urlscan.io logo urlscan.io
SecurityTrails logo

empresaa.net Open in urlscan Pro
69.49.115.40  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://empresaa.net/
Effective URL: http://empresaa.net/br/index.html
Submission: On March 28 via api from BR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 24 HTTP transactions. The main IP is 69.49.115.40, located in United States and belongs to INFB2-AS, US. The main domain is empresaa.net.
This is the only time empresaa.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
8 69.49.115.40 30447 (INFB2-AS)
5 2a00:86c0:209... 40027 (NETFLIX-ASN)
7 2a00:86c0:209... 40027 (NETFLIX-ASN)
1 2 74.50.51.79 36024 (AS-TIERP-...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 2a01:578:3::3... 16509 (AMAZON-02)
24 6
8    69.49.115.40 (United States)

ASN30447 (INFB2-AS, US)
PTR: hostedc76.carrierzone.com
empresaa.net
5    2a00:86c0:2090::1 (United Kingdom)

ASN40027 (NETFLIX-ASN, US)
codex.nflxext.com
7    2a00:86c0:2091::1 (United Kingdom)

ASN40027 (NETFLIX-ASN, US)
assets.nflxext.com
2    74.50.51.79 (United States)

ASN36024 (AS-TIERP-36024, US)
ethn.io
1    2a02:26f0:1700:19a::33c4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
adtech.nflximg.net
2    2a01:578:3::3410:e72b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
www.netflix.com
Domain Requested by
8 empresaa.net empresaa.net
codex.nflxext.com
7 assets.nflxext.com empresaa.net
5 codex.nflxext.com empresaa.net
2 www.netflix.com codex.nflxext.com
2 ethn.io 1 redirects
1 adtech.nflximg.net codex.nflxext.com
24 6

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
media.netflix.com
ir.netflix.com
jobs.netflix.com
fast.com
Subject Issuer Validity Valid
*.1.nflxso.net
DigiCert SHA2 Secure Server CA		 2020-03-12 -
2020-04-16		 a month crt.sh
*.ethn.io
Let's Encrypt Authority X3		 2020-03-26 -
2020-06-24		 3 months crt.sh
assets.nflxext.com
DigiCert SHA2 Secure Server CA		 2020-02-19 -
2022-02-19		 2 years crt.sh
www.netflix.com
DigiCert SHA2 Secure Server CA		 2020-01-13 -
2022-01-13		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://empresaa.net/br/index.html
Frame ID: BA34FEE53FB041569BDF2221DC9C1577
Requests: 23 HTTP requests in this frame

Frame: https://adtech.nflximg.net/adtech_iframe_target_03.html?data=%7B%22is_member%22%3A%22anonymous%22%2C%22membership_status%22%3A%22NON_REGISTERED_MEMBER%22%2C%22session%22%3A%22n%2Fa%22%2C%22country%22%3A%22BR%22%2C%22referrer%22%3A%22nmLanding%22%2C%22source%22%3A%22%22%2C%22fbaId%22%3A%22c3366e14-4b5b-4e47-8582-949c9b998b68%22%7D
Frame ID: A0C447E25878ADE61A475F2005B2E4B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://empresaa.net/ Page URL
  2. http://empresaa.net/br/index.html Page URL

Page Statistics

24
Requests

67 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

1543 kB
Transfer

2675 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://empresaa.net/ Page URL
  2. http://empresaa.net/br/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • http://ethn.io/mob/12798.js?guid=4FHMV2M6YZA45CG3ROCJIWQBU4 HTTP 301
  • https://ethn.io/mob/12798.js?guid=4FHMV2M6YZA45CG3ROCJIWQBU4

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
empresaa.net/ 		71 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
http://empresaa.net/
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash

Request headers

Host
empresaa.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:36 GMT
Content-Type
text/html
Content-Length
71
Connection
keep-alive
Vary
X-Forwarded-Host
Last-Modified
Sat, 28 Mar 2020 04:04:00 GMT
Accept-Ranges
bytes
Set-Cookie
TS0194eee0=013c871b0687c5431c6b45f4b7180468e77b5becb1f1b57f89e2ccc3c750cd6fe8211a24c843456ffd589fa3d62e48a268fbe79b31; Path=/
Primary Request index.html
empresaa.net/br/ 		75 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://empresaa.net/br/index.html
Requested by
Host: empresaa.net
URL: http://empresaa.net/
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash
a8cf73e0efa7c2ecbe6dcf6c97c5c196f8aa5628d1d8045e1ebaccad882490f8

Request headers

Host
empresaa.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://empresaa.net/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
TS0194eee0=013c871b0687c5431c6b45f4b7180468e77b5becb1f1b57f89e2ccc3c750cd6fe8211a24c843456ffd589fa3d62e48a268fbe79b31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://empresaa.net/

Response headers

Date
Sat, 28 Mar 2020 13:18:36 GMT
Content-Type
text/html
Connection
keep-alive
Vary
X-Forwarded-Host
Last-Modified
Sat, 28 Mar 2020 04:04:13 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/bootstrap.js,common%7Cbootstrap.js/1/7523/bck/true/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/bootstrap.js,common%7Cbootstrap.js/1/7523/bck/true/none
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
afa3b430ee8a6246aedd184f8985cdc3a7f7875916069aa239529145612ca6ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 28 Mar 2020 13:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
898e094f-fad2-489b-ba67-7a588d38ac45
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Wed, 30 Sep 2020 13:18:36 GMT
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/signup%7Chome%7Clite%7Cclient.js/1/7523/l/true/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/signup%7Chome%7Clite%7Cclient.js/1/7523/l/true/none
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f0a3177373d0c8fa03b36aa0703dccf226b92f49966931e89078d28be42d8e27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 28 Mar 2020 13:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
2f7ef3bf-3a46-4fcb-9240-cbedcb2e71cd
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Wed, 30 Sep 2020 13:18:36 GMT
WebsiteDetect
empresaa.net/ichnaea/cl2/freeform/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://empresaa.net/ichnaea/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-2c7537e4/css/css/less%7Cpages%7Chome%7Cconcord.less/2/0A0O050I0a0x0H0S0V0P0J0T0N0U0Z/none/true/ 		113 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-2c7537e4/css/css/less%7Cpages%7Chome%7Cconcord.less/2/0A0O050I0a0x0H0S0V0P0J0T0N0U0Z/none/true/none
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bfdb2a632303a57a5a1584695d14b221b331a72330ae481f4f99e1fb06be7642
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Sat, 28 Mar 2020 13:18:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
175d7ebb-e007-45b1-b385-e87aef1aba12
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
18010
Expires
Wed, 30 Sep 2020 08:17:51 GMT
WebsiteDetect
empresaa.net/ichnaea/cl2/freeform/ 		21 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://empresaa.net/ichnaea/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=nmLanding
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
WebsiteScreen
empresaa.net/ichnaea/cl2/freeform/ 		21 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://empresaa.net/ichnaea/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:40 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
BR-pt-20180625-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/93fa7994-c6b3-499f-9b3d-33f43756bff6/d821aaba-b7f2-42cf-abc0-7830d41448e3/ 		332 KB
332 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/vlv3/93fa7994-c6b3-499f-9b3d-33f43756bff6/d821aaba-b7f2-42cf-abc0-7830d41448e3/BR-pt-20180625-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
bd57513511b15cd1cec2f0cd1665cce454075d77ed000e3e598ed84a22720f14

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Wed, 27 Jun 2018 13:03:11 GMT
Server
nginx
Content-MD5
17fJvPfShgdlcI/jNxYgdA==
Content-Type
image/jpeg
Cache-Control
public, max-age=1579283
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
339504
Expires
Wed, 15 Apr 2020 20:00:00 GMT
asset_cancelanytime_withdevice.png
assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/asset_cancelanytime_withdevice.png
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d0a1d3ab0e60382d7cd4c92eea1d6381b9b71b5c403a95877d67fff18ac6779d

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Wed, 07 Dec 2016 21:25:37 GMT
Server
nginx
Content-MD5
+rJbw3hnB2ahDh7DdxKUXg==
Content-Type
image/png
Cache-Control
public, max-age=6619870
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173496
Expires
Wed, 15 Apr 2020 20:00:00 GMT
asset_TV_UI.png
assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/asset_TV_UI.png
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
103646e75938c72c1e14b79899b6a6ae8050f255a35fefadae283e55b2b48127

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Thu, 06 Aug 2015 17:39:00 GMT
Server
nginx
Content-MD5
n5EgO3w3SlkN1yfDI9W23A==
Content-Type
image/png
Cache-Control
public, max-age=6617679
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
247810
Expires
Wed, 15 Apr 2020 20:00:00 GMT
asset_mobile_tablet_UI_2.png
assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/asset_mobile_tablet_UI_2.png
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
55bc0f00df3c8622dc3ea9146aadf47791ea0730f1a98f452f4843366bc894b9

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Fri, 02 Dec 2016 17:50:02 GMT
Server
nginx
Content-MD5
3JhtgZwFPethgKNDIK8piA==
Content-Type
image/png
Cache-Control
public, max-age=2496777
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122232
Expires
Wed, 15 Apr 2020 20:00:00 GMT
asset_website_UI.png
assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/ 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/home/thisIsNetflix/modules/asset_website_UI.png
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fcb40d090bcfa2ef6b71c945cc84cb6c339b8b5b053df9e7d759961257dd9b8d

