Report - cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/

Report Overview

Submitted URL
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
IP
163.44.198.61
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.
Submitted
2024-05-07 04:29:14
Access
public
Website Title
Netflix
Final URL
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Tags
netflix phishing
urlquery detections
Phishing - Netflix

Detections

urlquery
9
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cpanel12wh.bkk1.cloud.z.com	unknown	1997-12-19	2019-01-20	2020-12-30	4.1 kB	383 kB	163.44.198.61
assets.nflxext.com	3871	2011-02-11	2015-07-22	2024-05-06	1.6 kB	182 kB	45.57.91.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-06	medium	cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/	Netflix Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/	1.9 kB	2023-03-29	2024-05-07
Pretty URL cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/ IP 163.44.198.61 ASN #135161 GMO-Z com NetDesign Holdings Co., Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:48:42 Last Seen2024-05-07 06:29:14 Times Seen10 Hash 54e2ebd62368bace1dc126e0d8e54d0c 176af32af1885566873dbf74ebed954cf582ac11 6615ca558f5ba56c242a44c3bf870e3a6609bc6961fab80219d9de519dbb8d61 Loading...

HTTP Transactions (11)

URL IP Response Size

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/

163.44.198.61

200 OK

16 kB

URL User Request GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (5985), with CRLF, LF line terminators
Size
16 kB (16480 bytes)
Hash
f47ea9f249d4c595698bb400fc52ab1d
1673e5503b81341c00d4e8eecac4f4863f244fbf
a87126bdd8b5bf29180bc2584724fc667e155b8c448331656e3b323613a8b813

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix
OpenPhish	phishing	Netflix Inc.

HTTP Headers

GET /~cp318430/app/browser/info/vbv.php/ HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:28:50 GMT
Server: Apache
X-Powered-By: PHP/8.1.13
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/js/vbv.js

163.44.198.61

404 Not Found

10 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/js/vbv.js
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10168 bytes)
Hash
a88ecb6c19af996d5a9ee0733c7d718a
7fef2d2a078ea01c4bb4b095d5be9307e92e6f7b
d0635b2763f92ce19a6785467511f7fb7fd9e800236af7aa79964c6f673b87b7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/js/vbv.js HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 04:28:50 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/net.css

163.44.198.61

200 OK

16 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/net.css
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (5985), with CRLF, LF line terminators
Size
16 kB (16480 bytes)
Hash
f47ea9f249d4c595698bb400fc52ab1d
1673e5503b81341c00d4e8eecac4f4863f244fbf
a87126bdd8b5bf29180bc2584724fc667e155b8c448331656e3b323613a8b813

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/vbv.php/net.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:28:51 GMT
Server: Apache
X-Powered-By: PHP/8.1.13
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/index.d9735b88e0fc5047996e.css

163.44.198.61

200 OK

16 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/index.d9735b88e0fc5047996e.css
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (5985), with CRLF, LF line terminators
Size
16 kB (16480 bytes)
Hash
f47ea9f249d4c595698bb400fc52ab1d
1673e5503b81341c00d4e8eecac4f4863f244fbf
a87126bdd8b5bf29180bc2584724fc667e155b8c448331656e3b323613a8b813

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/vbv.php/index.d9735b88e0fc5047996e.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:28:51 GMT
Server: Apache
X-Powered-By: PHP/8.1.13
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/css/vbv.css

163.44.198.61

200 OK

291 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/css/vbv.css
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
ASCII text, with CRLF line terminators
Size
291 kB (290751 bytes)
Hash
f5b0d1ef7b9f3f9e218a0ff421af2d0c
8507590f3a53c10cc1347706b1b5db5cd46c98ac
654055110851af06b27d8342fbdba5a7fd869b61aad852a335b1f7535605c0eb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/css/vbv.css HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 04:28:50 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 05:21:06 GMT
ETag: "46fbf-5e5c81967b480"
Accept-Ranges: bytes
Content-Length: 290751
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2

45.57.91.1

200 OK

53 kB

URL GET HTTP/1.1
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint1F:A4:93:10:A9:A8:18:74:F3:90:22:76:AB:28:5D:AB:FD:41:13:20
ValidityMon, 22 Apr 2024 00:00:00 GMT - Thu, 23 May 2024 23:06:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 53304, version 2.6554
Size
53 kB (53304 bytes)
Hash
0bf3177f1fed6d953178221fba43c7e8
83d9f039f1ba7209321c7da72d3dc6a9aa5e2ab3
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

