semlimitesflixnet.gq
Open in
urlscan Pro
147.135.189.66
Malicious Activity!
Public Scan
Effective URL: https://semlimitesflixnet.gq/
Submission: On March 15 via manual from BR
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 9th 2019. Valid for: 3 months.
This is the only time semlimitesflixnet.gq was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a02:4780:dea... 2a02:4780:dead:ff7f::1 | 204915 (AWEX) (AWEX) | |
1 18 | 147.135.189.66 147.135.189.66 | 16276 (OVH) (OVH) | |
8 | 2a02:26f0:6c0... 2a02:26f0:6c00:297::33c4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
25 | 3 |
ASN16276 (OVH, FR)
PTR: ip66.ip-147-135-189.eu
semlimitesflixnet.gq |
ASN20940 (AKAMAI-ASN1, US)
assets.nflxext.com | |
codex.nflxext.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
semlimitesflixnet.gq
1 redirects
semlimitesflixnet.gq |
1 MB |
8 |
nflxext.com
assets.nflxext.com codex.nflxext.com |
737 KB |
1 |
000webhostapp.com
1 redirects
blogvim.000webhostapp.com |
309 B |
25 | 3 |
Domain | Requested by | |
---|---|---|
18 | semlimitesflixnet.gq |
1 redirects
semlimitesflixnet.gq
|
6 | assets.nflxext.com |
semlimitesflixnet.gq
|
2 | codex.nflxext.com |
semlimitesflixnet.gq
|
1 | blogvim.000webhostapp.com | 1 redirects |
25 | 4 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.semlimitesflixnet.gq Let's Encrypt Authority X3 |
2019-03-09 - 2019-06-07 |
3 months | crt.sh |
assets.nflxext.com DigiCert SHA2 Secure Server CA |
2018-03-09 - 2020-03-09 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://semlimitesflixnet.gq/
Frame ID: 227CC0A8800B4DE9DC2EA599CC4922D4
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://blogvim.000webhostapp.com/font/promoflixnetseismesesgratis.php
HTTP 302
http://semlimitesflixnet.gq/ HTTP 301
https://semlimitesflixnet.gq/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
UNIX (Operating Systems) Expand
Detected patterns
- headers server /Unix/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
React (JavaScript Frameworks) Expand
Detected patterns
- html /<[^>]+data-react/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Perguntas frequentes
Search URL Search Domain Scan URL
Title: Centro de ajuda
Search URL Search Domain Scan URL
Title: Imprensa
Search URL Search Domain Scan URL
Title: Carreiras
Search URL Search Domain Scan URL
Title: Teste de velocidade
Search URL Search Domain Scan URL
Title: Avisos legais
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://blogvim.000webhostapp.com/font/promoflixnetseismesesgratis.php
HTTP 302
http://semlimitesflixnet.gq/ HTTP 301
https://semlimitesflixnet.gq/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
semlimitesflixnet.gq/ Redirect Chain
|
84 KB 84 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none(1)
semlimitesflixnet.gq/home_files/ |
9 KB 9 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none(2)
semlimitesflixnet.gq/home_files/ |
767 KB 768 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
semlimitesflixnet.gq/home_files/ |
0 273 B |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
none
semlimitesflixnet.gq/home_files/ |
118 KB 118 KB |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hero-background.jpg
semlimitesflixnet.gq/home_files/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
semlimitesflixnet.gq/home_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.png
semlimitesflixnet.gq/home_files/ |
54 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
semlimitesflixnet.gq/home_files/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
semlimitesflixnet.gq/home_files/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
semlimitesflixnet.gq/personalization/cl2/freeform/ |
240 B 474 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteScreen
semlimitesflixnet.gq/personalization/cl2/freeform/ |
240 B 474 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebugEvent
semlimitesflixnet.gq/home_files/ |
0 273 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebugEvent(1)
semlimitesflixnet.gq/home_files/ |
0 273 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-tv.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
54 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
260 KB 261 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-tv.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
21 KB 21 KB |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-tv.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
192 KB 0 |
Media
video/x-m4v |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
715 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
22 KB 22 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-mk-ve059a69f/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/50034x4v4d4z084j494D4-060t00514C4p4F4A0e4T4R4P4k4E4t4H4m4l024X/l/true/ |
1 MB 330 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
none
codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-ve059a69f/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/2/0E0R040u0L090B0K0V0Y0S0M0W0Q0X0-/none/true/ |
188 KB 31 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
log
semlimitesflixnet.gq/personalization/ |
217 B 451 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebugEvent
semlimitesflixnet.gq/personalization/cl2/freeform/ |
237 B 237 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DebugEvent
semlimitesflixnet.gq/personalization/cl2/freeform/ |
237 B 237 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| netflix object| Codex object| C object| global object| process object| util function| jQuery object| jQuery11110086782826413023481 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.semlimitesflixnet.gq/ | Name: cL Value: 1552689460617%7C155268946031647656%7C155268946026861578%7C%7C4%7CCVW6MFTXNNDWRPAKMWC6YA67EI |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
blogvim.000webhostapp.com
codex.nflxext.com
semlimitesflixnet.gq
147.135.189.66
2a02:26f0:6c00:297::33c4
2a02:4780:dead:ff7f::1
065c152b9cfe6f2609ad17615648c51941918d644f9bbe59b880ba4059e42e2f
096f77cbfbc4020735064e5c0c819149c42473ba9f18c741f7f995cb2edb37a9
2119e1995fc4a35e53638738980323c6a94ff03097951b7513cc8ad241b8c654
24a2e51bf939ff378c486b2d65ad70f0dd67651de2a665bbcb05d70d896f714b
27c7136aa3a01094ee71a1ac3fb9204ca5b9822adf2e4ce446c2c8c6914f31e5
3a37c95263bb2ed0e93018df74c7834e6fa38db0edffdc35c4f61cfde42aaf33
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
558a22b1074b824ae9fb96d38e7c86f01034495864e07779f12581b53704a63a
577833a31e59d17913a30024065e14d043579465d71dd2c5af3253dac57baf30
59235484f36c6344af123d1988484e876da612755e8ff20e806f53200b24e8d9
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
82e9337bc6d7421a600f6f5148f986bb5cde648e87870dcafdd9e24efe0a889b
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a4c7b560079c7aff1ca4fedafdd5753c59ee0a2f389a4c86124fcae45bee9ba2
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
b9d2dd5d54699e4bc3f6c4030a0af5aa894f80c0d94794330b8382f0eb187f6f
d3b6a1fe1afc5c47e724f35ecd6cfb2956be167ef169fdac73b6a7952e69b8d7
d70a4903f2abb1831bb863f8bfe0d72312d6fb964cdb18a79b1925305b21cb16
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855