uk-netfilx-memberships.com Open in urlscan Pro
163.172.62.126 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://uk-netfilx-memberships.com/
Effective URL:
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Submission: On March 12 via automatic, source twitter_illegalFawn (March 12th 2018, 11:06:32 am UTC)

Summary HTTP 14 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 163.172.62.126, located in United Kingdom and belongs to AS12876, FR. The main domain is uk-netfilx-memberships.com.

This is the only time uk-netfilx-memberships.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 12	163.172.62.126 163.172.62.126	12876 (AS12876) (AS12876)
2	2.18.232.136 2.18.232.136	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	54.171.208.83 54.171.208.83	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.77.81.254 54.77.81.254	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
14	4

12 163.172.62.126 (United Kingdom) 2 redirects

ASN12876 (AS12876, FR)
PTR: 163-172-62-126.rev.poneytelecom.eu

uk-netfilx-memberships.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.136 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.208.83 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-208-83.eu-west-1.compute.amazonaws.com

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.81.254 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-77-81-254.eu-west-1.compute.amazonaws.com

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	uk-netfilx-memberships.com 2 redirects uk-netfilx-memberships.com	1 MB
2	netflix.com www.netflix.com	2 KB
2	nflxext.com assets.nflxext.com	153 KB
14	3

	Domain	Requested by
12	uk-netfilx-memberships.com	2 redirects uk-netfilx-memberships.com
2	www.netflix.com	uk-netfilx-memberships.com
2	assets.nflxext.com	uk-netfilx-memberships.com
14	3

This site contains links to these domains. Also see Links.

Domain
www.netflix.com
help.netflix.com

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Frame ID: 12654A84C00B812041ED63F219B19AA9
Requests: 13 HTTP requests in this frame

Frame: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/0sTQzbapM8j.html
Frame ID: 68FF134A6FFC45C24B2A26026F0BC520
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://uk-netfilx-memberships.com/ HTTP 302
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7 HTTP 301
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1391 kB
Transfer

1386 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netflix.com/
Title: Netflix

Search URL Search Domain Scan URL

URL: https://www.netflix.com/LoginHelp
Title: Forgot your email or password?

Search URL Search Domain Scan URL

URL: https://help.netflix.com/contactus
Title: Questions? Contact us.

Search URL Search Domain Scan URL

URL: https://www.netflix.com/giftterms
Title: Gift Card Terms

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://uk-netfilx-memberships.com/ HTTP 302
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7 HTTP 301
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Redirect Chain

http://uk-netfilx-memberships.com/
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7
http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/

198 KB
199 KB

24ms
24ms

Document
text/html

163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 20cb3fdbbdb51857821048b0e2c4c8d4a0989b7d0de4e329640d2a606d04efcb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 203237

Redirect headers

Location: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Date: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 275
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found WebsiteDetect.txt
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ 0
0 23ms
23ms Stylesheet
text/html 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/WebsiteDetect.txt
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 384
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK sdk.js Show response
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ 200 KB
201 KB 37ms
21ms Script
application/javascript 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/sdk.js
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: d495e3655f2406b491027c701329b437fca65a0f7771c1f2465ac095b091a031

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 205215

GET
H/1.1 200
OK none.css
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ 101 KB
101 KB 38ms
23ms Stylesheet
text/css 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/none.css
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 7b5502c3d6f1229537141c2fbf6c847b787e03d231dac33d5bbd15bc26c3228c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 103400

GET
H/1.1 200
OK FB-f-Logo__blue_57.png
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ 1 KB
2 KB 24ms
22ms Image
image/png 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/FB-f-Logo__blue_57.png
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1455

GET
H/1.1 200
OK none_002 Show response
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ 17 KB
17 KB 21ms
21ms Script
text/plain 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/none_002
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: fd48afd38afadaa8160052c3c36b85c590370f2fbfcd53bf48c13d76d41db955

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 17228

GET
H/1.1 200
OK none Show response
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ 673 KB
673 KB 24ms
23ms Script
text/plain 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/none
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: bd3860338015d9e349c4dceffd57ec06665019470834d8c047870d08640e842f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 688752

GET
H/1.1 404
Not Found WebsiteDetect Show response
uk-netfilx-memberships.com/ichnaea/cl2/freeform/ 351 B
551 B 24ms
23ms XHR
text/html 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/ichnaea/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: 8fc5d3471cdc4528648c8c143710397e1a6cd0a8c9743e32914e8f5ff5d5f9c9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found WebsiteScreen Show response
uk-netfilx-memberships.com/ichnaea/cl2/freeform/ 351 B
551 B 24ms
24ms XHR
text/html 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/ichnaea/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: ccd38d8104f6f128c3d076c2cd9185ac686a068fcd19aafe717ed20b268c16f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 351
Content-Type: text/html; charset=iso-8859-1

GET
S 200 login-the-crown_2-1500x1000.jpg
assets.nflxext.com/ffe/siteui/acquisition/login/ 84 KB
85 KB 35ms
7ms Image
image/jpeg 2.18.232.136
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/login/login-the-crown_2-1500x1000.jpg
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: SPDY
Server: 2.18.232.136 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04

Request headers

Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/none.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 12 Mar 2018 11:06:21 GMT
last-modified: Mon, 24 Oct 2016 20:49:51 GMT
server: Apache
content-md5: 5GY/BZWwL7HDlH/B8V64Eg==
content-type: image/jpeg
status: 200
cache-control: public, max-age=66128019
accept-ranges: bytes
content-length: 86226
expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
S 200 nf-icon-v1-88.woff
assets.nflxext.com/ffe/siteui/fonts/ 69 KB
69 KB 33ms
6ms Font
font/woff 2.18.232.136
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-88.woff
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: SPDY
Server: 2.18.232.136 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/none.css
Origin: http://uk-netfilx-memberships.com