HTTP Headers

GET /ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cpanel12wh.bkk1.cloud.z.com
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 04:28:52 GMT
Content-Type: font/woff2
Content-Length: 53304
Connection: keep-alive
Content-MD5: C/MXfx/tbZUxeCIfukPH6A==
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Cache-Control: max-age=604801
Expires: Tue, 14 May 2024 04:28:53 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2

45.57.91.1

200 OK

54 kB

URL GET HTTP/1.1
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint26:99:51:1D:07:DD:F9:C9:F4:1B:D4:F2:E3:B2:4A:FB:CC:7E:25:98
ValiditySat, 20 Apr 2024 00:00:00 GMT - Sat, 25 May 2024 22:12:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 53940, version 2.6554
Size
54 kB (53940 bytes)
Hash
ea769921b0cfa4fc6d4d1a2e0b1fa5ff
34dcd2875c9752ebba6f894eb8d410e4958cc1b4
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

HTTP Headers

GET /ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cpanel12wh.bkk1.cloud.z.com
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 04:28:52 GMT
Content-Type: font/woff2
Content-Length: 53940
Connection: keep-alive
Content-MD5: 6naZIbDPpPxtTRouCx+l/w==
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Cache-Control: max-age=604801
Expires: Tue, 14 May 2024 04:28:53 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff

45.57.91.1

200 OK

74 kB

URL GET HTTP/1.1
assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint69:58:57:82:DD:57:4D:52:BC:C0:2A:D3:6D:05:AE:64:4F:61:66:97
ValidityThu, 02 May 2024 00:00:00 GMT - Sat, 01 Jun 2024 22:07:01 GMT

File type
Web Open Font Format, CFF, length 73572, version 0.0
Size
74 kB (73572 bytes)
Hash
7cf6156cc481244b5a254362d7b73f00
4391003d1cb06d2bd1921a5813a57604fa7d9935
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

HTTP Headers

GET /ffe/siteui/fonts/nf-icon-v1-93.woff HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cpanel12wh.bkk1.cloud.z.com
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 04:28:52 GMT
Content-Type: font/woff
Content-Length: 73572
Connection: keep-alive
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Cache-Control: max-age=604801
Expires: Tue, 14 May 2024 04:28:53 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/img/apple-pay_main.jpg

163.44.198.61

404 Not Found

10 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/img/apple-pay_main.jpg
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10194 bytes)
Hash
6bbafe96723847df24aab144d18a07a9
1dd837677fc3bc45956b8961184d2d0fd526aba4
22bb5d289d72241b0c09f2f32debf155767a5d268a35376ddfd1f1b324743fbb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/img/apple-pay_main.jpg HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 04:28:52 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/img/nficon2016.png

163.44.198.61

404 Not Found

10 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/img/nficon2016.png
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10186 bytes)
Hash
9d47b8c7efbaa22b68bccea5211b577e
18fb3042e3df1bb8e1634669bb0b04eb6901d0d6
389a0afb355c2f7e699ac7bae90692742856fab094e55c2291d3ab8d371b5694

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/img/nficon2016.png HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 04:28:53 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/img/nficon2016.ico

163.44.198.61

404 Not Found

10 kB

URL GET HTTP/1.1
cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/img/nficon2016.ico
IP
163.44.198.61:443
ASN
#135161 GMO-Z com NetDesign Holdings Co., Ltd.

Requested by
https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Certificate
IssuerLet's Encrypt
Subjectcpanel12wh.bkk1.cloud.z.com
Fingerprint61:3D:64:59:5F:27:1A:0B:69:DA:2C:4A:E0:0A:A1:0F:DA:18:97:45
ValidityTue, 23 Apr 2024 18:52:41 GMT - Mon, 22 Jul 2024 18:52:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4070)
Size
10 kB (10186 bytes)
Hash
8ace3612c89332dc40a529c5b066bd29
ec6e449740df637eab61129052f742b12aa597a6
ea8929e4c97ccbf36229d1f24a4b3a4585a32be422dfaa95577ae148371c7dc2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /~cp318430/app/browser/info/img/nficon2016.ico HTTP/1.1
Host: cpanel12wh.bkk1.cloud.z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cpanel12wh.bkk1.cloud.z.com/~cp318430/app/browser/info/vbv.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 07 May 2024 04:28:53 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size