ocidadaobrasileiro.com
Open in
urlscan Pro
107.180.20.85
Malicious Activity!
Public Scan
Effective URL: http://ocidadaobrasileiro.com/b98c686721d0be50ef6b2e5f4351531f/750a9ced24f3d3834a3dd888f56d18cc/8210219136/b98c686721d0be50ef6...
Submission: On June 16 via automatic, source phishtank
Summary
This is the only time ocidadaobrasileiro.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 9 | 107.180.20.85 107.180.20.85 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 173.212.192.75 173.212.192.75 | 51167 (CONTABO) (CONTABO) | |
18 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
28 | 5 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-20-85.ip.secureserver.net
ocidadaobrasileiro.com |
ASN51167 (CONTABO, DE)
PTR: vmi140437.contaboserver.net
www.freepnglogos.com |
ASN40027 (NETFLIX-ASN, US)
assets.nflxext.com | |
codex.nflxext.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
nflxext.com
assets.nflxext.com codex.nflxext.com |
2 MB |
9 |
ocidadaobrasileiro.com
1 redirects
ocidadaobrasileiro.com |
79 KB |
1 |
freepnglogos.com
www.freepnglogos.com |
22 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
28 | 4 |
Domain | Requested by | |
---|---|---|
12 | assets.nflxext.com |
ocidadaobrasileiro.com
|
9 | ocidadaobrasileiro.com |
1 redirects
ocidadaobrasileiro.com
codex.nflxext.com |
6 | codex.nflxext.com |
ocidadaobrasileiro.com
|
1 | www.freepnglogos.com |
ocidadaobrasileiro.com
|
1 | ajax.googleapis.com |
ocidadaobrasileiro.com
|
28 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
media.netflix.com |
ir.netflix.com |
jobs.netflix.com |
fast.com |
www.netflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
www.freepnglogos.com Sectigo RSA Domain Validation Secure Server CA |
2019-12-03 - 2021-12-05 |
2 years | crt.sh |
*.1.nflxso.net DigiCert SHA2 Secure Server CA |
2020-06-12 - 2020-07-12 |
a month | crt.sh |
This page contains 1 frames:
Primary Page:
http://ocidadaobrasileiro.com/b98c686721d0be50ef6b2e5f4351531f/750a9ced24f3d3834a3dd888f56d18cc/8210219136/b98c686721d0be50ef6b2e5f4351531f/
Frame ID: E4B904C9D9D992D694C4BA95AA49FE29
Requests: 30 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://ocidadaobrasileiro.com/ Page URL
-
http://ocidadaobrasileiro.com/fdkhfif09.php
HTTP 302
http://ocidadaobrasileiro.com/b98c686721d0be50ef6b2e5f4351531f/750a9ced24f3d3834a3dd888f56d18cc/8210219136... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Perguntas frequentes
Search URL Search Domain Scan URL
Title: Centro de ajuda
Search URL Search Domain Scan URL
Title: Imprensa
Search URL Search Domain Scan URL
Title: Relações com investidores
Search URL Search Domain Scan URL
Title: Carreiras
Search URL Search Domain Scan URL
Title: Termos de uso
Search URL Search Domain Scan URL
Title: Privacidade
Search URL Search Domain Scan URL
Title: Preferências de cookies
Search URL Search Domain Scan URL
Title: Informações corporativas
Search URL Search Domain Scan URL
Title: Entre em contato
Search URL Search Domain Scan URL
Title: Teste de velocidade
Search URL Search Domain Scan URL
Title: Avisos legais
Search URL Search Domain Scan URL
Title: Originais Netflix
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://ocidadaobrasileiro.com/ Page URL
-
http://ocidadaobrasileiro.com/fdkhfif09.php
HTTP 302
http://ocidadaobrasileiro.com/b98c686721d0be50ef6b2e5f4351531f/750a9ced24f3d3834a3dd888f56d18cc/8210219136/b98c686721d0be50ef6b2e5f4351531f/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
ocidadaobrasileiro.com/ |
1 KB 940 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
netflix-logo-0.png
www.freepnglogos.com/uploads/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
US-en-20200302-popsignuptwoweeks-perspective_alpha_website_small.jpg
assets.nflxext.com/ffe/siteui/vlv3/3b48f428-24ed-4692-bb04-bc7771854131/087be50f-41d9-44bb-842b-8ddb05e1d4da/ |
126 KB 126 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