Response headers

date: Mon, 12 Mar 2018 11:06:21 GMT
last-modified: Fri, 27 Jan 2017 22:53:52 GMT
server: Apache
content-md5: ezBCotj2o1GiKPEVK1YDAg==
status: 200
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=66128019
accept-ranges: bytes
content-length: 70204
expires: Wed, 15 Apr 2020 20:00:00 GMT

GET
H/1.1 200
OK 0sTQzbapM8j.html Show response
uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/ Frame 68FF 42 KB
42 KB 22ms
21ms Document
text/html 163.172.62.126
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/0sTQzbapM8j.html
Requested by: Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Protocol: HTTP/1.1
Server: 163.172.62.126 , United Kingdom, ASN12876 (AS12876, FR),
Reverse DNS: 163-172-62-126.rev.poneytelecom.eu
Software: Apache /
Resource Hash: b6a4cc11a2ee0bbfc5d71c105590261e04f5594c8169c2ffb7695ce533034bbf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: uk-netfilx-memberships.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Cookie: cL=1520852781883%7C152085278165116922%7C152085278166349764%7C%7C4%7C4TXCTKU2SZAAZB6ZFA4VJS3J6Y
Connection: keep-alive
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 12 Mar 2018 11:06:21 GMT
Last-Modified: Mon, 12 Mar 2018 11:06:21 GMT
Server: Apache
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 43137

OPTIONS
H/1.1 200
OK cl2 Show response
www.netflix.com/ichnaea/ 0
1013 B 137ms
48ms XHR
text/plain 54.171.208.83
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/cl2

Requested by

Host: uk-netfilx-memberships.com
URL: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/Netflix_fichiers/none

Protocol

HTTP/1.1

Server

54.171.208.83 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-171-208-83.eu-west-1.compute.amazonaws.com

Software

ichnaea i-0c10e2ccae9fa432f /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://ichnaea.netflix.com/log/freeform/xssreport

Request headers

Access-Control-Request-Method: POST
Origin: http://uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Mon, 12 Mar 2018 11:06:27 GMT
Via: 1.1 i-0e175aaffd73e0fe3 (eu-west-1)
X-Content-Type-Options: nosniff
X-Netflix-From-Zuul: true
X-Netflix_proxy_execution-time: 13
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block; report=https://ichnaea.netflix.com/log/freeform/xssreport
Server: ichnaea i-0c10e2ccae9fa432f
X-Netflix_nfstatus: 1_1
Allow: GET, POST, OPTIONS
Strict-Transport-Security: max-age=31536000
X-Originating-URL: https://www.netflix.com/ichnaea/cl2
Access-Control-Allow-Origin: http://uk-netfilx-memberships.com
Accept: text/plain, text/html
Access-Control-Allow-Credentials: true
Content-Type: text/plain
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest

POST
H/1.1 202
Accepted cl2 Show response
www.netflix.com/ichnaea/ 0
1 KB 120ms
37ms XHR
text/plain 54.77.81.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/cl2

Protocol

HTTP/1.1

Server

54.77.81.254 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-77-81-254.eu-west-1.compute.amazonaws.com

Software

ichnaea i-0e5a41288d7e21d05 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://ichnaea.netflix.com/log/freeform/xssreport

Request headers

Referer: http://uk-netfilx-memberships.com/e7abb4a3f4d88c1034a3cf7c529341a7/
Origin: http://uk-netfilx-memberships.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 12 Mar 2018 11:06:27 GMT
Via: 1.1 i-0f6f2345a96e4a908 (eu-west-1)
X-Content-Type-Options: nosniff
X-Netflix-From-Zuul: true
X-Netflix_proxy_execution-time: 4
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block; report=https://ichnaea.netflix.com/log/freeform/xssreport
Allow: GET, POST, OPTIONS
Server: ichnaea i-0e5a41288d7e21d05
X-Netflix_nfstatus: 1_1
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Originating-URL: https://www.netflix.com/ichnaea/cl2
Access-Control-Allow-Origin: http://uk-netfilx-memberships.com
Accept: text/plain, text/html
Access-Control-Allow-Credentials: true
X-Ichnaea: ~O=true~RL=180
Content-Type: text/plain
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.uk-netfilx-memberships.com/	1969-12-31 23:59:59	Name: cL Value: 1520852781883%7C152085278165116922%7C152085278166349764%7C%7C4%7C4TXCTKU2SZAAZB6ZFA4VJS3J6Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
uk-netfilx-memberships.com
www.netflix.com
163.172.62.126
2.18.232.136
54.171.208.83
54.77.81.254
20cb3fdbbdb51857821048b0e2c4c8d4a0989b7d0de4e329640d2a606d04efcb
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
7b5502c3d6f1229537141c2fbf6c847b787e03d231dac33d5bbd15bc26c3228c
8fc5d3471cdc4528648c8c143710397e1a6cd0a8c9743e32914e8f5ff5d5f9c9
b6a4cc11a2ee0bbfc5d71c105590261e04f5594c8169c2ffb7695ce533034bbf
ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04
bd3860338015d9e349c4dceffd57ec06665019470834d8c047870d08640e842f
ccd38d8104f6f128c3d076c2cd9185ac686a068fcd19aafe717ed20b268c16f2
d495e3655f2406b491027c701329b437fca65a0f7771c1f2465ac095b091a031
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd48afd38afadaa8160052c3c36b85c590370f2fbfcd53bf48c13d76d41db955

uk-netfilx-memberships.com Open in urlscan Pro 163.172.62.126 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1391 kBTransfer

1386 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

Indicators

uk-netfilx-memberships.com Open in urlscan Pro
163.172.62.126 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1391 kB
Transfer

1386 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!