Report - ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php

Report Overview

Visited public
2025-06-02 01:31:12
Tags
netflix phishing
URL
ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Finishing URL
ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
IP / ASN
185.146.165.97
#48254 20i Limited
Title
Netflix
Phishing - Netflix

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assets.nflxext.com	3871	2011-02-11	2015-07-22	2025-05-30	2.8 kB	185 kB	45.57.91.1
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2025-05-28	1.0 kB	23 kB	104.18.87.42
ticket-id82001337911-es.us.stackstaging.com	unknown	2016-02-12	2025-06-02	2025-06-02	6.2 kB	574 kB	185.146.165.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	From	Size	First Seen	Last Seen
	ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/otSDKStub.js	ScriptElement	26 kB	2023-03-26	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/otSDKStub.js IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 05:12 Last Seen2025-06-02 01:31 Times Seen24 Hash 10e367ac910cc8ad9be05cfbf4036e57 ff5dec5c85b00e742c02ef515c2a44c2db97f7e7 e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	268 B	2025-02-28	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-28 22:53 Last Seen2025-06-02 07:23 Times Seen4 Hash d5b446b5a1196096ca97f7e3e2b9c246 9fba63b832e31f03f57a330cccbf4d8afecb0c1d 3b59daef961ccd7b1f5de2bcb24fb080fe022859448b3be170130d58b4d85610 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	374 B	2023-03-07	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-02 18:20 Times Seen168 Hash 65a81ff6df898a4bbe90b2cc2c8b5e40 ed60e60aa6bc34db91d9cdde37d164e1fad24083 868c62d3e4ca4070aba3ecbd57e49941c480611cf9e129e2299ea174d802cee8 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-06-10
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery-3.5.1.min.js IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-10 03:50 Times Seen112779 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js	ScriptElement	23 kB	2023-03-07	2025-06-09
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-06-09 17:21 Times Seen1781 Hash 24992f1ed62baf9393609f3c6c2ad20e 34716cf70f7f7a9cd072e7796c34ce987f85d18c a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	2.9 kB	2023-03-07	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-02 18:20 Times Seen168 Hash 096988ffeee1c7f6c9704d2b0862163f 0df3e2a0f6b60d648331747892fe0a81ba6f4b36 be54b0e4d2cfacf935c717292d77bcc6a623d91a767ae5db9f22df49bb9bebd9 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	118 B	2023-03-07	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-02 18:20 Times Seen168 Hash 11c14919ed3d06e54cf8f6f86cef6a71 de2d4401f34cc4020db235d13f0cdfea25b8428b ba5add5f84a8fe069b4107c643e8a9ede7d04c6e0ff96ab6c6d083d83cac5178 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	397 B	2023-03-07	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-02 18:20 Times Seen168 Hash cce0ab22819f9f15acba59140c691bc8 c575d170c8deb665091c7eb8d06dcd1e78700626 658f7bb822289c279606639f07073f541eb78c8620858f5265f7e94581a4f74a Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	233 B	2023-03-07	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-02 18:20 Times Seen168 Hash ee74e404a7f8b94f6821d6f0b1101636 4e977d314377b26bb61864486f32a0214cdfc06c a3f525d5fd2d47ce76155eed70731d98280691408d7443d4fb1f98838296870a Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	143 B	2023-03-07	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-06-02 18:20 Times Seen168 Hash b25a09aef9c55a5a1af9dd0e61ef81c8 240ac9cee2e6b6b072e67ec5374b23b9f6de3c18 fd34cfa82b57907348a1a0de3b09025d1b3fea555f90145f1db05345dd2fe249 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	17 kB	2025-02-28	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-28 22:53 Last Seen2025-06-02 07:23 Times Seen4 Hash 02b8ccd5d7a54f662684c9f850dc6a5c efec3ad9714e0926e700d4fff1aee56f44da53e8 e2894bbb94c60ea6efa44e7a6e6799366101898571c102a47fec93fe7232c447 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js	ScriptElement	23 kB	2023-03-07	2025-06-09
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-06-09 17:21 Times Seen1781 Hash 24992f1ed62baf9393609f3c6c2ad20e 34716cf70f7f7a9cd072e7796c34ce987f85d18c a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	66 B	2023-03-07	2025-06-06
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-06 17:13 Times Seen206 Hash 4abc64a802920a119c8f83c365c29d2b 8635509457d014184437306b4c3cd02e8998f535 e90e0f55b55b9acb2af9d0ebdfbd3223b27fa73e39f2a81513df914b556a5871 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	371 B	2023-03-07	2025-06-06
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-06-06 17:13 Times Seen206 Hash 6ff41c409959148570e728b6be6ec3a5 136ac0bf11c4c664707c4f230a7af4f40faa0346 b540a71ee97da488e71c9ea903420170793f3b43914e41e512714e20d9806169 Loading...

	ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php	ScriptElement	130 B	2025-02-28	2025-06-02
Pretty URL ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php IP 185.146.165.97 ASN #48254 20i Limited Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-28 22:53 Last Seen2025-06-02 07:23 Times Seen4 Hash 1edecb8fe0bf32436392b374980fa955 8c51be253b7895e7e635a3444110318cae0c35fb af3c2a9c33f2abf0c90884cc95142b664fa6f5bbddf92c098f5ee05e929cc9f7 Loading...

HTTP Transactions (19)

URL IP Response Size

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery-3.5.1.min.js

185.146.165.97

200 OK

90 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery-3.5.1.min.js
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/jquery-3.5.1.min.js HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/javascript
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: W/"15d84-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:41 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2

45.57.91.1

200 OK

53 kB

URL GET
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
FingerprintAF:17:BC:83:F0:95:69:18:A8:58:A7:4B:F4:C8:7E:92:48:77:96:55
ValidityTue, 27 May 2025 00:00:00 GMT - Thu, 26 Jun 2025 23:02:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 53304, version 2.6554
Size
53 kB (53304 bytes)
Hash
0bf3177f1fed6d953178221fba43c7e8
83d9f039f1ba7209321c7da72d3dc6a9aa5e2ab3
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

HTTP Headers

GET /ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticket-id82001337911-es.us.stackstaging.com
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Mon, 02 Jun 2025 01:30:41 GMT
Content-Type: font/woff2
Content-Length: 53304
Connection: keep-alive
Content-MD5: C/MXfx/tbZUxeCIfukPH6A==
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Cache-Control: max-age=604801
Expires: Mon, 09 Jun 2025 01:30:42 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2

45.57.91.1

200 OK

54 kB

URL GET
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint69:15:88:51:EE:F0:AA:01:EF:52:18:D9:7C:5C:C6:EF:DE:0E:CE:FC
ValiditySat, 31 May 2025 00:00:00 GMT - Wed, 02 Jul 2025 00:35:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 53940, version 2.6554
Size
54 kB (53940 bytes)
Hash
ea769921b0cfa4fc6d4d1a2e0b1fa5ff
34dcd2875c9752ebba6f894eb8d410e4958cc1b4
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

HTTP Headers

GET /ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticket-id82001337911-es.us.stackstaging.com
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Mon, 02 Jun 2025 01:30:41 GMT
Content-Type: font/woff2
Content-Length: 53940
Connection: keep-alive
Content-MD5: 6naZIbDPpPxtTRouCx+l/w==
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Cache-Control: max-age=604801
Expires: Mon, 09 Jun 2025 01:30:42 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/simpleSignupClient.js.7616abe51a1edf39b57c.js

185.146.165.97

404 Not Found

196 B

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/simpleSignupClient.js.7616abe51a1edf39b57c.js
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/simpleSignupClient.js.7616abe51a1edf39b57c.js HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: Apache
x-origin-cache-status: HIT
date: Mon, 02 Jun 2025 01:30:41 GMT
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: HIT
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js

185.146.165.97

200 OK

23 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
23 kB (23176 bytes)
Hash
24992f1ed62baf9393609f3c6c2ad20e
34716cf70f7f7a9cd072e7796c34ce987f85d18c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/jquery.mask.js HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/javascript
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: W/"5a88-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:41 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php

185.146.165.97

200 OK

160 kB

URL User Request GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
IP
185.146.165.97:443
ASN
#48254 20i Limited

Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (28220), with CRLF line terminators
Size
160 kB (160364 bytes)
Hash
e3ddce6009eea6bfa9ea0fd8489f65fa
c3f7aece635308038b1d82b76c934db168cb61a8
d938c0d7f1f593563020680bd51df8207675ab5cf242f670828cebe3f960102f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/cc.php HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.3.33
x-provided-by: StackCDN
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:40 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/CSS/error-page.b122c37502204303115a.css

185.146.165.97

200 OK

0 B

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/CSS/error-page.b122c37502204303115a.css
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/CSS/error-page.b122c37502204303115a.css HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/css
content-length: 0
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: "0-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:41 GMT
x-origin-cache-status: MISS
accept-ranges: bytes
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/static/powered_by_logo.svg

104.18.87.42

200 OK

5.2 kB

URL GET
cdn.cookielaw.org/logos/static/powered_by_logo.svg
IP
104.18.87.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerGoogle Trust Services
Subjectcookielaw.org
Fingerprint7E:44:88:32:61:F5:87:72:55:0B:A6:75:76:F3:7F:C1:B8:F6:CA:CF
ValiditySun, 06 Apr 2025 20:15:04 GMT - Sat, 05 Jul 2025 21:15:01 GMT

