netflixx.club
Open in
urlscan Pro
198.187.29.193
Malicious Activity!
Public Scan
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 21st 2020. Valid for: 5 months.
This is the only time netflixx.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 198.187.29.193 198.187.29.193 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 2 | 2606:4700:303... 2606:4700:3033::ac43:d079 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::ac43:45d7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:303... 2606:4700:3034::ac43:d7f3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:303... 2606:4700:3031::681c:1cef | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 8 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium78-2.web-hosting.com
netflixx.club |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
netflixx.club
netflixx.club |
364 KB |
4 |
cldoffers.net
cldoffers.net |
5 KB |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
2 |
nekudo.com
1 redirects
geoip.nekudo.com |
416 B |
1 |
bootstraplugin.com
bootstraplugin.com |
733 B |
1 |
gstatic.com
fonts.gstatic.com |
9 KB |
1 |
cpabuild.com
cpabuild.com |
7 KB |
21 | 7 |
Domain | Requested by | |
---|---|---|
10 | netflixx.club |
netflixx.club
|
4 | cldoffers.net |
cpabuild.com
|
2 | fonts.googleapis.com |
netflixx.club
|
2 | geoip.nekudo.com |
1 redirects
netflixx.club
|
1 | bootstraplugin.com |
netflixx.club
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cpabuild.com |
netflixx.club
|
21 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
netflixx.club Sectigo RSA Domain Validation Secure Server CA |
2020-10-21 - 2021-03-21 |
5 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-01 - 2021-08-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
cpabuild.com Cloudflare Inc ECC CA-3 |
2020-07-03 - 2021-07-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://netflixx.club/
Frame ID: 6227E604831C704A64114DFB89CD8A20
Requests: 22 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://geoip.nekudo.com/api?callback=geo HTTP 301
- https://geoip.nekudo.com/shutdown
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
netflixx.club/ |
139 KB 29 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shutdown
geoip.nekudo.com/ Redirect Chain
|
0 0 |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.css
netflixx.club/cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/ |
553 KB 94 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
7 KB 840 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
locker.js
cpabuild.com/public/external/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
netflixx.club/inc/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.jpg
netflixx.club/inc/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.jpg
netflixx.club/inc/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.jpg
netflixx.club/inc/ |
29 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
png4.png
netflixx.club/inc/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
netflixx.club/cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
semantic.min.js
netflixx.club/cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/ |
277 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css
fonts.googleapis.com/ |
3 KB 978 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.793048.38b46.0.js
cldoffers.net/public/external/v2/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
cldoffers.net/public/external/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg3.jpg
netflixx.club/inc/ |
907 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fortnite.woff
netflixx.club/inc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
cldoffers.net/public/clockers/PrimeApps/ |
1010 B 421 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
cldoffers.net/public/external/ |
0 317 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.php
bootstraplugin.com/ |
0 733 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 1 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- netflixx.club
- URL
- https://netflixx.club/inc/fortnite.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)32 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| geo object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery function| Sweetalert2 function| swal function| sweetAlert object| BigText number| amountbucks function| xD function| vbucks function| laststep function| finish0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bootstraplugin.com
cldoffers.net
cpabuild.com
fonts.googleapis.com
fonts.gstatic.com
geoip.nekudo.com
netflixx.club
netflixx.club
198.187.29.193
2606:4700:20::ac43:45d7
2606:4700:3031::681c:1cef
2606:4700:3033::ac43:d079
2606:4700:3034::ac43:d7f3
2a00:1450:4001:802::200a
2a00:1450:4001:81f::2003
0618ba18c43fef6b9865c257089d8b4e838870ddfe0b1e3b0199eafc1c357fb0
07b7f3a33783a37b2274a06f922190f63af95004333361102b55a4f7cdd0f9d1
1213badbf8789a8a903b53b9a362540d3f6bd40cb3640e818600117f1e598161
22dae65c72d4b61fc94759ea8fc9b6259a5ee939fd4fcec9fd764697d30da96f
5c14a94a28817f61a07c64ad2431d29662763ae0237fb0317d4aeede78e5d24b
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
6d8702e69c4d70476639af449bde64f8023c9476f2753c1720c9b8fc60845c4b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e68ccb5ccb933edcd336caebc70d52601e0614f9ef022d1e1884e7dcc71861e
95acaf0bed68db88e1ae25709e6852b96d1c674fa7ac87de260d7d0445664f6a
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
aba29a8f445023165c5c246a321128283e726d9c87e2e2e7b8653fa5aa8cbf8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bd02eed496b669c4fa74130cfec37760e9ba3f01db14c6e7dc62c013a583b5