www.netflix.com.youraccountpayment.3a2f2f2.ml Open in urlscan Pro
54.95.169.98 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Submission: On October 20 via automatic, source openphish (October 20th 2021, 1:15:14 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 18 HTTP transactions. The main IP is 54.95.169.98, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.netflix.com.youraccountpayment.3a2f2f2.ml.

This is the only time www.netflix.com.youraccountpayment.3a2f2f2.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	54.95.169.98 54.95.169.98	16509 (AMAZON-02) (AMAZON-02)
7	2a00:86c0:209... 2a00:86c0:2091::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
6	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	4

5 54.95.169.98 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-169-98.ap-northeast-1.compute.amazonaws.com

www.netflix.com.youraccountpayment.3a2f2f2.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:86c0:2091::1 (United Kingdom)

ASN40027 (NETFLIX-ASN, US)

codex.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	nflxext.com codex.nflxext.com assets.nflxext.com	735 KB
6	cookielaw.org cdn.cookielaw.org	110 KB
5	3a2f2f2.ml 1 redirects www.netflix.com.youraccountpayment.3a2f2f2.ml	22 KB
1	onetrust.com geolocation.onetrust.com	398 B
18	4

	Domain	Requested by
6	cdn.cookielaw.org	www.netflix.com.youraccountpayment.3a2f2f2.ml cdn.cookielaw.org
5	www.netflix.com.youraccountpayment.3a2f2f2.ml	1 redirects www.netflix.com.youraccountpayment.3a2f2f2.ml codex.nflxext.com
4	codex.nflxext.com	www.netflix.com.youraccountpayment.3a2f2f2.ml
3	assets.nflxext.com	codex.nflxext.com
1	geolocation.onetrust.com	cdn.cookielaw.org
18	5

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
optout.aboutads.info
onetrust.com

Subject Issuer	Validity	Valid
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-13` - `2021-11-15`	a month	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Frame ID: F5FC60E12E74E7AA540BE384B95D9EB5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NetflixBack ButtonFilter Button

Page URL History Show full URLs

http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net HTTP 301
http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

18
Requests

78 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

868 kB
Transfer

2807 kB
Size

1
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://help.netflix.com/contactus
Title: Questions? Contact us.

Search URL Search Domain Scan URL

URL: https://help.netflix.com/support/412
Title: FAQ

Search URL Search Domain Scan URL

URL: https://help.netflix.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/corpinfo
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy#cookies
Title: Cookies and Internet Advertising

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/
Title: here.

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net HTTP 301
http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Redirect Chain

http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net
http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/

21 KB
21 KB

238ms
238ms

Document
text/html

54.95.169.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Protocol: HTTP/1.1
Server: 54.95.169.98 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-169-98.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b71a0918f02f1bbf9596287606fb59fbe6bc038e73987190cec21c2bf745186e

Request headers

Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Server: Apache
Last-Modified: Tue, 19 Oct 2021 16:07:08 GMT
Accept-Ranges: bytes
Content-Length: 21361
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Wed, 20 Oct 2021 13:15:01 GMT
Server: Apache
Location: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Content-Length: 265
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v6a00f48a/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b3d022S2L2U33052I2Y3c070l003e2X382_2V372M2Z302N2F01390N/bck/true/ 9 KB
4 KB 73ms
21ms Script
application/javascript 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v6a00f48a/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b3d022S2L2U33052I2Y3c070l003e2X382_2V372M2Z302N2F01390N/bck/true/none

Requested by

Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e07986a943050bc70e5fc61c719f37d611b84c6b536daec25c6851c86bba912a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: b8f01fcb-3376-426d-a904-c9c8a48f0552
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 3630
Expires: Mon, 18 Apr 2022 15:05:28 GMT

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v6a00f48a/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/0b3d022S2L2U33052I2Y3c070l003e2X382_2V372M2Z302N2F01390N/l/true/ 2 MB
514 KB 425ms
373ms Script
application/javascript 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v6a00f48a/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/0b3d022S2L2U33052I2Y3c070l003e2X382_2V372M2Z302N2F01390N/l/true/none

Requested by

Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

e11bf69ce1ece1c2ee2901bf6db83fbd5205ed6feb0898df13b6f635bf65c145

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: d9c9a340-bc25-4757-9e71-e8c2c6486aaa
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Expires: Sun, 24 Apr 2022 13:15:02 GMT

