lifereview.ga Open in urlscan Pro
187.17.111.99  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response lifereview.ga/net/	623 KB 115 KB	1063ms 467ms	Document text/html	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://lifereview.ga/net/ Protocol HTTP/1.1 Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash fc185f2b963e204610ddf550f9a5dafcb0cb9b59d5e1bda933dd0962ec818c1c Request headers Host lifereview.ga Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 18:59:22 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Server Apache X-App-Status 1 X-Cache-Status BYPASS Content-Encoding gzip
GET H/1.1	200 OK	none.js Show response lifereview.ga/net/js/	13 KB 5 KB	598ms 299ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://lifereview.ga/net/js/none.js Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security , , Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software nginx / Resource Hash cda3c88b41c89240e77591f59de23312fcef9cb00f5d83fc953700a4247ba218 Request headers Referer http://lifereview.ga/net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 18:59:23 GMT Content-Encoding gzip Last-Modified Sun, 30 Jun 2019 15:35:14 GMT Server nginx ETag W/"33e6-58c8c42011836" X-Cache-Status HIT Transfer-Encoding chunked Content-Type text/javascript X-App-Status 1 Connection keep-alive
GET H/1.1	200 OK	none1.js Show response lifereview.ga/net/js/	56 KB 19 KB	895ms 294ms	Script text/javascript	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://lifereview.ga/net/js/none1.js Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security , , Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software nginx / Resource Hash 7ad8c8c2d47662b3de7b09f5c789b09cbe453c66f7fa6fde6c9c7ab6c77bc3d1 Request headers Referer http://lifereview.ga/net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 18:59:23 GMT Content-Encoding gzip Last-Modified Sun, 30 Jun 2019 15:35:14 GMT Server nginx ETag W/"e1ca-58c8c42019b29" X-Cache-Status HIT Transfer-Encoding chunked Content-Type text/javascript X-App-Status 1 Connection keep-alive
GET H/1.1	200 OK	none codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-vf7fb5ef5/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/zN4H9wGRUOIMTY/none/true/	152 KB 25 KB	495ms 187ms	Stylesheet text/css	2a00:86c0:2090::1 Netflix Streaming...
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-vf7fb5ef5/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/zN4H9wGRUOIMTY/none/true/none Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US), Reverse DNS Software nginx / Resource Hash e27be853bc076807f383e8a42ab96d75fc39d91988c2d0b1272fcf2c0c48672e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://lifereview.ga/net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 18:59:23 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Type text/css; charset=UTF-8 Server nginx X-Netflix_nfstatus 1_1 Transfer-Encoding chunked X-Netflix_proxy_execution-time 39 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id a3bd970e-b6d7-43c9-a0ba-9e27ba8e11c7 Connection keep-alive Timing-Allow-Origin https://www.netflix.com Expires Thu, 02 Jan 2020 14:49:26 GMT
GET H/1.1	200 OK	none Show response codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-vf7fb5ef5/js/js/bootstrap.js,common%7Cbootstrap.js/2/4Y034Q4t4r4e4v0g084a4A4X070u014Z4z4m4C4w0d4O4L4i4B4p4E4k4j024T/bck/true/	24 KB 6 KB	198ms 195ms	Script application/javascript	2a00:86c0:2090::1 Netflix Streaming...
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-vf7fb5ef5/js/js/bootstrap.js,common%7Cbootstrap.js/2/4Y034Q4t4r4e4v0g084a4A4X070u014Z4z4m4C4w0d4O4L4i4B4p4E4k4j024T/bck/true/none Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US), Reverse DNS Software nginx / Resource Hash 85711c837e10e4a427025949ce5fc2edee7f54046585909ccab242452f4fd2a1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://lifereview.ga/net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 18:59:23 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Type application/javascript; charset=UTF-8 Server nginx X-Netflix_nfstatus 1_1 Transfer-Encoding chunked X-Netflix_proxy_execution-time 7 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id 26148691-f563-4dab-a94d-16b6016df152 Connection keep-alive Timing-Allow-Origin https://www.netflix.com Expires Thu, 02 Jan 2020 18:59:23 GMT
GET H/1.1	200 OK	none Show response codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-vf7fb5ef5/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4Y034Q4t4r4e4v0g084a4A4X070u014Z4z4m4C4w0d4O4L4i4B4p4E4k4j024T/l/true/	1 MB 319 KB	609ms 409ms	Script application/javascript	2a00:86c0:2090::1 Netflix Streaming...
