e-web-solutions.com
Open in
urlscan Pro
216.172.184.76
Malicious Activity!
Public Scan
Effective URL: http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/
Submission: On September 30 via manual from GB
Summary
This is the only time e-web-solutions.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 67.195.197.75 67.195.197.75 | 26101 (YAHOO-3) (YAHOO-3 - Yahoo!) | |
1 | 34.238.132.116 34.238.132.116 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 6 | 216.172.184.76 216.172.184.76 | 20013 (CYRUSONE) (CYRUSONE - CyrusOne LLC) | |
6 | 3 |
ASN26101 (YAHOO-3 - Yahoo!, US)
PTR: p9ats-i.geo.vip.bf1.yahoo.com
studentrightsatschool.org |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-238-132-116.compute-1.amazonaws.com
np.lexity.com |
ASN20013 (CYRUSONE - CyrusOne LLC, US)
PTR: ns3264.hostgator.com
e-web-solutions.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
e-web-solutions.com
2 redirects
e-web-solutions.com |
224 KB |
1 |
lexity.com
np.lexity.com |
4 KB |
1 |
studentrightsatschool.org
studentrightsatschool.org |
1 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
6 | e-web-solutions.com |
2 redirects
e-web-solutions.com
|
1 | np.lexity.com |
studentrightsatschool.org
|
1 | studentrightsatschool.org | |
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/
Frame ID: 6DBC8E5D2000BB775378EB9F875E0D72
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://studentrightsatschool.org/blog/wp-content/themes/greenmarinee/images/hostingprod.html Page URL
-
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00
HTTP 301
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/ Page URL
-
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj
HTTP 301
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/ Page URL
Detected technologies
Apache Traffic Server (Web Servers) ExpandDetected patterns
- headers server /ATS\/?([\d.]+)?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://studentrightsatschool.org/blog/wp-content/themes/greenmarinee/images/hostingprod.html Page URL
-
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00
HTTP 301
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/ Page URL
-
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj
HTTP 301
http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00 HTTP 301
- http://e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
hostingprod.html
studentrightsatschool.org/blog/wp-content/themes/greenmarinee/images/ |
722 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1f05c2d099ef3dc38f682ce5aef65649
np.lexity.com/embed/YW/ |
9 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/ Redirect Chain
|
62 B 298 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/ Redirect Chain
|
1 KB 940 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
btn.jpg
e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/img/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
back1.jpg
e-web-solutions.com/wp-content/upgrade/mynetflex-ukpin00/MaFJX4ivy0xQPJj/img/ |
217 KB 217 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
e-web-solutions.com
np.lexity.com
studentrightsatschool.org
216.172.184.76
34.238.132.116
67.195.197.75
0094a3de822abf00627c6bf12283900cc6de816a1884ef56115f08b579c79ca6
55673d4d53eefa080118b6ed8e7df1dd3004b16783ebe68452138913518f34c9
5911c07c8f37009c26697403b7e3b62132deffbf5845ea479595f076ecc0dc84
a013678257d11aaaa333a32d62a4beec97567eb25b7db2d6e23622fd13fd5643
ad70dee4d613f9b81acf3414d3faaba70f67c8c7bd423ee7e7fee713662882fb
f8fc853a2a91b1c26ccd646a607ce9de210bfaa8eae8bfaf056177ac1289566b