GET
H/1.1 404
Not Found WebsiteDetect
www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/cl2/freeform/ 0
0 235ms
234ms Stylesheet
text/html 54.95.169.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=signupSimplicity-passwordOnly
Requested by: Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Protocol: HTTP/1.1
Server: 54.95.169.98 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-169-98.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 74ms
30ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Oct 2021 13:15:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 133780
vary: Accept-Encoding
content-length: 6350
x-ms-lease-status: unlocked
last-modified: Thu, 14 Oct 2021 05:25:41 GMT
server: cloudflare
etag: 0x8D98ED3103C1468
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75937fa8-e01e-0075-326c-c45f5d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a12833d3cfd59e9-MXP
expires: Thu, 28 Oct 2021 13:15:02 GMT

GET
H/1.1 200
OK none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DugayCE/none/true/ 11 KB
3 KB 60ms
17ms Stylesheet
text/css 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DugayCE/none/true/none

Requested by

Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=16070400
req_id: aced0810-050b-4226-88d3-6d434990169d
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 2595
Expires: Sun, 24 Apr 2022 13:15:02 GMT

GET
H/1.1 200
OK none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/btzvF4DugayCE/none/true/ 218 KB
37 KB 66ms
21ms Stylesheet
text/css 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/btzvF4DugayCE/none/true/none

Requested by

Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3b77ebff3053fd2200459a30da91814a60a321f3297306546072cf33abd54d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: 8684021c-0f27-4ea2-80ea-c55a489bfa3e
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 37558
Expires: Mon, 18 Apr 2022 15:03:01 GMT

GET
H/1.1 404
Not Found WebsiteDetect Show response
www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/cl2/freeform/ 315 B
515 B 232ms
232ms XHR
text/html 54.95.169.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=signupSimplicity-passwordOnly
Requested by: Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Protocol: HTTP/1.1
Server: 54.95.169.98 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-169-98.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 87b6a5c0-0104-4e96-a291-092c11350111.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ 4 KB
2 KB 258ms
195ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8c7ae3d7207934c512e0b7c27c6114ad33a6b9200d244e2425f3b168fab26f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Oct 2021 13:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: F8yQqzNU9V1mr++z0yIBlA==
vary: Accept-Encoding
content-length: 1598
x-ms-lease-status: unlocked
last-modified: Tue, 21 Sep 2021 17:09:20 GMT
server: cloudflare
etag: 0x8D97D228D6D7DBE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a1047c09-601e-008a-7fb4-c562c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a12833eccb95a3d-MXP
expires: Wed, 20 Oct 2021 17:15:02 GMT

GET
H/1.1 200
OK NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 52 KB
52 KB 120ms
42ms Font
font/woff2 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DugayCE/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

Referer: https://codex.nflxext.com/
Origin: http://www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Server: nginx
Content-MD5: C/MXfx/tbZUxeCIfukPH6A==
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53304
Expires: Wed, 27 Oct 2021 13:15:03 GMT

GET
H/1.1 200
OK NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 53 KB
53 KB 125ms
47ms Font
font/woff2 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DugayCE/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

Request headers

Referer: https://codex.nflxext.com/
Origin: http://www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Server: nginx
Content-MD5: 6naZIbDPpPxtTRouCx+l/w==
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53940
Expires: Wed, 27 Oct 2021 13:15:03 GMT

GET
H/1.1 200
OK nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 72 KB
72 KB 161ms
60ms Font
font/woff 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v6a00f48a/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/btzvF4DugayCE/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer: https://codex.nflxext.com/
Origin: http://www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 20 Oct 2021 13:15:02 GMT
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Server: nginx
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73572
Expires: Wed, 27 Oct 2021 13:15:03 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 79ms
37ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:15:03 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6a1283404868d610-MXP

