br1010.teste.website
Open in
urlscan Pro
162.241.203.132
Malicious Activity!
Public Scan
Submission: On May 24 via automatic, source openphish
Summary
This is the only time br1010.teste.website was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online) Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 162.241.203.132 162.241.203.132 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
13 | 2a02:26f0:6c0... 2a02:26f0:6c00:286::33c4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
18 | 2 |
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: br1010.hostgator.com.br
br1010.teste.website |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
nflxext.com
assets.nflxext.com |
82 KB |
5 |
teste.website
br1010.teste.website |
78 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
13 | assets.nflxext.com |
br1010.teste.website
|
5 | br1010.teste.website |
br1010.teste.website
|
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
assets.nflxext.com DigiCert SHA2 Secure Server CA |
2018-03-09 - 2020-03-09 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://br1010.teste.website/~sounig13/b5j3k6f4j4h/session.html
Frame ID: 2AD5DE58FF637C70538E1DBDF41320E6
Requests: 18 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Termos de uso
Search URL Search Domain Scan URL
Title: Privacidade
Search URL Search Domain Scan URL
Title: Preferências de cookies
Search URL Search Domain Scan URL
Title: Informações corporativas
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
session.html
br1010.teste.website/~sounig13/b5j3k6f4j4h/ |
35 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylo.css
br1010.teste.website/~sounig13/b5j3k6f4j4h/ |
102 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
question_mark.png
br1010.teste.website/~sounig13/b5j3k6f4j4h/ |
564 B 831 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FPPfZux.png
br1010.teste.website/~sounig13/b5j3k6f4j4h/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
br1010.teste.website/~sounig13/b5j3k6f4j4h/ |
85 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carrot_sprite_16x33.png
assets.nflxext.com/en_us/layout/ecweb/common/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12_11_2014_icon_visa_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10_18_2014_icon_master_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
10_18_2014_icon_amex_37x25.png
assets.nflxext.com/ffe/siteui/acquisition/payment/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
elo.png
assets.nflxext.com/en_us/layout/ecweb/payment/icons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_BR_bancodobrasil.png
assets.nflxext.com/ffe/siteui/acquisition/payment/mop_icons_global/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_BR_bradesco_min.png
assets.nflxext.com/ffe/siteui/acquisition/payment/mop_icons_global/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
itau.png
assets.nflxext.com/en_us/layout/ecweb/payment/icons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
santander_wtext.png
assets.nflxext.com/us/layout/ecweb/payment/icons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_BR_bradescol.png
assets.nflxext.com/ffe/siteui/acquisition/payment/mop_icons_global/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_BR_santander.png
assets.nflxext.com/ffe/siteui/acquisition/payment/mop_icons_global/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_BR_caixa.png
assets.nflxext.com/ffe/siteui/acquisition/payment/mop_icons_global/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nf-icon-v1-86.woff
assets.nflxext.com/ffe/siteui/fonts/ |
57 KB 57 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online) Generic (Online)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery boolean| boolopen1 boolean| boolopen2 boolean| boolopen3 function| Central function| Arrow1 function| Arrow2 function| Arrow3 function| validateCardNumber function| vercpf function| validarCpf function| luhnCheck function| formatar function| somenteNumeros function| checkdados0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
br1010.teste.website
162.241.203.132
2a02:26f0:6c00:286::33c4
2022103156fb67aac11be83d6e6dec17277f37f5d18ceac9002b3a833216e57d
58e89404473a1d966754115fc8bda906b32e52b77e59ce25f37ab11a016a69e1
5f29226e8eb30b6abc5411bebf15bc0e354fe2a1633b2d8d06665e4f561a3749
6ece9412b58a131bbb0ce73029ef36ea72ff1c02a52ba4ac0d3d1c935428ccce
70964a39bdf853ba9cf9a793787cb9b0fb4ecb24264ba45d833e5def5706b859
7334c16dc04df9eef7152086d519c011301cdbf891aacff4dd28db3d09d32e42
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ecdaac15d3a735629ac94ec194ea046e3387e8fb5315e043b093725bf21591a
973576ba6483c6c75d1d55339c1cac5d742abef700ede0903341ab222a2ee7c2
a47661d7ad003fe7df9ac30d1ce3b984dd9186b676f77b41e0d53f2f4ce4ac8b
c58f7fa76b1c75c769ed1097053fee521fa60d296515a336421e8e4beae76121
c813c08ecff33d9ba5903bb105bb68ada40e7147ccc624caa5e0bbeffb76eba5
ca4bab10768d5a8cff7c84dab4bf9fbb7cbaac472a83d44bbaab7486eaab4b09
ca624ad59b666d986f4afb39c166f2a82dad5ce0bbcc20156273150d42c90c7f
d1287ab5ae2cc0db35c7993de32d1268088457712a64d299cea30d6d72ea157c
d27e15b875885e587343fe782c51a6cb34c5d31af5379402537d2bce05535ae5
ddc7fbe300e1da36132970a3c4c165e43cd1262fe7d1b6889f9fba359d6f8b98
df59281cf5f34b824f568e1f48cb9afd99b7db3de1054e26c40196dffd4010b7