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-vf7fb5ef5/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4Y034Q4t4r4e4v0g084a4A4X070u014Z4z4m4C4w0d4O4L4i4B4p4E4k4j024T/l/true/none Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN - Netflix Streaming Services Inc., US), Reverse DNS Software nginx / Resource Hash d7db0e1244fa029b903168f6a0b21bdc0cd0d98b6e2e8c7b39283a38d559b581 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://lifereview.ga/net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Sun, 30 Jun 2019 18:59:24 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Type application/javascript; charset=UTF-8 Server nginx X-Netflix_nfstatus 1_1 Transfer-Encoding chunked X-Netflix_proxy_execution-time 666 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id 51752c55-f30b-4e3d-8aff-1ccfd4cf6c9e Connection keep-alive Timing-Allow-Origin https://www.netflix.com Expires Thu, 02 Jan 2020 18:22:50 GMT
GET H2	200	nf-icon-v1-93.woff assets.nflxext.com/ffe/siteui/fonts/	72 KB 72 KB	199ms 91ms	Font font/woff	2a02:26f0:6c00:297::33c4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-css-vf7fb5ef5/css/css/less%7Cpages%7Csignup%7Csimplicity%7Csimplicity.less/1/zN4H9wGRUOIMTY/none/true/none Origin http://lifereview.ga Response headers date Sun, 30 Jun 2019 18:59:24 GMT last-modified Mon, 29 Jan 2018 01:50:51 GMT server Apache content-md5 fPYVbMSBJEtaJUNi17c/AA== access-control-allow-origin * content-type font/woff status 200 cache-control public, max-age=25059636 accept-ranges bytes content-length 73572 expires Wed, 15 Apr 2020 20:00:00 GMT
GET H/1.1	200 OK	adtech_iframe_target_04.html ae.nflximg.net/monet/scripts/ Frame F814	0 0	37ms 6ms	Document text/html	2a02:26f0:6c00:297::33c4 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ae.nflximg.net/monet/scripts/adtech_iframe_target_04.html?data=%7B%22membership_status%22%3A%22NON_REGISTERED_MEMBER%22%2C%22country%22%3A%22BR%22%2C%22source%22%3A%22https%3A%2F%2Fwww.netflix.com%2Fbr%2F%22%2C%22fbaId%22%3A%2284b74bef-1e20-4f5b-995a-be3a84dcaa5f%22%2C%22is_member%22%3A%22anonymous%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22registration%22%7D Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS Software Apache / Resource Hash Request headers Host ae.nflximg.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Referer http://lifereview.ga/net/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://lifereview.ga/net/ Response headers Server Apache ETag "2a5930459b97600b0d81033eb9470052:1545163000" Content-MD5 KlkwRZuXYAsNgQM+uUcAUg== Last-Modified Tue, 18 Dec 2018 19:56:33 GMT Accept-Ranges bytes Content-Type text/html Vary Accept-Encoding Content-Encoding gzip Content-Length 1282 Date Sun, 30 Jun 2019 18:59:29 GMT Connection keep-alive Timing-Allow-Origin * Access-Control-Max-Age 86400 Access-Control-Allow-Headers * Access-Control-Allow-Methods GET,POST Access-Control-Allow-Origin *
POST H/1.1	404 Not Found	log Show response lifereview.ga/ichnaea/	209 B 394 B	308ms 300ms	XHR text/html	187.17.111.99 Universo Online S.A.