File type
SVG Scalable Vector Graphics image
Size
5.2 kB (5194 bytes)
Hash
63e737d3544164d2b7f4fbca416ac807
030370aa38715e4c41589633f69d0bfe8255d46c
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

HTTP Headers

GET /logos/static/powered_by_logo.svg HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:41 GMT
content-type: image/svg+xml
content-md5: Y+c301RBZNK39PvKQWrIBw==
last-modified: Thu, 29 May 2025 09:39:23 GMT
x-ms-request-id: 07b5c4d8-101e-0057-7d0d-d17a07000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 80240
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 94932fd7d8f756a4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/img/nficon2016.png

185.146.165.97

200 OK

1.8 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/img/nficon2016.png
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1755 bytes)
Hash
3d194514babc5d7d010308a0f808ca51
867e51e9b4a474c19da52d6454076c007a9d01f2
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/img/nficon2016.png HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: image/png
content-length: 1755
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: "6db-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:42 GMT
x-origin-cache-status: MISS
accept-ranges: bytes
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/simpleSignupClient.js.7616abe51a1edf39b57c.js

185.146.165.97

404 Not Found

196 B

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/simpleSignupClient.js.7616abe51a1edf39b57c.js
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/simpleSignupClient.js.7616abe51a1edf39b57c.js HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: Apache
x-origin-cache-status: HIT
date: Mon, 02 Jun 2025 01:30:41 GMT
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: HIT
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/otSDKStub.js

185.146.165.97

200 OK

26 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/otSDKStub.js
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26237)
Size
26 kB (26238 bytes)
Hash
10e367ac910cc8ad9be05cfbf4036e57
ff5dec5c85b00e742c02ef515c2a44c2db97f7e7
e85a649094d881201f7a886c94cd19e72196c761da5017c9269b03b35ca9c5c4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/otSDKStub.js HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/javascript
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: W/"667e-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:41 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/otSDKStub.js/consent//.json

185.146.165.97

403 Forbidden

199 B

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/otSDKStub.js/consent//.json
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
199 B (199 bytes)
Hash
bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/otSDKStub.js/consent//.json HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: Apache
x-origin-cache-status: EXPIRED
date: Mon, 02 Jun 2025 01:30:41 GMT
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: EXPIRED
X-Firefox-Spdy: h2

ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js

185.146.165.97

200 OK

23 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/js/jquery.mask.js
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
23 kB (23176 bytes)
Hash
24992f1ed62baf9393609f3c6c2ad20e
34716cf70f7f7a9cd072e7796c34ce987f85d18c
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/js/jquery.mask.js HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/javascript
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: W/"5a88-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:41 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff

45.57.91.1

200 OK

74 kB

URL GET
assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint7A:EC:73:21:F0:67:40:83:28:4F:FC:C7:85:E5:72:FD:F5:6E:15:21
ValidityTue, 27 May 2025 00:00:00 GMT - Tue, 01 Jul 2025 00:00:17 GMT

File type
Web Open Font Format, CFF, length 73572, version 0.0
Size
74 kB (73572 bytes)
Hash
7cf6156cc481244b5a254362d7b73f00
4391003d1cb06d2bd1921a5813a57604fa7d9935
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

HTTP Headers

GET /ffe/siteui/fonts/nf-icon-v1-93.woff HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ticket-id82001337911-es.us.stackstaging.com
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Mon, 02 Jun 2025 01:30:41 GMT
Content-Type: font/woff
Content-Length: 73572
Connection: keep-alive
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Cache-Control: max-age=604801
Expires: Mon, 09 Jun 2025 01:30:42 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ticket-id82001337911-es.us.stackstaging.com/pl/auth/CSS/simplicity.d8dd46b76c259a71c457.css

185.146.165.97

200 OK

227 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/CSS/simplicity.d8dd46b76c259a71c457.css
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
ASCII text, with very long lines (374), with CRLF line terminators
Size
227 kB (227055 bytes)
Hash
be495488ad8c31135fef240f21850903
8d14e50308b3400055b833ea3b997874bcd070e4
123ce9b1145d19f212c713d60d547ebaa30c4ddc3c36457c80246d1f3bc4f53e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/CSS/simplicity.d8dd46b76c259a71c457.css HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: text/css
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: W/"376ef-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:41 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

assets.nflxext.com/siteui/acquisition/payment/ffe/paymentpicker/VISA.png

45.57.91.1

200 OK

1.5 kB

URL GET
assets.nflxext.com/siteui/acquisition/payment/ffe/paymentpicker/VISA.png
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint7A:EC:73:21:F0:67:40:83:28:4F:FC:C7:85:E5:72:FD:F5:6E:15:21
ValidityTue, 27 May 2025 00:00:00 GMT - Tue, 01 Jul 2025 00:00:17 GMT

