Trust report
netflix.com
84/100 — likely safe. Most trust signals check out. Verify unfamiliar businesses before big purchases.
Verdict driven by: no privacy policy found; no terms of service found; no contact page found — worth extra caution before trusting.
Top scam signals
- No privacy policy foundLegally required in most jurisdictions. Its absence is a real red flag.
- No terms of service foundReputable sites usually publish a terms of service.
- No contact page foundReputable sites usually publish a contact page.
SL Trust Core
84
likely safe
Category breakdown
Identity & Age70/100
1 signal · weight 22
Impersonation Risk100/100
2 signals · weight 22
Red Flags100/100
1 signal · weight 18
Transparency51/100
9 signals · weight 14
Security93/100
8 signals · weight 8
Email100/100
3 signals · weight 4
Infrastructure100/100
5 signals · weight 4
Content87/100
3 signals · weight 3
Performance36/100
2 signals · weight 3
Technical Health100/100
2 signals · weight 2
Positive signals
- Site responded with 200
- HTTPS is enforced
- Served through Cloudflare
- 6 address record(s) resolved
- IPv6 (AAAA) available
- 4 authoritative nameservers
Warnings
- Missing Content Security Policy
- No privacy policy found
- No terms of service found
- No contact page found
- Large response served uncompressed
- Heavy HTML payload (3141.4 KB)
Critical
None detected.
Recommendations
Top 5 things to fix
- high · transparencyPublish a Privacy Policy
A linked privacy policy is legally required in most jurisdictions and is one of the strongest transparency signals.
- medium · securityPublish a Content Security Policy
A minimal CSP dramatically reduces the impact of XSS. Start with default-src 'self' and iterate.
- medium · transparencyPublish Terms of Service
Reputable commercial sites publish clear terms so users know their rights.
- medium · transparencyAdd a contact page
List an email, form, or physical address. Sites without contact info are trusted less by users and search engines.
- low · contentAdd a meta description
A 120–160 character description improves click-through from search.
- Root label
- netflix
- TLD
- .com
- Uses punycode (xn--)
- no
- Mixed-script (homoglyph)
- no
- Brand match
- netflix (this IS the real brand's domain)
- Typosquat check
- no typosquat pattern
- Phishing suffix tokens
- none
netflix is the real brand's registered domain
The root label matches the brand exactly — this IS the brand's own domain.
+10
No impersonation patterns detected
Domain doesn't look like a typosquat, doesn't embed a well-known brand, and uses ASCII characters.
+8
- Payment red flags
- none detected
- Urgency / pressure language
- none detected
- Disposable-domain combo
- no
- Page text length scanned
- 184,881 chars
No scam-correlated language found on the home page
No crypto-only / gift-card / wire-only payment demands, and no obvious urgency tactics.
+6
RDAP returned 403
- Final URL
- https://www.netflix.com/
- Status
- 200
- Response time
- 1469ms
- Server
- cloudflare
- CDN
- Cloudflare
- Content-Type
- text/html; charset=utf-8
- Body size
- 3141.4 KB
- Redirects
- 1
Redirect chain
- 301 → https://www.netflix.com/
Site responded with 200
Final URL: https://www.netflix.com/. Response time 1469ms.
+8
HTTPS is enforced
All redirects stayed on HTTPS. Traffic is encrypted end-to-end.
+10
Served through Cloudflare
Sites behind a major CDN benefit from DDoS protection and edge caching.
+4
- A
- 3.225.92.8, 54.160.93.182, 3.211.157.115
- AAAA
- 2600:1f18:631e:2f84:4f7a:4092:e2e9:c617, 2600:1f18:631e:2f85:93a9:f7b0:d18:89a7, 2600:1f18:631e:2f83:49ee:beaa:2dfd:ae8f
- MX
- 1 aspmx.l.google.com, 5 alt1.aspmx.l.google.com, 5 alt2.aspmx.l.google.com, 10 aspmx2.googlemail.com, 10 aspmx3.googlemail.com
- NS
- ns-1372.awsdns-43.org, ns-1984.awsdns-56.co.uk, ns-659.awsdns-18.net, ns-81.awsdns-10.com
- TXT count
- 46
6 address record(s) resolved
+4
IPv6 (AAAA) available
Modern dual-stack setup.
+2
4 authoritative nameservers
+2
crt.sh returned 502
HSTSX-Frame-OptionsX-Content-Type-Optionsmissing: Content Security Policymissing: Referrer Policymissing: Permissions Policy
HSTS is set
Tells browsers to only use HTTPS for this domain.
+6
Missing Content Security Policy
Restricts which scripts and resources the page can load.
-4
X-Frame-Options is set
Prevents clickjacking by disallowing framing.
+3
X-Content-Type-Options is set
Blocks MIME-sniffing browser attacks.
+2
Missing Referrer Policy
Controls what referrer information is sent with requests.
-2
Missing Permissions Policy
Restricts access to powerful browser features (camera, mic, etc.).
-2
- SPF
- v=spf1 include:_spf_ipv4.netflix.com include:_spf.google.com include:amazonses.com include:servers.mcsv.net include:_spf.salesforce.com include:_spf.createsend.com -all
- DMARC
- v=DMARC1; p=reject; fo=1; rua=mailto:netflix@rua.netcraft.com,mailto:dmarcreports@netflix.com,mailto:dmarc_agg@dmarc.250ok.net;ruf=mailto:netflix@ruf.netcraft.com,mailto:dmarcreports@netflix.com,mailto:dmarc_fr@dmarc.250ok.net
- DMARC policy
- reject
- DKIM selectors found
SPF record published
+5
DMARC published (reject)
+6
DKIM configured (google)
+3
Google Analytics· analyticsCloudflare· cdn
- Title
- Netflix - Watch TV Shows Online, Watch Movies Online
- Description
- —
- Language
- en
- Charset
- UTF-8
2 technologies detected
Google Analytics, Cloudflare
Mobile viewport configured
+2
Missing meta description
-2
privacynot found
termsnot found
contactnot found
aboutnot found
refundnot found
shippingnot found
cookiesnot found
Socials
- Contact emails
- inexorabletash@gmail.com
- Phone numbers
- 2018-11-26, 2025-06-06, 2026-05-14, 363590051, 2011-02-01, 0123456789
No pages linked.
No privacy policy found
Legally required in most jurisdictions. Its absence is a real red flag.
-4
No terms of service found
Reputable sites usually publish a terms of service.
-4
No contact page found
Reputable sites usually publish a contact page.
-4
No about page found
Reputable sites usually publish a about page.
-3
No refund/return policy found
Reputable sites usually publish a refund/return policy.
-3
No cookie policy found
Reputable sites usually publish a cookie policy.
-2
1 social profile(s) linked
github
+3
Contact email published
+2
Phone number published
+2
Diagnostics
Scan performance
engine 5.1.0 · report v5
Total scan time
3519 ms
Cache
Miss
Final response
1469 ms
Redirects
1
Plugins executed
18
Plugins failed
5
Signal confidence
72%
Per-plugin timings
phishstatsfailed · 3500 ms
http1469 ms
sitemap960 ms
robots855 ms
urlhausfailed · 132 ms
sslfailed · 101 ms
email-security19 ms
dns8 ms
rdapfailed · 3 ms
reputation0 ms
impersonation0 ms
safe-browsingfailed · 0 ms
security-headers0 ms
tech0 ms
content0 ms
redirects0 ms
performance0 ms
red-flags0 ms