mail.netflixsupportteam.ml Open in urlscan Pro
89.163.146.52 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mail.netflixsupportteam.ml/
Submission Tags: phishingcatcher certstream Search All
Submission: On July 16 via api (July 16th 2019, 5:03:23 am UTC) from CH

Summary HTTP 17 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main IP is 89.163.146.52, located in Germany and belongs to MYLOC-AS, DE. The main domain is mail.netflixsupportteam.ml.

This is the only time mail.netflixsupportteam.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	89.163.146.52 89.163.146.52	24961 (MYLOC-AS) (MYLOC-AS)
3	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN - Netflix Streaming Services Inc.)
3	2a02:26f0:6c0... 2a02:26f0:6c00:297::33c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a01:578:3::3... 2a01:578:3::3432:d9d7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
17	6

5 89.163.146.52 (Germany)

ASN24961 (MYLOC-AS, DE)
PTR: sadakat.kebirhost.com

mail.netflixsupportteam.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:86c0:2090::1 (United Kingdom)

ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US)

codex.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:297::33c4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:578:3::3432:d9d7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	nflxext.com codex.nflxext.com assets.nflxext.com	371 KB
5	netflixsupportteam.ml mail.netflixsupportteam.ml	60 KB
2	netflix.com www.netflix.com	1 KB
2	facebook.com staticxx.facebook.com www.facebook.com
2	facebook.net connect.facebook.net	62 KB
17	5

	Domain	Requested by
5	mail.netflixsupportteam.ml	mail.netflixsupportteam.ml codex.nflxext.com
3	assets.nflxext.com	mail.netflixsupportteam.ml
3	codex.nflxext.com	mail.netflixsupportteam.ml
2	www.netflix.com	codex.nflxext.com
2	connect.facebook.net	mail.netflixsupportteam.ml connect.facebook.net
1	www.facebook.com	connect.facebook.net
1	staticxx.facebook.com	connect.facebook.net
17	7

This site contains links to these domains. Also see Links.

Domain
www.netflix.com
help.netflix.com

Subject Issuer	Validity	Valid
*.1.nflxso.net DigiCert SHA2 Secure Server CA	`2019-07-14` - `2019-09-03`	2 months	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
assets.nflxext.com DigiCert SHA2 Secure Server CA	`2018-03-09` - `2020-03-09`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-06-06` - `2019-09-04`	3 months	crt.sh
www.netflix.com DigiCert SHA2 Secure Server CA	`2018-02-07` - `2020-02-07`	2 years	crt.sh

This page contains 3 frames:

Primary Page: http://mail.netflixsupportteam.ml/
Frame ID: 7C2DFA0066E76771644A2124E3035438
Requests: 15 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 0B5A2103F0F720538A840A6A885C465D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=163114453728333&domain=mail.netflixsupportteam.ml&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d4fb30509a474%26domain%3Dmail.netflixsupportteam.ml%26origin%3Dhttp%253A%252F%252Fmail.netflixsupportteam.ml%252Ff312ffbc9eada7%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
Frame ID: E5771420D46F7B8D36D24954FD57CF72
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Page Statistics

17
Requests

71 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

6
IPs

4
Countries

493 kB
Transfer

1344 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netflix.com/tr-en/LoginHelp
Title: Forgot your email or password?

Search URL Search Domain Scan URL

URL: https://www.netflix.com/tr-en/
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://help.netflix.com/contactus
Title: Questions? Contact us.

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/giftterms
Title: Gift Card Terms

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://connect.facebook.net/en_TR/sdk.js HTTP 307
https://connect.facebook.net/en_TR/sdk.js

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.netflixsupportteam.ml/ 205 KB
58 KB 72ms
41ms Document
text/html 89.163.146.52
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.netflixsupportteam.ml/
Protocol: HTTP/1.1
Server: 89.163.146.52 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: sadakat.kebirhost.com
Software: Apache /
Resource Hash: f50800a34ae38dfb90d9237a257a13381912643f2349a0469cc3c1880b137ba6