File type
PNG image data, 40 x 25, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1548 bytes)
Hash
b481e0f885f5dfea7e75da60a2d9a307
5c5866dcf5108b9bff3a60543280478f3cb69e25
cc7372fbcaf2d34b2e238f771261c54a1d37d22d8dfdcb1df78faf58cf62aabd

HTTP Headers

GET /siteui/acquisition/payment/ffe/paymentpicker/VISA.png HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Mon, 02 Jun 2025 01:30:41 GMT
Content-Type: image/png
Content-Length: 1548
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:26 GMT
ETag: "b481e0f885f5dfea7e75da60a2d9a307"
Expires: Mon, 09 Jun 2025 01:30:42 GMT
Cache-Control: max-age=604801
Accept-Ranges: bytes

assets.nflxext.com/siteui/acquisition/payment/ffe/paymentpicker/MASTERCARD.png

45.57.91.1

200 OK

1.3 kB

URL GET
assets.nflxext.com/siteui/acquisition/payment/ffe/paymentpicker/MASTERCARD.png
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
FingerprintA1:34:1D:0F:99:56:CC:1C:63:02:05:43:4B:A2:74:90:71:56:77:C7
ValidityWed, 28 May 2025 00:00:00 GMT - Fri, 04 Jul 2025 00:31:20 GMT

File type
PNG image data, 40 x 25, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1348 bytes)
Hash
85b85e2c248bb5ad8aac6eb55f2589c0
5f79d9621ca3760e73cfa573b5b66e74710e92a4
560e0fa112df9f2a63b59037ff72e01f2a2650c81a3674d9107cca23c3b6f76b

HTTP Headers

GET /siteui/acquisition/payment/ffe/paymentpicker/MASTERCARD.png HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Mon, 02 Jun 2025 01:30:41 GMT
Content-Type: image/png
Content-Length: 1348
Connection: keep-alive
Last-Modified: Tue, 24 Jan 2023 22:57:38 GMT
ETag: "85b85e2c248bb5ad8aac6eb55f2589c0"
Expires: Mon, 09 Jun 2025 01:30:42 GMT
Cache-Control: max-age=604801
Accept-Ranges: bytes

ticket-id82001337911-es.us.stackstaging.com/pl/auth/img/nficon2016.ico

185.146.165.97

200 OK

17 kB

URL GET
ticket-id82001337911-es.us.stackstaging.com/pl/auth/img/nficon2016.ico
IP
185.146.165.97:443
ASN
#48254 20i Limited

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerDigiCert Inc
Subject*.us.stackstaging.com
Fingerprint71:30:D5:E7:C3:42:A8:62:F6:BE:9A:45:F0:3F:C2:E6:8B:0D:85:AB
ValidityTue, 16 Jul 2024 00:00:00 GMT - Wed, 06 Aug 2025 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /pl/auth/img/nficon2016.ico HTTP/1.1
Host: ticket-id82001337911-es.us.stackstaging.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:36 GMT
content-type: image/x-icon
server: Apache
x-provided-by: StackCDN
last-modified: Tue, 21 May 2024 16:27:42 GMT
etag: W/"423e-618f94c0b5b80"
cache-control: max-age=86400
expires: Tue, 03 Jun 2025 01:30:42 GMT
vary: Accept-Encoding, Accept-Encoding
x-origin-cache-status: MISS
content-encoding: gzip
x-via: DFW1
x-cdn-node-is-at-origin: 1
x-cdn-cache-status: MISS
X-Firefox-Spdy: h2

cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png

104.18.87.42

200 OK

16 kB

URL GET
cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png
IP
104.18.87.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ticket-id82001337911-es.us.stackstaging.com/pl/auth/cc.php
Certificate
IssuerGoogle Trust Services
Subjectcookielaw.org
Fingerprint7E:44:88:32:61:F5:87:72:55:0B:A6:75:76:F3:7F:C1:B8:F6:CA:CF
ValiditySun, 06 Apr 2025 20:15:04 GMT - Sat, 05 Jul 2025 21:15:01 GMT

File type
PNG image data, 1801 x 756, 8-bit/color RGBA, non-interlaced
Size
16 kB (16386 bytes)
Hash
dcc4094709a2dc14af288844556ff9b7
0dd0347c55ca4f5332e11d5b742babf8aebf8d6f
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384

HTTP Headers

GET /logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ticket-id82001337911-es.us.stackstaging.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 02 Jun 2025 01:30:41 GMT
content-type: image/png
content-length: 16386
content-md5: 3MQJRwmi3BSvKIhEVW/5tw==
last-modified: Mon, 18 May 2020 21:10:31 GMT
etag: 0x8D7FB6FE5CFC000
x-ms-request-id: 779bdfe8-301e-0004-5083-436608000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: cloudflare
cf-ray: 94932fd7d8f456a4-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML