update-billing-netflix.shekinahglory.co.zw
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of update-billing-netflix.shekinahglory.co.zw
The scanned host uses the subdomain update-billing-netflix.shekinahglory.co.zw, which strongly suggests a page themed around account billing or payment updates for Netflix. However, the visible page metadata and screenshot appear to show SNRT, a broadcasting and television website in French, with navigation for live, replay, news, and channel programming. This mismatch between the subdomain wording and the displayed content may indicate that the host content is inconsistent, repurposed, or serving different material under the same domain structure.
Based on the domain pattern, this does not appear to be an official Netflix-owned domain. Instead, it appears to be a third-party subdomain under shekinahglory.co.zw. The scan context also associates the host with phishing-related classifications from multiple web-classification providers, which is more consistent with credential-harvesting or payment-update lures than with a legitimate media or subscription-management service.
The presence of references to netflix.com, Facebook tracking resources, card-image assets, and an unrelated broadcaster page title suggests the site may be combining external branding or borrowed assets in a way that does not clearly match the registered domain identity. Based on available data, the website appears to be best understood as a suspicious web property that may be presenting misleading or inconsistent content rather than a straightforward official service portal.
Safety Assessment for update-billing-netflix.shekinahglory.co.zw
Multiple independent security signals indicate elevated risk at the time of this scan. The domain was flagged by 27 out of 91 security engines, and several web-classification sources categorized it as phishing or fraud-related. In addition, blacklist data showed listings in phishing-related databases, although some other sources remained clean. When a domain receives broad phishing-oriented detections across many engines, that generally increases confidence that the activity may involve credential theft, deceptive billing prompts, or other social-engineering behavior.
The domain name itself closely resembles a billing-related Netflix support or payment page, yet it is hosted under an unrelated third-party domain. That kind of naming pattern may be used to make a page look connected to a well-known brand when it is not. The screenshot and metadata also do not align cleanly with the subdomain name, which adds to the inconsistency. While one malware scan reported no flagged files and only generic heuristic labels on links and the domain, those cleaner file-level results do not outweigh the broader multi-engine phishing consensus.
Taken together, the combination of strong phishing classifications, blacklist listings, and a brand-referencing subdomain on an unrelated domain suggests a meaningful risk of deceptive activity. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The host presented a valid Let's Encrypt SSL certificate at the time of scanning, expiring on 2026-08-09, and was served over HTTPS from IP address 69.175.99.163 using Apache. Hosting appears to be provided through Internap Holding LLC in Norcross, United States. A valid certificate helps encrypt traffic in transit, but it does not by itself indicate legitimacy, since phishing pages also commonly use standard TLS certificates.
DNSSEC appears to be unsigned, so there is no DNSSEC-based validation visible in the provided data. The domain age shown for the parent domain is very old, but that should be interpreted cautiously here because the scanned host is a specific subdomain, and abuse can occur on long-registered domains through compromised hosting, delegated subdomains, or repurposed infrastructure. The main technical concern in this case is not TLS weakness but the mismatch between branding, hostname structure, and the phishing-oriented reputation signals.
Share your experience with this website. Was it safe? Did you encounter any issues?