Overview

URL update-billing-netflix.com/goto
IP91.234.99.198
ASNAS198378 TELP Ltd.
Location Ukraine
Report completed2018-09-21 15:02:35 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-09-21 2 update-billing-netflix.com/goto Phishing
2018-09-21 2 update-billing-netflix.com/goto/ Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/ Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/Files/index.html Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/Files/Login.php Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/Files/Images/nf-favicon-hires.ico Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/Files/Style/js2.js Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/Files/Style/js3.js Phishing
2018-09-21 2 billing.netflix.com.update-billing-netflix.com/Files/Style/js1.js Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 91.234.99.198

Date UQ / IDS / BL URL IP
2018-08-24 23:12:47 +0200
2 - 0 - 0 buszinfo.com/vbnm/index.php?cardio=exercise 91.234.99.198
2018-08-18 23:05:43 +0200
0 - 0 - 1 feroiz.com/vcxz/index.php 91.234.99.198
2018-08-17 15:29:44 +0200
0 - 0 - 0 https://ajkalmenenew.info/hanjus/chalo.php?id (...) 91.234.99.198
2018-08-15 22:00:48 +0200
0 - 0 - 0 https://tastyicecrenz.info/ 91.234.99.198
2018-08-15 16:34:39 +0200
1 - 0 - 3 ayendanahi.info/qwsa/index.php?trable=indeke 91.234.99.198
2018-08-14 15:41:56 +0200
0 - 0 - 0 https://captianincric.info/tyhg/1upm5s4afz6o7 (...) 91.234.99.198
2018-08-14 14:32:00 +0200
0 - 0 - 1 https://chutihainyar.info/ajkam/ 91.234.99.198
2018-08-10 04:33:14 +0200
0 - 0 - 1 https://maryumaslam.info/dfvc/index.php?runni (...) 91.234.99.198
2018-08-09 21:45:57 +0200
0 - 0 - 0 onieupdate.com/ 91.234.99.198
2018-08-09 15:19:49 +0200
0 - 0 - 1 chutihainyar.info 91.234.99.198

Last 10 reports on ASN: AS198378 TELP Ltd.

Date UQ / IDS / BL URL IP
2019-04-18 22:14:15 +0200
0 - 0 - 3 uptodaiteservice.com/ 91.234.99.186
2019-04-16 15:03:13 +0200
0 - 0 - 1 https://guideswatersupply.top/emailsearch 91.234.99.110
2019-04-16 06:09:49 +0200
0 - 0 - 1 loftnewbus.top/admin/toda.zip 91.234.99.110
2019-04-15 20:43:36 +0200
0 - 0 - 0 https://spadivine.xyz/rogersmail/rogers/index.html 91.234.99.86
2019-04-11 08:17:29 +0200
0 - 0 - 1 locatefiles.top/admin/toda/toda/toda/toda/off (...) 91.234.99.110
2019-04-11 01:06:48 +0200
0 - 0 - 1 https://carolynanduys.gb.net/FIEL?email= 91.234.99.117
2019-04-10 20:18:40 +0200
0 - 0 - 7 diyateryhathmai.xyz/fes/index.php 91.234.99.117
2019-04-08 23:33:13 +0200
0 - 0 - 1 https://micthedreamice.info/dfty/index.php?re (...) 91.234.99.149
2019-04-08 22:16:49 +0200
0 - 0 - 3 lopstimetogo.com/ 91.234.99.186
2019-04-08 20:01:42 +0200
0 - 0 - 0 https://micthedreamice.info/dfty/index.php?reun 91.234.99.149

No other reports on domain: update-billing-netflix.com



JavaScript

Executed Scripts (4)


Executed Evals (1)

#1 JavaScript::Eval (size: 14, repeated: 1) - SHA256: 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33

                                        /*@cc_on!@*/ !1
                                    

Executed Writes (0)



HTTP Transactions (20)


Request Response
                                        
                                            GET /goto HTTP/1.1 
Host: update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 21 Sep 2018 13:01:51 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Location: http://update-billing-netflix.com/goto/
Content-Length: 247
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   247
Md5:    9c09a71a779ff123a4275e631415979d
Sha1:   611554c0a637b88f7da3409e223d8fb32c805fd5
Sha256: 0c34e16545a66b21299c6797bf7d6464c62d6e0a9e4be5dc866348f25d5bb488

