www.maine-coon.net.pl
Open in
urlscan Pro
85.128.223.121
Malicious Activity!
Public Scan
Effective URL: http://www.maine-coon.net.pl/nnet/a/users/userID-18647/login/index.php?DE-EN
Submission: On July 02 via manual from US
Summary
This is the only time www.maine-coon.net.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 2a0a:7d80:1:9... 2a0a:7d80:1:9::99:27b | 6697 (BELPAK-AS...) (BELPAK-AS BELPAK) | |
4 8 | 85.128.223.121 85.128.223.121 | 15967 (NAZWA) (NAZWA) | |
1 | 2400:cb00:204... 2400:cb00:2048:1::6813:c597 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
3 | 2a02:26f0:6c0... 2a02:26f0:6c00:286::33c4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
9 | 4 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
maine-coon.net.pl
4 redirects
www.maine-coon.net.pl |
24 KB |
3 |
nflxext.com
assets.nflxext.com |
155 KB |
2 |
sopr.by
1 redirects
sopr.by |
669 B |
1 |
cloudflare.com
cdnjs.cloudflare.com |
78 KB |
9 | 4 |
Domain | Requested by | |
---|---|---|
8 | www.maine-coon.net.pl |
4 redirects
www.maine-coon.net.pl
|
3 | assets.nflxext.com |
www.maine-coon.net.pl
|
2 | sopr.by | 1 redirects |
1 | cdnjs.cloudflare.com |
www.maine-coon.net.pl
|
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://www.maine-coon.net.pl/nnet/a/users/userID-18647/login/index.php?DE-EN
Frame ID: DCCE1F13AF65BF8AFAAF16CE99B07400
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://sopr.by/net
HTTP 301
http://sopr.by/net/ Page URL
-
http://www.maine-coon.net.pl/nnet/a
HTTP 301
http://www.maine-coon.net.pl/nnet/a/ HTTP 302
http://www.maine-coon.net.pl/nnet/a/users/userID-18647 HTTP 301
http://www.maine-coon.net.pl/nnet/a/users/userID-18647/ HTTP 302
http://www.maine-coon.net.pl/nnet/a/users/userID-18647/login/index.php?DE-EN Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sopr.by/net
HTTP 301
http://sopr.by/net/ Page URL
-
http://www.maine-coon.net.pl/nnet/a
HTTP 301
http://www.maine-coon.net.pl/nnet/a/ HTTP 302
http://www.maine-coon.net.pl/nnet/a/users/userID-18647 HTTP 301
http://www.maine-coon.net.pl/nnet/a/users/userID-18647/ HTTP 302
http://www.maine-coon.net.pl/nnet/a/users/userID-18647/login/index.php?DE-EN Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://sopr.by/net HTTP 301
- http://sopr.by/net/
- http://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.js HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.js
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
sopr.by/net/ Redirect Chain
|
148 B 383 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.php
www.maine-coon.net.pl/nnet/a/users/userID-18647/login/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none.css
www.maine-coon.net.pl/nnet/a/users/userID-18647/css/ |
101 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ Redirect Chain
|
258 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.maine-coon.net.pl/nnet/a/users/userID-18647/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fb.png
www.maine-coon.net.pl/nnet/a/users/userID-18647/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
login-the-crown_2-1500x1000.jpg
assets.nflxext.com/ffe/siteui/acquisition/login/ |
84 KB 85 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
site-spinner-240.png
assets.nflxext.com/ffe/siteui/common/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
nf-icon-v1-88.woff
assets.nflxext.com/ffe/siteui/fonts/ |
69 KB 69 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.maine-coon.net.pl/ | Name: PHPSESSID Value: fmbsh59oaagf23hbc92814khp2 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
cdnjs.cloudflare.com
sopr.by
www.maine-coon.net.pl
2400:cb00:2048:1::6813:c597
2a02:26f0:6c00:286::33c4
2a0a:7d80:1:9::99:27b
85.128.223.121
075cbb4dbb8720d4c68dc18635cd630a12e98840a6151a0a62c08872aed2bde5
1a06577e00a615695831554b7694dbd842b5d2ba3b3fffc1b6388bb497ace6ef
208994e7418599fbe8296b8b5c8a69736b69e6915aacb9ce8077bb52ce752d11
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
79f7f98037b16826d39735c31e3198a1e43a813ba52e90203ea6efe22b4e0a1c
b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9
ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04