netflix-es.com
Open in
urlscan Pro
176.119.1.187
Malicious Activity!
Public Scan
Effective URL: http://netflix-es.com/
Submission: On September 28 via api from JP — Scanned from ES
Summary
This is the only time netflix-es.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 176.119.1.187 176.119.1.187 | 58271 (GLP-AS) (GLP-AS) | |
15 | 2a00:86c0:209... 2a00:86c0:2091::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
1 | 2a02:2d8:0:28... 2a02:2d8:0:2811:232a::1 | 9002 (RETN-AS) (RETN-AS) | |
2 | 2a02:26f0:350... 2a02:26f0:3500:588::33c4 | () () | |
2 | 2a05:d018:76c... 2a05:d018:76c:b685:3b38:679d:2640:1ced | () () | |
26 | 6 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4992 |
1 MB |
3 |
netflix-es.com
netflix-es.com |
74 KB |
2 |
netflix.com
www.netflix.com ichnaea-web.netflix.com Failed |
1 KB |
2 |
nflximg.net
ae.nflximg.net |
4 KB |
1 |
nflxso.net
occ-0-4012-1489.1.nflxso.net |
263 KB |
26 | 5 |
Domain | Requested by | |
---|---|---|
15 | assets.nflxext.com |
netflix-es.com
assets.nflxext.com |
3 | netflix-es.com |
netflix-es.com
assets.nflxext.com |
2 | www.netflix.com |
ae.nflximg.net
|
2 | ae.nflximg.net |
assets.nflxext.com
ae.nflximg.net |
1 | occ-0-4012-1489.1.nflxso.net |
netflix-es.com
|
0 | ichnaea-web.netflix.com Failed |
ae.nflximg.net
|
26 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
media.netflix.com |
ir.netflix.com |
jobs.netflix.com |
fast.com |
www.netflix.com |
onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-13 - 2022-10-13 |
a month | crt.sh |
assets.nflxext.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-02-08 - 2023-03-11 |
a year | crt.sh |
www.netflix.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-14 - 2023-01-14 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
http://netflix-es.com/
Frame ID: 8E47AC8B75D0AEA25AD1296BB10B0BF9
Requests: 20 HTTP requests in this frame
Frame:
https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22UA%22%2C%22region_code%22%3A%2251%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3Anull%7D
Frame ID: 4B17C74996E633C2B60BBAE8EC620F0B
Requests: 2 HTTP requests in this frame
Frame:
https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22UA%22%2C%22region_code%22%3A%2251%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3Anull%7D
Frame ID: 6ED457389A05B2A9F096DAB2B6CD3569
Requests: 2 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: FAQ
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Media Center
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Corporate Information
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Speed Test
Search URL Search Domain Scan URL
Title: Legal Notices
Search URL Search Domain Scan URL
Title: Only on Netflix
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
netflix-es.com/ |
593 KB 73 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
netflix-es.com/personalization/cl2/freeform/ |
0 533 B |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error-page.b4d75d715f60a9ee1887.css
assets.nflxext.com/web/ffe/wp/less/core/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nmhp.27e3c572f95d99b00463.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ |
85 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
UA-en-20220919-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/45082c39-e6d5-4b02-8867-e38fe32ed3af/f8e95760-5180-48d2-a8e8-96a2fd7320aa/ |
315 KB 315 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AAAABfpnX3dbgjZ-Je8Ax3xn0kXehZm_5L6-xe6YSTq_ucht9TI5jwDMqusWZKNYT8DfGudD0_wWVVTFLiN2_kaQJumz2iivUWbIbAtF.png
occ-0-4012-1489.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ |
263 KB 263 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nmhpFrameworkClient.js.0db2bdec2f29429a431b.js
assets.nflxext.com/web/ffe/wp/signup/nmhp/ |
1 MB 370 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
47 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
260 KB 260 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
8 KB 8 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
232 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
netflix-es.com/personalization/ |
0 319 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adtech_iframe_target_05.html
ae.nflximg.net/monet/scripts/ Frame 4B17 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
log
www.netflix.com/ichnaea/ Frame 4B17 |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
log
www.netflix.com/ichnaea/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
netflix_tag_05.html
ae.nflximg.net/monet/scripts/ Frame 6ED4 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
ichnaea-web.netflix.com/ Frame 6ED4 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS |
log
ichnaea-web.netflix.com/ Frame |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
cl2
netflix-es.com/personalization/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ichnaea-web.netflix.com
- URL
- https://ichnaea-web.netflix.com/log
- Domain
- ichnaea-web.netflix.com
- URL
- https://ichnaea-web.netflix.com/log
- Domain
- netflix-es.com
- URL
- http://netflix-es.com/personalization/cl2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| netflix function| setCookie function| updateEmail function| updateEmail_f function| Reg string| __public_path__ object| webpackChunkshakti function| _ object| util2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
netflix-es.com/ | Name: memclid Value: caaf5ce6-f449-4cb4-8615-8592e56e6c34 |
|
netflix-es.com/ | Name: nfvdid Value: BQFmAAEBEFEXLibPuJC2xGsfBStPCeVAV9U5ZBidrwCTC1BjC4uhod%2BwpmWSU7COaGQEzSOFE0WLxolTqsItRMqzeZ4hXo5%2BVj0TfTa3TBYKYLfxGjAhsA%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ae.nflximg.net
assets.nflxext.com
ichnaea-web.netflix.com
netflix-es.com
occ-0-4012-1489.1.nflxso.net
www.netflix.com
ichnaea-web.netflix.com
netflix-es.com
176.119.1.187
2a00:86c0:2091::1
2a02:26f0:3500:588::33c4
2a02:2d8:0:2811:232a::1
2a05:d018:76c:b685:3b38:679d:2640:1ced
1539d357b1c2f6d1e95d9f3c568c0f694e9040bcee32f87f3ffa24f18d4b865d
2111a5f2a5ebaff7b64a555cb2a4ca5c8567f8b2e852757a10095f51f7d678dd
33453d6e2431ccd0b867d3b7ac3da2b6012f1b232a6d01e8bc66bb49c04dae5a
33d53d7224d624b4b77486af5abadc0c2c7f9f9017988412d951a7c6d0c427d7
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
50803a486b17eb4696683745a65ccbaa85392cb97c4f773ddee4dda8d694a42e
651968e01124d6ec54e4581804a57242f98f7d2a9d14df29945e40985501da49
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
b490125e66c0abf6b6c355154519de9cd79aad11b581a0b7c8cebe8a6c6e06ae
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c50d81f310847f9dd5c054871180b211c7f4a9eccbb42ee95f9574880b56ef73
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e2b59ea2f7cc6b4674c300296984711cd167c3eb7fb31f94dba7f97c06eb84d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855