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Thu, 06 Aug 2015 17:39:00 GMT
Server
nginx
Content-MD5
ZsfB+1txst6v+Sm7zTus9w==
Content-Type
image/png
Cache-Control
public, max-age=5071458
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
174061
Expires
Wed, 15 Apr 2020 20:00:00 GMT
chevron-right-whitespace.png
assets.nflxext.com/ffe/siteui/acquisition/home/ 		216 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/acquisition/home/chevron-right-whitespace.png
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f91f9b912721d13e879269b58530a681c52ad1c33efc31903e61bf1e94f14ff1

Request headers

Referer
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-2c7537e4/css/css/less%7Cpages%7Chome%7Cconcord.less/2/0A0O050I0a0x0H0S0V0P0J0T0N0U0Z/none/true/none
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Thu, 31 May 2018 20:03:34 GMT
Server
nginx
Content-MD5
035eX9jZ41XxFze/yDsCbA==
Content-Type
image/png
Cache-Control
public, max-age=6621189
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
216
Expires
Wed, 15 Apr 2020 20:00:00 GMT
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-2c7537e4/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/gy0ogqg3g14Bg50B0t4vgagx0s0P01gzg94Jgcg60ygogl4Fgbf-ge4H4G0ngt/l/true/ 		1 MB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-2c7537e4/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/gy0ogqg3g14Bg50B0t4vgagx0s0P01gzg94Jgcg60ygogl4Fgbf-ge4H4G0ngt/l/true/none
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ecc5ddfc71b0a01cb154f09f311357345c222f164cc343820b313a6df591c618
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://empresaa.net/br/index.html
Origin
http://empresaa.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
cb4d9920-ce03-4b9a-ad0e-05c3e01e5965
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Wed, 30 Sep 2020 13:18:37 GMT
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-2c7537e4/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0A0O050I0a0x0H0S0V0P0J0T0N0U0Z/none/true/ 		151 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-2c7537e4/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0A0O050I0a0x0H0S0V0P0J0T0N0U0Z/none/true/none
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e6b5322a4cc35b9ade1c0fd7f888a335dddaa5cf9fb702108b35a3e14156f769
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://empresaa.net/br/index.html
Origin
http://empresaa.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16070400
req_id
1bcb2ca8-598d-4158-9ac5-4e9e66687b66
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Wed, 30 Sep 2020 13:18:37 GMT
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer
https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-2c7537e4/css/css/less%7Cpages%7Chome%7Cconcord.less/2/0A0O050I0a0x0H0S0V0P0J0T0N0U0Z/none/true/none
Origin
http://empresaa.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=13767383
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73572
Expires
Wed, 15 Apr 2020 20:00:00 GMT
DebugEvent
empresaa.net/ichnaea/cl2/freeform/ 		21 B
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://empresaa.net/ichnaea/cl2/freeform/DebugEvent?source=www&action=cssSimplicityPrefetch&statusCode=200&startTime=1585401517184&endTime=1585401517329
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
DebugEvent
empresaa.net/ichnaea/cl2/freeform/ 		21 B
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://empresaa.net/ichnaea/cl2/freeform/DebugEvent?source=www&action=jsSimplicityPrefetch&statusCode=200&startTime=1585401517184&endTime=1585401517523
Requested by
Host: empresaa.net
URL: http://empresaa.net/br/index.html
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
12798.js
ethn.io/mob/
Redirect Chain
  • http://ethn.io/mob/12798.js?guid=4FHMV2M6YZA45CG3ROCJIWQBU4
  • https://ethn.io/mob/12798.js?guid=4FHMV2M6YZA45CG3ROCJIWQBU4
0
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ethn.io/mob/12798.js?guid=4FHMV2M6YZA45CG3ROCJIWQBU4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.50.51.79 , United States, ASN36024 (AS-TIERP-36024, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security max-age=0;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Runtime
0.002965
Date
Sat, 28 Mar 2020 13:18:38 GMT
Content-Encoding
gzip
Referrer-Policy
same-origin
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/javascript
Cache-Control
no-cache
Feature-Policy
camera 'none'; geolocation 'none', microphone *
Content-Security-Policy
default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security
max-age=0;
Vary
Accept-Encoding
X-Request-Id
deb96412-9e5b-4bfc-bc1e-15d60629aa01

