www.campagna-netflix.eu
Open in
urlscan Pro
2.59.116.165
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On January 09 via api from GB
Summary
This is the only time www.campagna-netflix.eu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2.59.116.165 2.59.116.165 | 203377 (FIBERSERV...) (FIBERSERVER-INTERNET-TEKNOLOJILERI) | |
3 | 2a00:86c0:209... 2a00:86c0:2091::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN - Netflix Streaming Services Inc.) | |
9 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN - Netflix Streaming Services Inc.) | |
19 | 3 |
ASN203377 (FIBERSERVER-INTERNET-TEKNOLOJILERI, TR)
PTR: cpanel6.hostlab.net.tr
www.campagna-netflix.eu |
ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US)
codex.nflxext.com |
ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US)
assets.nflxext.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
nflxext.com
codex.nflxext.com assets.nflxext.com |
625 KB |
7 |
campagna-netflix.eu
www.campagna-netflix.eu |
101 KB |
19 | 2 |
Domain | Requested by | |
---|---|---|
9 | assets.nflxext.com |
www.campagna-netflix.eu
|
7 | www.campagna-netflix.eu |
www.campagna-netflix.eu
codex.nflxext.com |
3 | codex.nflxext.com |
www.campagna-netflix.eu
|
19 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.1.nflxso.net DigiCert SHA2 Secure Server CA |
2019-12-29 - 2020-01-30 |
a month | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.campagna-netflix.eu/its/platform.php
Frame ID: 560988E62AB7AC2564ED833FC669059E
Requests: 19 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
LiteSpeed (Web Servers) Expand
Detected patterns
- headers server /^LiteSpeed$/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Domande frequenti
Search URL Search Domain Scan URL
Title: Centro assistenza
Search URL Search Domain Scan URL
Title: Condizioni di utilizzo
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Preferenze per i cookie
Search URL Search Domain Scan URL
Title: Informazioni sull'azienda
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
platform.php
www.campagna-netflix.eu/its/ |
417 KB 94 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v619c00fc/js/js/bootstrap.js,common%7Cbootstrap.js/2/4L024l4k484m444u4K050n004M4p4e4w4n4F4a4v4i4y4c4b081B014H/bck/true/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v619c00fc/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4L024l4k484m444u4K050n004M4p4e4w4n4F4a4v4i4y4c4b081B014H/l/true/ |
1 MB 395 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
www.campagna-netflix.eu/personalization/cl2/freeform/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v619c00fc/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/NwGy3uxfj8FLM/none/true/ |
257 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
www.campagna-netflix.eu/personalization/cl2/freeform/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quality_4KHDR-red.svg
assets.nflxext.com/ffe/siteui/acquisition/planSelection/cards/svg/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screens_4S-red.svg
assets.nflxext.com/ffe/siteui/acquisition/planSelection/cards/svg/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quality_HD-magenta.svg
assets.nflxext.com/ffe/siteui/acquisition/planSelection/cards/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screens_2S-magenta.svg
assets.nflxext.com/ffe/siteui/acquisition/planSelection/cards/svg/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
quality_SD-blue.svg
assets.nflxext.com/ffe/siteui/acquisition/planSelection/cards/svg/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screens_1S-blue.svg
assets.nflxext.com/ffe/siteui/acquisition/planSelection/cards/svg/ |
897 B 853 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
www.campagna-netflix.eu/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cl2
www.campagna-netflix.eu/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cl2
www.campagna-netflix.eu/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
cl2
www.campagna-netflix.eu/personalization/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| netflix object| Codex object| C object| global object| process object| util function| jQuery object| jQuery11110356684392533502151 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.campagna-netflix.eu/ | Name: cL Value: 1578529325053%7C157852932526115492%7C157852932526670654%7C%7C4%7CODX4Q56LSFHZDNUCCVLK4GVT5M |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
codex.nflxext.com
www.campagna-netflix.eu
2.59.116.165
2a00:86c0:2090::1
2a00:86c0:2091::1
008eba59a0c72aa42ab2694d45895eb6ee30515e223812a704bf13c49a696851
06f3cbb6fb122694ca6cd5d9eddc08cdb823e40566fe5757272abed676984cf3
1d273371195e78ebe96781eeaef3ae7c5ba2c15692ba0b286dd9521b8e819c7f
2616e8c1eb0632d8224314c998534117cdc0148fe5ece77cb3cbeacc68645770
28fb2ad1679fe2f00d5574c746177a01982381b1b240e6160e59d4fca0856af5
57304341d15da9db4ac48ed6402e62a42ef6aa2c081d55afd901fccab6e81d3f
61f452697a3f1bd8d01f7dde5184997369dcb8e2951caf4c18b184eedbc8c1fb
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83
98114eb7c1d4f8ca36f6205580dfdb2e0af49beaf31930735d250be3193c813e
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
d5071c776c81ca17c37f99190b453d8ed7675fcd8d047bd4301a132a1b0ec6e3
e9ecfc4d186c99f340943269c2f5641b45f2582179654e92bea4f5b6d278867e