![](/screenshots/2e890885-35ed-4d6f-a641-8f43d7ecf4a4.png)
82d7ae415a21-llama-catalog.baby-beamup.club
Open in
urlscan Pro
172.67.222.90
Malicious Activity!
Public Scan
Effective URL: https://82d7ae415a21-llama-catalog.baby-beamup.club/
Submission: On February 02 via manual from PT — Scanned from PT
Summary
TLS certificate: Issued by GTS CA 1P5 on December 7th 2023. Valid for: 3 months.
This is the only time 82d7ae415a21-llama-catalog.baby-beamup.club was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.94.103 104.21.94.103 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 172.67.222.90 172.67.222.90 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 142.250.186.131 142.250.186.131 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.67 142.250.186.67 | 15169 (GOOGLE) (GOOGLE) | |
14 | 3 |
ASN13335 (CLOUDFLARENET, US)
82d7ae415a21-llama-catalog.baby-beamup.club |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
www.gstatic.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
baby-beamup.club
1 redirects
82d7ae415a21-llama-catalog.baby-beamup.club |
1 MB |
3 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
2 MB |
14 | 2 |
Domain | Requested by | |
---|---|---|
12 | 82d7ae415a21-llama-catalog.baby-beamup.club |
1 redirects
82d7ae415a21-llama-catalog.baby-beamup.club
|
2 | www.gstatic.com |
82d7ae415a21-llama-catalog.baby-beamup.club
www.gstatic.com |
1 | fonts.gstatic.com |
82d7ae415a21-llama-catalog.baby-beamup.club
|
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
baby-beamup.club GTS CA 1P5 |
2023-12-07 - 2024-03-06 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://82d7ae415a21-llama-catalog.baby-beamup.club/
Frame ID: 28EB902D44E16ECD8DD19CC6B30361BC
Requests: 14 HTTP requests in this frame
Screenshot
![](/screenshots/2e890885-35ed-4d6f-a641-8f43d7ecf4a4.png)
Page Title
CyberFlix ConfigurationPage URL History Show full URLs
-
http://82d7ae415a21-llama-catalog.baby-beamup.club/
HTTP 301
https://82d7ae415a21-llama-catalog.baby-beamup.club/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://82d7ae415a21-llama-catalog.baby-beamup.club/
HTTP 301
https://82d7ae415a21-llama-catalog.baby-beamup.club/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
82d7ae415a21-llama-catalog.baby-beamup.club/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flutter.js
82d7ae415a21-llama-catalog.baby-beamup.club/static/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.dart.js
82d7ae415a21-llama-catalog.baby-beamup.club/static/ |
2 MB 642 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
canvaskit.js
www.gstatic.com/flutter-canvaskit/f40e976bedff57e69e1b3d89a7c2a3c617a03dad/chromium/ |
91 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FontManifest.json
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/ |
209 B 595 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MaterialIcons-Regular.otf
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/fonts/ |
8 KB 4 KB |
Fetch
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
CupertinoIcons.ttf
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/packages/cupertino_icons/assets/ |
1 KB 1 KB |
Fetch
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
fonts.gstatic.com/s/roboto/v20/ |
167 KB 90 KB |
Fetch
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
canvaskit.wasm
www.gstatic.com/flutter-canvaskit/f40e976bedff57e69e1b3d89a7c2a3c617a03dad/chromium/ |
5 MB 1 MB |
Fetch
application/wasm |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
data.json
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/assets/ |
13 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AssetManifest.bin.json
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/ |
551 B 732 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kofi.png
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/assets/ |
2 KB 3 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bg_image.jpeg
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/assets/ |
331 KB 331 KB |
Fetch
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
82d7ae415a21-llama-catalog.baby-beamup.club/static/assets/assets/ |
39 KB 39 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _flutter function| CanvasKitInit object| flutterCanvasKit0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
82d7ae415a21-llama-catalog.baby-beamup.club
fonts.gstatic.com
www.gstatic.com
104.21.94.103
142.250.186.131
142.250.186.67
172.67.222.90
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
19e9fdb3d1627bf4b5cfe44637351667789f0e256f2246e29ac5ec4a1ee99d5e
21d4a1ad4601d893f2aa596be55eeda7907d1f82c88b69c4572637d26c9d41e5
27e8e6e3ab372560fcbfd4eaaa23b6b7a02717f9bef310f059ec7e65c43fc5b0
3f9e48f3fd854b3a16ea28cd9b91ec29015c13f9a40aea23c57a6c46d130e2fd
7fdbec971320c919b2ad3481c3220fa8ddaecf1cf462f0d542c9e908b81f8d12
8feac2c840422816b3901d744e5cf4bc2a2d3e97c87b73027be55f341dca1e66
9537851a8b3176747b7dcee70afe56aad2054edb3f2c02bddfa1e132d6d68f50
9e3c018b1cdac644c2e47130ba28983aa6a1b729eedfe480600a9a2aa5f3fda2
bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531
e1ace1f618888afb3c644f1704bef2fb5042ebdb3c5a190143403e67fbbe08e7
e4709c37adb2d5a20ca805fe3ff1c4e59d6534959a22d0711f6b69506afa00c5
ef936be02d26b6d80d4602fd62319add1a1dd5bbe4655d67d84380963ce9a040
f08cc670287fca107c912449a9c503872f358b4e7e6ed80ed58fc8c7ba256e16