25.254-247-81.adsl-static.isp.belgacom.be
Open in
urlscan Pro
81.247.254.25
Malicious Activity!
Public Scan
Submission: On December 06 via manual from BE — Scanned from DE
Summary
This is the only time 25.254-247-81.adsl-static.isp.belgacom.be was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 81.247.254.25 81.247.254.25 | 5432 (PROXIMUS-...) (PROXIMUS-ISP-AS) | |
8 | 2a00:86c0:209... 2a00:86c0:2091::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
10 | 2606:4700::68... 2606:4700::6812:83ec | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2600:1f18:631... 2600:1f18:631e:2f84:ceae:e049:1e:6a96 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2606:4700:440... 2606:4700:4400::ac40:9b77 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::2004 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a00:1450:400... 2a00:1450:4001:80e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
36 | 9 |
ASN5432 (PROXIMUS-ISP-AS, BE)
PTR: 25.254-247-81.adsl-static.isp.belgacom.be
25.254-247-81.adsl-static.isp.belgacom.be |
ASN14618 (AMAZON-AES, US)
www.netflix.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 324 |
158 KB |
8 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 5504 |
871 KB |
5 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
417 KB |
5 |
netflix.com
www.netflix.com — Cisco Umbrella Rank: 2440 Failed |
2 KB |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
3 KB |
1 |
onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 548 |
304 B |
1 |
belgacom.be
25.254-247-81.adsl-static.isp.belgacom.be |
68 KB |
36 | 7 |
Domain | Requested by | |
---|---|---|
10 | cdn.cookielaw.org |
25.254-247-81.adsl-static.isp.belgacom.be
cdn.cookielaw.org |
8 | assets.nflxext.com |
25.254-247-81.adsl-static.isp.belgacom.be
assets.nflxext.com |
5 | www.netflix.com |
25.254-247-81.adsl-static.isp.belgacom.be
assets.nflxext.com |
4 | www.gstatic.com |
www.google.com
www.gstatic.com |
2 | www.google.com |
assets.nflxext.com
www.gstatic.com |
1 | fonts.gstatic.com |
www.google.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | 25.254-247-81.adsl-static.isp.belgacom.be | |
36 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.netflix.com |
policies.google.com |
help.netflix.com |
optout.aboutads.info |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2023-11-13 - 2023-12-19 |
a month | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2023-04-01 - 2024-03-31 |
a year | crt.sh |
www.netflix.com DigiCert Secure Site ECC CA-1 |
2023-10-25 - 2024-10-24 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2023-11-13 - 2024-11-12 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://25.254-247-81.adsl-static.isp.belgacom.be/?rid=cxRBxMY
Frame ID: 2AA655A8DD0F31BC1FBD4E1E0DD82667
Requests: 28 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cDovLzI1LjI1NC0yNDctODEuYWRzbC1zdGF0aWMuaXNwLmJlbGdhY29tLmJlOjgw&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=4wjdvnayf2ax
Frame ID: 0929F6F07ABB86915566D2BE5733F238
Requests: 5 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: Netflix-homepagina
Search URL Search Domain Scan URL
Title: +32
Search URL Search Domain Scan URL
Title: Hulp nodig?
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Veelgestelde vragen
Search URL Search Domain Scan URL
Title: Helpcentrum
Search URL Search Domain Scan URL
Title: Gebruiksvoorwaarden
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Bedrijfsgegevens
Search URL Search Domain Scan URL
Title: Cookies and Internet Advertising
Search URL Search Domain Scan URL
Title: here.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
36 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
25.254-247-81.adsl-static.isp.belgacom.be/ |
309 KB 68 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginControllerClient.js.184ef6e929601b566dec.js
assets.nflxext.com/web/ffe/wp/components/login/ |
1 MB 336 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
WebsiteDetect
www.netflix.com/personalization/cl2/freeform/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error-page.b122c37502204303115a.css
assets.nflxext.com/web/ffe/wp/less/core/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginBase.b1adf06b6a2a1720f790.css
assets.nflxext.com/web/ffe/wp/less/login/ |
44 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login.10b0d4338e625d30279d.css
assets.nflxext.com/web/ffe/wp/less/pages/login/ |
88 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BE-nl-20230703-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/ce221d7a-8901-41d9-b726-3ea2efe3a650/a88b039e-88d7-4f9a-9e8b-e03b407b2adb/ |
330 KB 330 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteDetect
www.netflix.com/personalization/cl2/freeform/ |
0 457 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WebsiteScreen
www.netflix.com/personalization/cl2/freeform/ |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
87b6a5c0-0104-4e96-a291-092c11350111.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ |
6 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
59 B 304 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
log
www.netflix.com/personalization/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
log
www.netflix.com/personalization/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ |
468 KB 188 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202301.1.0/ |
395 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/55af99db-f9fd-4653-abf3-199720a8670a/ |
58 KB 15 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otFlat.json
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ |
13 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ |
62 KB 13 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/enterprise/ Frame 0929 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ |
497 B 489 B |
Fetch
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Netflix_Logo_PMS.png
cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/ |
16 KB 16 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 0929 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 0929 |
468 KB 188 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0929 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0929 |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
cl2
www.netflix.com/personalization/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
cl2
www.netflix.com/personalization/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
cl2
www.netflix.com/personalization/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
cl2
www.netflix.com/personalization/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.netflix.com
- URL
- https://www.netflix.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
- Domain
- www.netflix.com
- URL
- https://www.netflix.com/personalization/log
- Domain
- www.netflix.com
- URL
- https://www.netflix.com/personalization/cl2
- Domain
- www.netflix.com
- URL
- https://www.netflix.com/personalization/cl2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| OneTrustStub function| OptanonWrapper object| netflix string| __public_path__ object| webpackChunk_nf_web_ui_core function| _ object| util object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust object| recaptcha object| closure_lm_1180170 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
25.254-247-81.adsl-static.isp.belgacom.be
assets.nflxext.com
cdn.cookielaw.org
fonts.gstatic.com
geolocation.onetrust.com
www.google.com
www.gstatic.com
www.netflix.com
www.netflix.com
2600:1f18:631e:2f84:ceae:e049:1e:6a96
2606:4700:4400::ac40:9b77
2606:4700::6812:83ec
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2004
2a00:86c0:2091::1
81.247.254.25
0c298cd85f1ad1d81325fa3e6b2f7aa421f36fcc5cc2626802edf4f781b832a7
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
1a4065ead26a118363a9ee57fbbf14747fbb890cb8c02806ffdba6ca1e01e6ba
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d957c21d351e828e2cffad66a92b3170a74a4d8d12d0150afce3e21f96fd395
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
28893dd43488d83c7ab4f71734f746bb94d8f268cafc6f7da9292e6e59ac209b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6d6dbf6274b79eea937df262d09f2f3b72c77da18a072386327d7d0f34be68a3
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
94fcd6e0853ecde2b0c6b43b56bf293baec7b0eab03bdf0ef9f4b6c3b62597a3
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
992c42bd5f23100c660699b2d71f03874aaf19dc54ab1c40617e6726d072a1b3
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
d10dc224cd770af6b9ec02bcd383ea8daaf9654822648de1661c4814623a8261
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bc53ba9af8f01acc490d419503942ee93bcf9e527ce4138535858fda80af19