Request headers

Host: mail.netflixsupportteam.ml
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:06 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-7742b8c7/js/js/bootstrap.js,common%7Cbootstrap.js/2/gB0ogwg80a050e0d070908040c0f0g0l0j0kg64Dg90E0D4xgfgA0s0S02gCge4Ngigb0Bgvgr4Hggg3gk1x... 20 KB
5 KB 345ms
310ms Script
application/javascript 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-7742b8c7/js/js/bootstrap.js,common%7Cbootstrap.js/2/gB0ogwg80a050e0d070908040c0f0g0l0j0kg64Dg90E0D4xgfgA0s0S02gCge4Ngigb0Bgvgr4Hggg3gk1x/bk/true/none

Requested by

Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

7bfae3b72e5f7603fe0d68a54e5f84fe45f809ab5551b5382d10deb690582495

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
X-Netflix_nfstatus: 1_1
Transfer-Encoding: chunked
X-Netflix_proxy_execution-time: 8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: 90725eba-7940-4214-90a5-e44e1d8f07ee
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Expires: Fri, 17 Jan 2020 16:07:41 GMT

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-7742b8c7/js/js/components%7Clogin%7CloginLayout.jsx,components%7Clogin%7CloginController.jsx,react%7CgenericClient.js/2/gB0ogwg80a050e0d... 658 KB
191 KB 446ms
412ms Script
application/javascript 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-7742b8c7/js/js/components%7Clogin%7CloginLayout.jsx,components%7Clogin%7CloginController.jsx,react%7CgenericClient.js/2/gB0ogwg80a050e0d070908040c0f0g0l0j0kg64Dg90E0D4xgfgA0s0S02gCge4Ngigb0Bgvgr4Hggg3gk1x/l/true/none

Requested by

Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

fbb5575d7f03d199670be5950950dc177ba417e8aa640194eee19290bb672245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:06 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
X-Netflix_nfstatus: 1_1
Transfer-Encoding: chunked
X-Netflix_proxy_execution-time: 35
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: ba49aabd-70b9-4286-99e4-fa9ff5269145
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Expires: Fri, 17 Jan 2020 16:07:07 GMT

GET
H/1.1 404
Not Found WebsiteDetect
mail.netflixsupportteam.ml/ichnaea/cl2/freeform/ 0
0 25ms
13ms Stylesheet
text/html 89.163.146.52
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.netflixsupportteam.ml/ichnaea/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Requested by: Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/
Protocol: HTTP/1.1
Security: , ,
Server: 89.163.146.52 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: sadakat.kebirhost.com
Software: Apache /
Resource Hash

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-7742b8c7/css/css/login%7CloginBase.less,pages%7Clogin%7CLogin.less/2/0I0W0h0P0e0C0O0_0X0Q0V/none/true/ 101 KB
17 KB 363ms
330ms Stylesheet
text/css 2a00:86c0:2090::1
Netflix Streaming...

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-7742b8c7/css/css/login%7CloginBase.less,pages%7Clogin%7CLogin.less/2/0I0W0h0P0e0C0O0_0X0Q0V/none/true/none

Requested by

Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US),

Reverse DNS

Software

nginx /

Resource Hash

610d4af5b0c5d11ed9e8de0d32fd1de349def7b2151774312f88455926939bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/css; charset=UTF-8
Server: nginx
X-Netflix_nfstatus: 1_1
Transfer-Encoding: chunked
X-Netflix_proxy_execution-time: 9
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: c258acbe-aa8b-4200-9d9a-57581a45c5ba
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Expires: Sat, 18 Jan 2020 05:03:06 GMT