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /goto/ HTTP/1.1 
Host: update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 21 Sep 2018 13:01:51 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
X-Powered-By: PHP/5.6.37
Location: https://billing.netflix.com.update-billing-netflix.com/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "3B6AE0D8C39AAB6D4CDD8A0454ED495492CA455123B7F928CE4D95E743611B1D"
Last-Modified: Fri, 21 Sep 2018 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43200
Expires: Sat, 22 Sep 2018 01:02:04 GMT
Date: Fri, 21 Sep 2018 13:02:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    67a55b15b644d1e4e1ee42a7133e1652
Sha1:   11b29e5ca5320beb2b5d1c4ad78ecce20a286bab
Sha256: 3b6ae0d8c39aab6d4cdd8a0454ed495492ca455123b7f928ce4d95e743611b1d
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.113
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 20 Sep 2018 21:30:11 GMT
Etag: "1e3bb830c683f587481d1f32b2fa72e7111c956a"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=18007
Expires: Fri, 21 Sep 2018 18:02:11 GMT
Date: Fri, 21 Sep 2018 13:02:04 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    0b4e5255380f313c4ae2aac396fcfe3d
Sha1:   1e3bb830c683f587481d1f32b2fa72e7111c956a
Sha256: 573d991056746a1b517325337fdb86ccee45e716bbd0c81e8772cfe07b4f3826
                                        
                                            GET / HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 21 Sep 2018 13:01:51 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
X-Powered-By: PHP/5.6.37
Location: Files/index.html
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /Files/index.html HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Fri, 21 Sep 2018 13:01:51 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:51:26 GMT
Etag: "36-57657e0a5993d"
Accept-Ranges: bytes
Content-Length: 54
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   54
Md5:    121f26530aec39d65a45355b838ad76a
Sha1:   fd5d5b57a0439c86b41c441f5399f71cb19e9b08
Sha256: 2f8a92e1e826459c9ac0dc4fb7f62f78be05f349a74aa25e16e1723782daf6ac

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 21 Sep 2018 13:01:51 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Content-Length: 209
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
                                        
                                            GET /Files/Login.php HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
X-Powered-By: PHP/5.6.37
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   5398
Md5:    2a5babcac54518dc5a67f6dc1413c043
Sha1:   21fab6b814ce09825cdb28a7bdc5a7549b8cfd20
Sha256: 07d442d260438846e1b72224f7a5fcc3b034ae020fd157f1a3d91ff76a9fc66e

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /Files/Style/css2.css HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:52:05 GMT
Etag: "2b-57657e2f86aad"
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   43
Md5:    43962af242a44d863a9f8d277df7c3db
Sha1:   67847d301f88303e848208897c7fe33ae2ee7855
Sha256: 9665c87b7234ca799f8f388d0d691b3587327e68bac389e265abd54cd784bfdd
                                        
                                            GET /Files/Style/css1.css HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:52:05 GMT
Etag: "8d76-57657e2f86e95"
Accept-Ranges: bytes
Content-Length: 36214
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   36214
Md5:    66981f7ac529cc4b734cbde8f115c17e
Sha1:   e15c2231e485615910bb0eb4308374822117277a
Sha256: 89ff8c8b376e5733e05dfe32a6c6c834f2a04b93b0165cee16d2032a47b15b9c
                                        
                                            GET /Files/Style/css3.css HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:52:06 GMT
Etag: "29ea-57657e304ab65"
Accept-Ranges: bytes
Content-Length: 10730
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   10730
Md5:    93dfff3019bc47df872bcbbd9289495d
Sha1:   b123f2cac06391e27f8a08d736737ac5e03e4539
Sha256: d7d01e005fc69e932089df3497391f2c5ebef0d9e944038e5b81e0812a15e4c6
                                        
                                            GET /Files/Images/nf-favicon-hires.ico HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:51:47 GMT
Etag: "66c2-57657e1dfda75"
Accept-Ranges: bytes
Content-Length: 26306
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 16x16, 256-colors
Size:   26306
Md5:    08243bf774488ebb713162fb3a9b8b16
Sha1:   b76e2bc10f53e3ac9ee677ea5d503e10355da6db
Sha256: 9fa6c8f794fcbfdde1de5c4c9b14e5159b84ce0e1705315d575db3d894751afd

