none

Requested by

Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e0e0824ee31ae1c22900844e86ca3efcddee2adcac0a4f2533def95bad05be1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:06:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: c845a5ab-1d17-4424-a865-b078e46e52f7
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 3631
Expires: Sun, 22 Jan 2023 00:06:20 GMT

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vf6355e19/js/js/components%7Clogin%7CloginControllerClient.js/2/0a3d022S2K2U052H2Y3c070k003e2X382P2_2V372M2Z302E01390V/l/true/ 923 KB
278 KB 328ms
23ms Script
application/javascript 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vf6355e19/js/js/components%7Clogin%7CloginControllerClient.js/2/0a3d022S2K2U052H2Y3c070k003e2X382P2_2V372M2Z302E01390V/l/true/none

Requested by

Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

87552feb075da65292b37e31577123557bef1019124bc30ac3a51bbab4c1d8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:06:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: 36465e6e-d8c5-4560-866a-f369ae68169a
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 284055
Expires: Sun, 22 Jan 2023 00:06:20 GMT

GET
H/1.1 200
OK WebsiteDetect
iremuyar.com/personalization/cl2/freeform/ 0
190 B 137ms
71ms Stylesheet
text/html 212.115.43.228
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: http://iremuyar.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Requested by: Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/
Protocol: HTTP/1.1
Server: 212.115.43.228 Istanbul, Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-212.115.43.228.as42926.net
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/authentification-streamings/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 00:06:19 GMT
server: LiteSpeed
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf6355e19/css/css/less%7Ccore%7Cerror-page.less/1/asyuE4Cqtf9xBD/none/true/ 11 KB
3 KB 327ms
22ms Stylesheet
text/css 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf6355e19/css/css/less%7Ccore%7Cerror-page.less/1/asyuE4Cqtf9xBD/none/true/none

Requested by

Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:06:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: 68cc123e-51be-46a1-9067-6877ff742cb3
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 2595
Expires: Sun, 22 Jan 2023 00:06:20 GMT

GET
H/1.1 200
OK none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf6355e19/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/asyuE4Cqtf9xBD/none/true/ 132 KB
22 KB 326ms
21ms Stylesheet
text/css 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf6355e19/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/asyuE4Cqtf9xBD/none/true/none

Requested by

Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4b27429d411b25e69d402d57928be186a16ece667fd2a68ea3556802a3b6690b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:06:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: d211bf5c-9ebb-49d2-8cb2-3d6e528711ad
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 21812
Expires: Sun, 22 Jan 2023 00:06:20 GMT

GET
H/1.1 200
OK background.jpg
iremuyar.com/authentification-streamings/assets/images/ 318 KB
319 KB 71ms
70ms Image
image/jpeg 212.115.43.228
RADORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://iremuyar.com/authentification-streamings/assets/images/background.jpg
Requested by: Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/
Protocol: HTTP/1.1
Server: 212.115.43.228 Istanbul, Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-212.115.43.228.as42926.net
Software: LiteSpeed /
Resource Hash: bba945d747de28f874cf7648c0cce6ed74e79a80dd70f73a8a07d9944e4e50b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/authentification-streamings/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 00:06:19 GMT
last-modified: Wed, 05 Jan 2022 01:48:22 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 326076
expires: Wed, 27 Jul 2022 00:06:19 GMT

GET
H/1.1 200
OK FB-f-Logo__blue_57.png
assets.nflxext.com/ffe/siteui/login/images/ 1 KB
2 KB 266ms
31ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/login/images/FB-f-Logo__blue_57.png
Requested by: Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:06:20 GMT
Last-Modified: Thu, 30 Jun 2016 17:48:49 GMT
Server: nginx
Content-MD5: ozykfvEQtuPsUIa4d2QH0w==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1455
Expires: Wed, 27 Jul 2022 00:06:21 GMT

GET
H2 200 jquery-3.6.0.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 258ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.slim.min.js
Requested by: Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

Request headers

Referer: http://iremuyar.com/
Origin: http://iremuyar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 00:06:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-11ab4"
vary: Accept-Encoding
x-hw: 1658275580.dop238.fr8.t,1658275580.cds238.fr8.hn,1658275580.cds054.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24587

GET
H/1.1 200
OK loader.js Show response
iremuyar.com/authentification-streamings/assets/js/ 193 B
530 B 137ms
70ms Script
application/javascript 212.115.43.228
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: http://iremuyar.com/authentification-streamings/assets/js/loader.js
Requested by: Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/
Protocol: HTTP/1.1
Server: 212.115.43.228 Istanbul, Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-212.115.43.228.as42926.net
Software: LiteSpeed /
Resource Hash: fae2de15cac69c223c007986606088b7e238774f8f910074404da402c3439e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/authentification-streamings/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 00:06:19 GMT
last-modified: Wed, 05 Jan 2022 01:48:22 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 193
expires: Wed, 27 Jul 2022 00:06:19 GMT

GET
H/1.1 200
OK index.js Show response
iremuyar.com/authentification-streamings/assets/js/ 1 KB
809 B 140ms
70ms Script
application/javascript 212.115.43.228
RADORE

General

Check archive.org

Show headers Download Go to

Full URL: http://iremuyar.com/authentification-streamings/assets/js/index.js
Requested by: Host: iremuyar.com
URL: http://iremuyar.com/authentification-streamings/
Protocol: HTTP/1.1
Server: 212.115.43.228 Istanbul, Turkey, ASN42926 (RADORE, TR),
Reverse DNS: server-212.115.43.228.as42926.net
Software: LiteSpeed /
Resource Hash: 3e4cb727847b787e297cc80edf8758773f0f46d6e0b85196e240ecab402432cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://iremuyar.com/authentification-streamings/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 00:06:19 GMT
content-encoding: gzip
last-modified: Wed, 05 Jan 2022 01:48:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 425
expires: Wed, 27 Jul 2022 00:06:19 GMT

GET
H/1.1 200
OK nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 72 KB
72 KB 64ms
24ms Font
font/woff 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf6355e19/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/asyuE4Cqtf9xBD/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer: https://codex.nflxext.com/
Origin: http://iremuyar.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 20 Jul 2022 00:06:20 GMT
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Server: nginx
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73572
Expires: Wed, 27 Jul 2022 00:06:21 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			iremuyar.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fd89237042701d79bbe7f3ba9d472227

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://iremuyar.com/authentification-streamings/ Message: The resource https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vf6355e19/js/js/components%7Clogin%7CloginControllerClient.js/2/0a3d022S2K2U052H2Y3c070k003e2X382P2_2V372M2Z302E01390V/l/true/none was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: http://iremuyar.com/authentification-streamings/ Message: The resource https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vf6355e19/js/js/bootstrap.js,common%7Cbootstrap.js/2/0a3d022S2K2U052H2Y3c070k003e2X382P2_2V372M2Z302E01390V/bck/true/none was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
code.jquery.com
codex.nflxext.com
iremuyar.com
2001:4de0:ac18::1:a:2b
212.115.43.228
2a00:86c0:2090::1
2a00:86c0:2091::1
37eabc79d677b3a005bb6705c25172d706fdac4c3a92d9dd9edd9dc971a7c019
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
3e4cb727847b787e297cc80edf8758773f0f46d6e0b85196e240ecab402432cc
4b27429d411b25e69d402d57928be186a16ece667fd2a68ea3556802a3b6690b
87552feb075da65292b37e31577123557bef1019124bc30ac3a51bbab4c1d8fb
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
bba945d747de28f874cf7648c0cce6ed74e79a80dd70f73a8a07d9944e4e50b8
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
e0e0824ee31ae1c22900844e86ca3efcddee2adcac0a4f2533def95bad05be1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fae2de15cac69c223c007986606088b7e238774f8f910074404da402c3439e32

iremuyar.com Open in urlscan Pro 212.115.43.228 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

58 %HTTPS

75 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

750 kBTransfer

1653 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

iremuyar.com Open in urlscan Pro
212.115.43.228 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

58 %
HTTPS

75 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

750 kB
Transfer

1653 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!