GET
H2 200 FB-f-Logo__blue_57.png
assets.nflxext.com/ffe/siteui/login/images/ 1 KB
2 KB 56ms
6ms Image
image/png 2a02:26f0:6c00:297::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/login/images/FB-f-Logo__blue_57.png
Requested by: Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 05:03:07 GMT
last-modified: Thu, 30 Jun 2016 17:48:49 GMT
server: Apache
content-md5: ozykfvEQtuPsUIa4d2QH0w==
content-type: image/png
status: 200
cache-control: public, max-age=23727413
accept-ranges: bytes
content-length: 1455
expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H/1.1 404
Not Found WebsiteDetect Show response
mail.netflixsupportteam.ml/ichnaea/cl2/freeform/ 351 B
552 B 13ms
12ms XHR
text/html 89.163.146.52
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.netflixsupportteam.ml/ichnaea/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
Requested by: Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/
Protocol: HTTP/1.1
Security: , ,
Server: 89.163.146.52 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: sadakat.kebirhost.com
Software: Apache /
Resource Hash: 8fc5d3471cdc4528648c8c143710397e1a6cd0a8c9743e32914e8f5ff5d5f9c9

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found WebsiteScreen Show response
mail.netflixsupportteam.ml/ichnaea/cl2/freeform/ 351 B
552 B 13ms
12ms XHR
text/html 89.163.146.52
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.netflixsupportteam.ml/ichnaea/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1
Requested by: Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/
Protocol: HTTP/1.1
Security: , ,
Server: 89.163.146.52 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: sadakat.kebirhost.com
Software: Apache /
Resource Hash: ccd38d8104f6f128c3d076c2cd9185ac686a068fcd19aafe717ed20b268c16f2

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 16 Jul 2019 05:03:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 login-the-crown_2-1500x1000.jpg
assets.nflxext.com/ffe/siteui/acquisition/login/ 84 KB
85 KB 8ms
8ms Image
image/jpeg 2a02:26f0:6c00:297::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/login/login-the-crown_2-1500x1000.jpg
Requested by: Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04

Request headers

Referer: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-7742b8c7/css/css/login%7CloginBase.less,pages%7Clogin%7CLogin.less/2/0I0W0h0P0e0C0O0_0X0Q0V/none/true/none
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 16 Jul 2019 05:03:07 GMT
last-modified: Mon, 24 Oct 2016 20:49:51 GMT
server: Apache
content-md5: 5GY/BZWwL7HDlH/B8V64Eg==
content-type: image/jpeg
status: 200
cache-control: public, max-age=23727413
accept-ranges: bytes
content-length: 86226
expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H2 200 nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 72 KB
72 KB 20ms
6ms Font
font/woff 2a02:26f0:6c00:297::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by: Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-7742b8c7/css/css/login%7CloginBase.less,pages%7Clogin%7CLogin.less/2/0I0W0h0P0e0C0O0_0X0Q0V/none/true/none
Origin: http://mail.netflixsupportteam.ml

Response headers

date: Tue, 16 Jul 2019 05:03:07 GMT
last-modified: Mon, 29 Jan 2018 01:50:51 GMT
server: Apache
content-md5: fPYVbMSBJEtaJUNi17c/AA==
access-control-allow-origin: *
content-type: font/woff
status: 200
cache-control: public, max-age=23727413
accept-ranges: bytes
content-length: 73572
expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_TR/
Redirect Chain

http://connect.facebook.net/en_TR/sdk.js
https://connect.facebook.net/en_TR/sdk.js

3 KB
2 KB

22ms
6ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_TR/sdk.js

Requested by

Host: mail.netflixsupportteam.ml
URL: http://mail.netflixsupportteam.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fc880747775ec699d445e397191de8f86e12fd1e7e59432f974a2cda9c764c9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Ri+pbh8m3RwhJqyWDeZusA==
status: 200
date: Tue, 16 Jul 2019 05:03:07 GMT
vary: Accept-Encoding
content-length: 1779
x-fb-debug: KkvxWqea1BHU+cVb5xsxcUjKPl9HHKsyjOs9EOV3JZ5zw3k2aVtcezkfyjIzfyfZNGypf+cB3leIiDrK6cubNQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 6bc5a5fe92c1044cdf6cc1f9b8b536c2
etag: "7a065fef4ae39e7120636aded837e4d4"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jul 2019 05:14:45 GMT