Redirect headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Referrer-Policy
same-origin
Server
nginx
Strict-Transport-Security
max-age=0;
Content-Type
text/html
Location
https://ethn.io/mob/12798.js?guid=4FHMV2M6YZA45CG3ROCJIWQBU4
Feature-Policy
camera 'none'; geolocation 'none', microphone *
Content-Security-Policy
default-src 'self' https: wss:; font-src 'self' https: data:; img-src 'self' https: data:; object-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' https: ; style-src 'self' https: 'unsafe-inline'
Connection
keep-alive
Content-Length
178
WebsiteTTI
empresaa.net/ichnaea/cl2/freeform/ 		21 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://empresaa.net/ichnaea/cl2/freeform/WebsiteTTI?source=www&timeToInteractive=496&firstByte=136&wire=326&domReady=496&docLoad=950&shakti=462&previousPage=1&navigateTTI=497
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/signup%7Chome%7Clite%7Cclient.js/1/7523/l/true/none
Protocol
HTTP/1.1
Server
69.49.115.40 , United States, ASN30447 (INFB2-AS, US),
Reverse DNS
hostedc76.carrierzone.com
Software
/
Resource Hash
d6a6e3533a3a8f1ca99259152a54a7ace6f0f0f6a8ba53e0a5443f05ce55d47a

Request headers

Referer
http://empresaa.net/br/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 28 Mar 2020 13:18:37 GMT
Connection
keep-alive
Content-Length
21
Content-Type
text/html; charset=iso-8859-1
adtech_iframe_target_03.html
adtech.nflximg.net/ Frame A0C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://adtech.nflximg.net/adtech_iframe_target_03.html?data=%7B%22is_member%22%3A%22anonymous%22%2C%22membership_status%22%3A%22NON_REGISTERED_MEMBER%22%2C%22session%22%3A%22n%2Fa%22%2C%22country%22%3A%22BR%22%2C%22referrer%22%3A%22nmLanding%22%2C%22source%22%3A%22%22%2C%22fbaId%22%3A%22c3366e14-4b5b-4e47-8582-949c9b998b68%22%7D
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/signup%7Chome%7Clite%7Cclient.js/1/7523/l/true/none
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:19a::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Host
adtech.nflximg.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://empresaa.net/br/index.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://empresaa.net/br/index.html

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"15ea117e697201fb35e5598e829da564:1473219202"
Last-Modified
Wed, 07 Sep 2016 03:33:19 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 28 Mar 2020 13:18:37 GMT
Content-Length
1403
Connection
keep-alive
cl2
www.netflix.com/ichnaea/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.netflix.com/ichnaea/cl2
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-nmhp-js-2c7537e4/js/js/signup%7Chome%7Clite%7Cclient.js/1/7523/l/true/none
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::3410:e72b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
clingest-secure i-06f2ab43ca5b4569e /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Access-Control-Request-Method
POST
Origin
http://empresaa.net
Referer
http://empresaa.net/br/index.html
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Sat, 28 Mar 2020 13:18:38 GMT
Via
1.1 i-05f787dc316298cc6 (eu-west-1)
X-Content-Type-Options
nosniff
X-Netflix_proxy_execution-time
27
Connection
keep-alive
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length
0
X-Xss-Protection
1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
Allow
GET, POST, OPTIONS
Server
clingest-secure i-06f2ab43ca5b4569e
X-Netflix_nfstatus
1_1
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Originating-URL
https://www.netflix.com/ichnaea/cl2
Access-Control-Allow-Origin
http://empresaa.net
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest
cl2
www.netflix.com/ichnaea/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.netflix.com/ichnaea/cl2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::3410:e72b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
clingest-secure i-0757f7e9cd5fee1f9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://empresaa.net/br/index.html
Origin
http://empresaa.net
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Sat, 28 Mar 2020 13:18:38 GMT
Via
1.1 i-0070fe4c4b6bc3483 (eu-west-1)
X-Content-Type-Options
nosniff
X-Netflix_proxy_execution-time
5
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Allow
GET, POST, OPTIONS
Server
clingest-secure i-0757f7e9cd5fee1f9
X-Frame-Options
DENY
X-Netflix_nfstatus
1_1
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Originating-URL
https://www.netflix.com/ichnaea/cl2
Access-Control-Allow-Origin
http://empresaa.net
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
X-Ichnaea
~0=true~RL=0
Access-Control-Allow-Headers
Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest
Expires
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| netflix object| Codex object| C object| global object| process object| __core-js_shared__

1 Cookies

Domain/Path Name / Value
empresaa.net/ Name: TS0194eee0
Value: 013c871b0687c5431c6b45f4b7180468e77b5becb1f1b57f89e2ccc3c750cd6fe8211a24c843456ffd589fa3d62e48a268fbe79b31