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /Files/Images/question_mark.png HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:51:48 GMT
Etag: "234-57657e1f84475"
Accept-Ranges: bytes
Content-Length: 564
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 21 x 21, 8-bit/color RGBA, non-interlaced
Size:   564
Md5:    bc0b7911c45148779ec108ac79a02f50
Sha1:   6a88eb2e0e21af28af7cb91997c455cc72f4b5df
Sha256: 973576ba6483c6c75d1d55339c1cac5d742abef700ede0903341ab222a2ee7c2
                                        
                                            GET /Files/Images/icon_lock_12x15_yellow.png HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:51:40 GMT
Etag: "46d-57657e171d665"
Accept-Ranges: bytes
Content-Length: 1133
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 12 x 15, 8-bit/color RGBA, non-interlaced
Size:   1133
Md5:    e1e0d08ffacc387b396dd3d05905a4ba
Sha1:   0840b4d1bd7468147171498ab4b1042addb1a16c
Sha256: c31e5ae9166763db7211b4719f4b8cbe34e7b15c0c4fa510e9f60510d94fb1ce
                                        
                                            GET /Files/Style/js2.js HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:52:08 GMT
Etag: "63e0-57657e31d34a5"
Accept-Ranges: bytes
Content-Length: 25568
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   25568
Md5:    0f1aa27d342ce4c8d2249f60af257841
Sha1:   bf33c625c2a553c8c551d90968e6cb57e27642f1
Sha256: ab37de7856c1f7e9f272ac206947a3301d1281849bb529fa5aa01d2338c2f51e

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /Files/Images/logo-shadow2x.png HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Style/css1.css

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:51:44 GMT
Etag: "dd9-57657e1aef2ed"
Accept-Ranges: bytes
Content-Length: 3545
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 300 x 85, 8-bit colormap, non-interlaced
Size:   3545
Md5:    b6710fde3c261e1af25890251ce396c0
Sha1:   a6818c2dc2176af1878a56689b2012518792df24
Sha256: ce5ea4082631428eafcff63b01c85d0a3065eb81baa023128fc022f74ae2220d
                                        
                                            GET /Files/Style/js3.js HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:52:08 GMT
Etag: "190c8-57657e3298ccd"
Accept-Ranges: bytes
Content-Length: 102600
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   102600
Md5:    89b2d96eb225544fc1a071b7cb98c9cf
Sha1:   e918718ff1c119ca72b6ca30c4195b627cfb4f6d
Sha256: 7c7c559bbf66e9223fb4988f54f6ffc4ca1cc62fd826fc00bbd8d48615d90dd1

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /Files/Style/js1.js HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Login.php

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:52:08 GMT
Etag: "5c1f9-57657e3220705"
Accept-Ranges: bytes
Content-Length: 377337
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   377337
Md5:    5110bffaafc51582478209b0bfb8387b
Sha1:   c93f9d3ba20e12190a68b3ed1a62ad12c97384ae
Sha256: 3c6174161d4269e3ebc614a3f2359ce16cc200b49aca1d218d14c185b6d4079b

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /Files/Images/login_lifestyle_tall_close_crop.jpg HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://billing.netflix.com.update-billing-netflix.com/Files/Style/css3.css

                                         
                                         91.234.99.198
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Fri, 21 Sep 2018 13:01:52 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Last-Modified: Fri, 21 Sep 2018 01:51:42 GMT
Etag: "150d2-57657e198ea4d"
Accept-Ranges: bytes
Content-Length: 86226
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   86226
Md5:    e4663f0595b02fb1c3947fc1f15eb812
Sha1:   aa95614c743b24ea31e59184e73c92a86ab1c1ad
Sha256: baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: billing.netflix.com.update-billing-netflix.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         91.234.99.198
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 21 Sep 2018 13:01:54 GMT
Server: Apache/2.4.34 (Unix) OpenSSL/1.0.1e-fips
Content-Length: 209
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   209
Md5:    18ffb59b61525f781cf9251045be575d
Sha1:   bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
Sha256: b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642