![](/screenshots/b8abec98-ddac-4893-9c37-6cbdec468c93.png)
islandsforum.eu
Open in
urlscan Pro
2a06:98c1:3120::7
Malicious Activity!
Public Scan
Submission: On April 24 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time islandsforum.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 2a06:98c1:312... 2a06:98c1:3120::7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
10 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
islandsforum.eu
islandsforum.eu |
384 KB |
1 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4459 |
72 KB |
10 | 2 |
Domain | Requested by | |
---|---|---|
9 | islandsforum.eu |
islandsforum.eu
|
1 | assets.nflxext.com |
islandsforum.eu
|
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-16 - 2022-07-15 |
a year | crt.sh |
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-09 - 2022-05-15 |
a month | crt.sh |
This page contains 1 frames:
Primary Page:
https://islandsforum.eu/-/nf/net/
Frame ID: 49607AF07D9EE945148C820E024A7327
Requests: 10 HTTP requests in this frame
Screenshot
![](/screenshots/b8abec98-ddac-4893-9c37-6cbdec468c93.png)
Page Title
NetflixDetected technologies
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
islandsforum.eu/-/nf/net/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none.css
islandsforum.eu/-/nf/net/files/css/ |
145 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none2.css
islandsforum.eu/-/nf/net/files/css/ |
163 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
islandsforum.eu/-/nf/net/files/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
islandsforum.eu/-/nf/net/files/js/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.ccvalid.js
islandsforum.eu/-/nf/net/files/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.js
islandsforum.eu/-/nf/net/files/js/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg.jpg
islandsforum.eu/-/nf/net/files/img/ |
298 KB 298 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
islandsforum.eu/-/nf/net/files/img/ |
864 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| html5 object| Modernizr function| $ function| jQuery object| $jscomp function| isEmail0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
islandsforum.eu
2a00:86c0:2090::1
2a06:98c1:3120::7
002ccd6ec1f5fa2dba3f121da091379cf8c78513cfe4d21946c54a8dd433ffe5
0a733a924b3955e39f008b622eecf5abcb0755fe748ef745d3c7219f4b624a95
38c89b667f0b98ab618ce6eef2947a58b9cac93e4dce667fec781562c34cd66e
55bb11a7921b8bc265262c69f690a11d9a901470c52513a25cf4d02901b8f525
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
8a421d5798accee1c284865ac05cee792ad3f6bcb3c70ce1dcb954d23e86fdad
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
996606e12517e3bb57e0a5f01fed3d7144e2d07a4d8076717a90285c351fa835
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b