Redirect headers

Location: https://connect.facebook.net/en_TR/sdk.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 404
Not Found log Show response
mail.netflixsupportteam.ml/ichnaea/ 328 B
529 B 13ms
13ms XHR
text/html 89.163.146.52
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.netflixsupportteam.ml/ichnaea/log
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-7742b8c7/js/js/components%7Clogin%7CloginLayout.jsx,components%7Clogin%7CloginController.jsx,react%7CgenericClient.js/2/gB0ogwg80a050e0d070908040c0f0g0l0j0kg64Dg90E0D4xgfgA0s0S02gCge4Ngigb0Bgvgr4Hggg3gk1x/l/true/none
Protocol: HTTP/1.1
Security: , ,
Server: 89.163.146.52 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: sadakat.kebirhost.com
Software: Apache /
Resource Hash: ff59b1abffbfe6229326eadda1d12eea155290f80005c3c2a50f72d4400d05b1

Request headers

Accept: */*
Referer: http://mail.netflixsupportteam.ml/
Origin: http://mail.netflixsupportteam.ml
X-Netflix.ichnaea.request.type: UiRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Requested-With: XMLHttpRequest
Content-Type: application/json

Response headers

Date: Tue, 16 Jul 2019 05:03:07 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=198
Content-Length: 328
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
59 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0e15376019aa08db038db9e2a182a0ab&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_TR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b3a4b4c5037c85f6b291e42ce898fa521b11a739fd857fa7dfbaa188393d522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mail.netflixsupportteam.ml/
Origin: http://mail.netflixsupportteam.ml

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ES8xxhIxZVbucxnQLgGt4w==
status: 200
date: Tue, 16 Jul 2019 05:03:07 GMT
vary: Accept-Encoding
content-length: 60248
x-fb-debug: zHTfw6DcjspuLS7mRP1g2LhHoksGrhXHbNRgBmnxrzFA2oRc4Tuk5N3Vk7bOf9e6e4lui7tRsonl9+jTNWTKcg==
x-fb-trip-id: 420120009
x-fb-content-md5: 59590451999aeb0e8e6d75390a0d46d2
etag: "442be4bef35d1b7e4e0783b8a13f8a97"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 15 Jul 2020 04:05:18 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 0B5A 0
0 9ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0e15376019aa08db038db9e2a182a0ab&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://mail.netflixsupportteam.ml/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mail.netflixsupportteam.ml/

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Tue, 14 Jul 2020 21:46:25 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: TGyp64VrsTZq0v9BtmoCS13CoAWPMo/lqh8XQsB4Lz+1H7vGf4E/ghKuP/ASxGIvwmDRxaHlYB4ouqkBr/9fZA==
content-length: 11462
x-fb-trip-id: 420120009
date: Tue, 16 Jul 2019 05:03:07 GMT

GET
H2 200 ping
www.facebook.com/connect/ Frame E577 0
0 82ms
36ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/connect/ping?client_id=163114453728333&domain=mail.netflixsupportteam.ml&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d4fb30509a474%26domain%3Dmail.netflixsupportteam.ml%26origin%3Dhttp%253A%252F%252Fmail.netflixsupportteam.ml%252Ff312ffbc9eada7%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0e15376019aa08db038db9e2a182a0ab&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /connect/ping?client_id=163114453728333&domain=mail.netflixsupportteam.ml&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d4fb30509a474%26domain%3Dmail.netflixsupportteam.ml%26origin%3Dhttp%253A%252F%252Fmail.netflixsupportteam.ml%252Ff312ffbc9eada7%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: http://mail.netflixsupportteam.ml/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://mail.netflixsupportteam.ml/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: aIWNqNkLTxC7yKU8YmYxBCsIgqz3TyUqmb0kq1tSvta2q4RNjo3mY+k0wSDTWzc6dKTS6MQmDE7PVKJqXEPvUA==
date: Tue, 16 Jul 2019 05:03:07 GMT