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.6.0/ 338 KB
72 KB 32ms
32ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Oct 2021 13:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
age: 140964
vary: Accept-Encoding
content-length: 73082
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
server: cloudflare
etag: 0x8D85529F2EBAD26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 69c19f29-601e-0142-616c-c4b5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a1283409eb559e9-MXP
expires: Thu, 28 Oct 2021 13:15:03 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/d8b56389-964b-4a1f-aa83-3a9db8f1b6a4/ 41 KB
12 KB 192ms
192ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/d8b56389-964b-4a1f-aa83-3a9db8f1b6a4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18b8dbc8acf985376159deabac523d8b0a92f9e1ab02357bb3f2fdad0ba20319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Oct 2021 13:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: wE5JrfaPaJy//lKsbvYBLg==
vary: Accept-Encoding
content-length: 12402
x-ms-lease-status: unlocked
last-modified: Tue, 21 Sep 2021 17:09:33 GMT
server: cloudflare
etag: 0x8D97D2295647EF0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: df462562-d01e-0098-6fb4-c556d9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a128340ea7e5a3d-MXP
expires: Wed, 20 Oct 2021 17:15:03 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 12 KB
4 KB 160ms
160ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Oct 2021 13:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: R7qOr1WClmhADOzbz5s+Bw==
vary: Accept-Encoding
content-length: 3248
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:24 GMT
server: cloudflare
etag: 0x8D85529EDFDCA3B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5ee41435-b01e-00c7-42b4-c5a427000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a1283423e0e5a3d-MXP
expires: Thu, 28 Oct 2021 13:15:03 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 57 KB
14 KB 169ms
169ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 20 Oct 2021 13:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
content-md5: Mg7iJdVoxVGmqw/VwCobbQ==
vary: Accept-Encoding
content-length: 14112
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:26 GMT
server: cloudflare
etag: 0x8D85529EEE93F94
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc559af1-001e-0019-68b4-c5f48e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6a1283423e115a3d-MXP
expires: Thu, 28 Oct 2021 13:15:03 GMT

POST
H/1.1 404
Not Found log Show response
www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/ 315 B
516 B 505ms
499ms XHR
text/html 54.95.169.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/log
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v6a00f48a/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/0b3d022S2L2U33052I2Y3c070l003e2X382_2V372M2Z302N2F01390N/l/true/none
Protocol: HTTP/1.1
Server: 54.95.169.98 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-169-98.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma: no-cache
Origin: http://www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Encoding: gzip, deflate
Host: www.netflix.com.youraccountpayment.3a2f2f2.ml
Accept-Language: de-DE,de;q=0.9
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Accept: */*
Cache-Control: no-cache
X-Netflix.ichnaea.request.type: UiRequest
Cookie: cL=1634735710527%7C163473571060175369%7C163473571062085426%7C%7C4%7Cnull
Connection: keep-alive
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Length: 1450
Accept: */*
Referer: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/net/
X-Netflix.ichnaea.request.type: UiRequest
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 20 Oct 2021 13:15:10 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.netflix.com.youraccountpayment.3a2f2f2.ml/	1969-12-31 23:59:59	Name: cL Value: 1634735710527%7C163473571060175369%7C163473571062085426%7C%7C4%7Cnull

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=signupSimplicity-passwordOnly Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=signupSimplicity-passwordOnly Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.netflix.com.youraccountpayment.3a2f2f2.ml/personalization/log Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
cdn.cookielaw.org
codex.nflxext.com
geolocation.onetrust.com
www.netflix.com.youraccountpayment.3a2f2f2.ml
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:86c0:2091::1
54.95.169.98
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
18b8dbc8acf985376159deabac523d8b0a92f9e1ab02357bb3f2fdad0ba20319
3b77ebff3053fd2200459a30da91814a60a321f3297306546072cf33abd54d57
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b71a0918f02f1bbf9596287606fb59fbe6bc038e73987190cec21c2bf745186e
bf8c7ae3d7207934c512e0b7c27c6114ad33a6b9200d244e2425f3b168fab26f
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
e07986a943050bc70e5fc61c719f37d611b84c6b536daec25c6851c86bba912a
e11bf69ce1ece1c2ee2901bf6db83fbd5205ed6feb0898df13b6f635bf65c145

www.netflix.com.youraccountpayment.3a2f2f2.ml Open in urlscan Pro 54.95.169.98 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

78 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

868 kBTransfer

2807 kBSize

1 Cookies

9 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

www.netflix.com.youraccountpayment.3a2f2f2.ml Open in urlscan Pro
54.95.169.98 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

78 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

868 kB
Transfer

2807 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!