ocidadaobrasileiro.com/b98c686721d0be50ef6b2e5f4351531f/750a9ced24f3d3834a3dd888f56d18cc/8210219136/b98c686721d0be50ef6b2e5f4351531f/ Redirect Chain
|
356 KB 75 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v52f427f5/js/js/bootstrap.js,common%7Cbootstrap.js/2/4U034m4l494n454C4T060o004V4x4f4E4o4O4b4D4j4G4d4c4w4v4r4q09024Q/bck/true/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v52f427f5/js/js/signup%7Chome%7CourStory%7Cfuji%7CfujiFrameworkClient.js/2/4U034m4l494n454C4T060o004V4x4f4E4o4O4b4D4j4G4d4c4w4v4r4q09024... |
1008 KB 303 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
ocidadaobrasileiro.com/personalization/cl2/freeform/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v52f427f5/css/css/less%7Ccore%7Cerror-page.less/1/vFxN3twKh8ELM/none/true/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v52f427f5/css/css/less%7Cpages%7Chome%7CourStory%7Cfuji%7Cfuji.less/1/vFxN3twKh8ELM/none/true/ |
126 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BR-pt-20200203-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/a3f7f386-bdc3-424d-9f95-1091ffa2e3a2/c5a6165c-17ce-49e5-8d2b-566d72424fdb/ |
329 KB 330 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
54 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
ocidadaobrasileiro.com/personalization/cl2/freeform/ |
315 B 507 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteScreen
ocidadaobrasileiro.com/personalization/cl2/freeform/ |
315 B 507 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-tv.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
245 KB 245 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
260 KB 260 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
ocidadaobrasileiro.com/personalization/ |
315 B 507 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v52f427f5/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4U034m4l494n454C4T060o004V4x4f4E4o4O4b4D4j4G4d4c4w4v4r4q09024Q/l/true/ |
1 MB 446 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v52f427f5/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/vFxN3twKh8ELM/none/true/ |
243 KB 38 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebugEvent
ocidadaobrasileiro.com/personalization/cl2/freeform/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebugEvent
ocidadaobrasileiro.com/personalization/cl2/freeform/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| netflix object| Codex object| C object| global object| process object| util function| jQuery object| jQuery1111030018327801926992 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ocidadaobrasileiro.com/ | Name: cL Value: 1592323348468%7C159232334897589219%7C159232334818965595%7C%7C4%7Cnull |
|
ocidadaobrasileiro.com/ | Name: PHPSESSID Value: 75165cabfd097da505f92345df0401c1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets.nflxext.com
codex.nflxext.com
ocidadaobrasileiro.com
www.freepnglogos.com
107.180.20.85
173.212.192.75
2a00:1450:4001:801::200a
2a00:86c0:2090::1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1a1ec04310993d5c09beb3090ff95423d535ce624d28b0e46c2547d52f7f7dae
24a2e51bf939ff378c486b2d65ad70f0dd67651de2a665bbcb05d70d896f714b
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
51ff558efae973f4a0d2e6e09ab5e2a2b2579604dd23cbec92e503045805dd8e
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
628ceecd120d1c42bb3803c0909eb46da315e63ea3ba8d4646c4b21aaf17fa2c
7a4cec5ed8567633011953c55c3ab48afcd65b39b7698f5cf0257a670ebac27a
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
8e0d535dad44182d2d9c92ccd747f283d653610c755be90b79ed9c5f13ab3175
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
b71790ad26b8c29077c37efca8c06c6d50903f4a1fb2d4eb108c150b9d0a7ce0
b72542be2455164cce31adf781b86ca30e57c02697914c31fc147ad0d3d9fc01
b940f047a6452ffe14a2b52b0b69c4b3541b60ecd9592adba4441a7b55471a73
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c795bc8b4075faee04197ee8ebfd199c6cd46805b66551ab8dd3ec80b39e68c7
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e3a33ba422f8553d38f32de41f50fb24d8f73ba2c985a0244847cbc59982cfe6