OPTIONS
H/1.1 200
OK cl2 Show response
www.netflix.com/ichnaea/ 0
0 125ms
31ms XHR
text/plain 2a01:578:3::3432:d9d7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.com/ichnaea/cl2
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-7742b8c7/js/js/components%7Clogin%7CloginLayout.jsx,components%7Clogin%7CloginController.jsx,react%7CgenericClient.js/2/gB0ogwg80a050e0d070908040c0f0g0l0j0kg64Dg90E0D4xgfgA0s0S02gCge4Ngigb0Bgvgr4Hggg3gk1x/l/true/none
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:578:3::3432:d9d7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: http://mail.netflixsupportteam.ml
Referer: http://mail.netflixsupportteam.ml/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Access-Control-Allow-Origin: http://mail.netflixsupportteam.ml
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK cl2 Show response
www.netflix.com/ichnaea/ 0
1 KB 124ms
36ms XHR
text/plain 2a01:578:3::3432:d9d7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/cl2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::3432:d9d7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

ichnaea i-0665851f5b5c0f3b9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://ichnaea-web.netflix.com/log/freeform/xssreport

Request headers

Referer: http://mail.netflixsupportteam.ml/
Origin: http://mail.netflixsupportteam.ml
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 16 Jul 2019 05:03:12 GMT
Via: 1.1 i-00b14cd5d9db7e631 (eu-west-1)
X-Content-Type-Options: nosniff
X-Netflix_proxy_execution-time: 3
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block; report=https://ichnaea-web.netflix.com/log/freeform/xssreport
Allow: GET, POST, OPTIONS
Server: ichnaea i-0665851f5b5c0f3b9
X-Netflix_nfstatus: 1_1
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Originating-URL: https://www.netflix.com/ichnaea/cl2
Access-Control-Allow-Origin: http://mail.netflixsupportteam.ml
Access-Control-Allow-Credentials: true
X-Ichnaea: ~O=true~RL=158
Content-Type: text/plain
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mail.netflixsupportteam.ml/	1969-12-31 23:59:59	Name: cL Value: 1563253387491%7C156325338724884628%7C156325338733578096%7C%7C4%7CBIAOHHE3JFHL3C43F5RX5JRUV4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://connect.facebook.net/en_US/sdk.js?hash=0e15376019aa08db038db9e2a182a0ab&ua=modern_es6(Line 52) Message: The method FB.getLoginStatus can no longer be called from http pages. https://developers.facebook.com/blog/post/2018/06/08/enforce-https-facebook-login/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
codex.nflxext.com
connect.facebook.net
mail.netflixsupportteam.ml
staticxx.facebook.com
www.facebook.com
www.netflix.com
2a00:86c0:2090::1
2a01:578:3::3432:d9d7
2a02:26f0:6c00:297::33c4
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
89.163.146.52
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
610d4af5b0c5d11ed9e8de0d32fd1de349def7b2151774312f88455926939bad
7bfae3b72e5f7603fe0d68a54e5f84fe45f809ab5551b5382d10deb690582495
8fc5d3471cdc4528648c8c143710397e1a6cd0a8c9743e32914e8f5ff5d5f9c9
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
b3a4b4c5037c85f6b291e42ce898fa521b11a739fd857fa7dfbaa188393d522d
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04
ccd38d8104f6f128c3d076c2cd9185ac686a068fcd19aafe717ed20b268c16f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f50800a34ae38dfb90d9237a257a13381912643f2349a0469cc3c1880b137ba6
fbb5575d7f03d199670be5950950dc177ba417e8aa640194eee19290bb672245
fc880747775ec699d445e397191de8f86e12fd1e7e59432f974a2cda9c764c9a
ff59b1abffbfe6229326eadda1d12eea155290f80005c3c2a50f72d4400d05b1

mail.netflixsupportteam.ml Open in urlscan Pro 89.163.146.52 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

71 %HTTPS

83 %IPv6

5 Domains

7 Subdomains

6 IPs

4 Countries

493 kBTransfer

1344 kBSize

1 Cookies

5 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

mail.netflixsupportteam.ml Open in urlscan Pro
89.163.146.52 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

71 %
HTTPS

83 %
IPv6

5
Domains

7
Subdomains

6
IPs

4
Countries

493 kB
Transfer

1344 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!