General Check archive.org Show headers Download Go to Full URL http://lifereview.ga/ichnaea/log Requested by Host: codex.nflxext.com URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-vf7fb5ef5/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4Y034Q4t4r4e4v0g084a4A4X070u014Z4z4m4C4w0d4O4L4i4B4p4E4k4j024T/l/true/none Protocol HTTP/1.1 Security , , Server 187.17.111.99 , Brazil, ASN7162 (Universo Online S.A., BR), Reverse DNS Software Apache / Resource Hash b83acf481c9581ab9bad014f4a5d946c4a4a59358ce0541eca1e7631ac3e0861 Request headers Accept */* Referer http://lifereview.ga/net/ Origin http://lifereview.ga X-Netflix.ichnaea.request.type UiRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 X-Requested-With XMLHttpRequest Content-Type application/json Response headers Date Sun, 30 Jun 2019 18:59:29 GMT Content-Encoding gzip Server Apache Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=iso-8859-1
OPTIONS H/1.1	200 OK	cl2 Show response www.netflix.com/ichnaea/	0 0	499ms 498ms	XHR text/plain	2a01:578:3::b022:81a9 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.netflix.com/ichnaea/cl2 Requested by Host: codex.nflxext.com URL: https://codex.nflxext.com/%5E2.0.0/truthBundle/webui/0.0.1-shakti-js-vf7fb5ef5/js/js/signup%7Csimplicity%7CsimpleSignupClient.js/2/4Y034Q4t4r4e4v0g084a4A4X070u014Z4z4m4C4w0d4O4L4i4B4p4E4k4j024T/l/true/none Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:578:3::b022:81a9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin http://lifereview.ga Referer http://lifereview.ga/net/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Access-Control-Request-Headers content-type Response headers Access-Control-Allow-Origin http://lifereview.ga Access-Control-Allow-Headers Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest Access-Control-Allow-Credentials true
POST H/1.1	200 OK	cl2 Show response www.netflix.com/ichnaea/	0 1022 B	38ms 35ms	XHR text/plain	2a01:578:3::b022:81a9 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.netflix.com/ichnaea/cl2 Requested by Host: lifereview.ga URL: http://lifereview.ga/net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:578:3::b022:81a9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software ichnaea i-09d54c2851ef9e410 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; report=https://ichnaea-web.netflix.com/log/freeform/xssreport Request headers Referer http://lifereview.ga/net/ Origin http://lifereview.ga User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type application/json Response headers Date Sun, 30 Jun 2019 18:59:34 GMT Via 1.1 i-0b5f4570069b10b89 (eu-west-1) X-Content-Type-Options nosniff X-Netflix_proxy_execution-time 5 Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block; report=https://ichnaea-web.netflix.com/log/freeform/xssreport Allow GET, POST, OPTIONS Server ichnaea i-09d54c2851ef9e410 X-Netflix_nfstatus 1_1 Strict-Transport-Security max-age=31536000 Access-Control-Allow-Methods GET, POST, OPTIONS X-Originating-URL https://www.netflix.com/ichnaea/cl2 Access-Control-Allow-Origin http://lifereview.ga Access-Control-Allow-Credentials true X-Ichnaea ~O=true~RL=158 Content-Type text/plain Access-Control-Allow-Headers Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| netflix object| Codex object| C object| global object| process object| __core-js_shared__ object| util function| jQuery object| jQuery111104546676297259813 object| html5 object| Modernizr

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.nflximg.net
assets.nflxext.com
codex.nflxext.com
lifereview.ga
www.netflix.com
187.17.111.99
2a00:86c0:2090::1
2a01:578:3::b022:81a9
2a02:26f0:6c00:297::33c4
7ad8c8c2d47662b3de7b09f5c789b09cbe453c66f7fa6fde6c9c7ab6c77bc3d1
85711c837e10e4a427025949ce5fc2edee7f54046585909ccab242452f4fd2a1
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
b83acf481c9581ab9bad014f4a5d946c4a4a59358ce0541eca1e7631ac3e0861
cda3c88b41c89240e77591f59de23312fcef9cb00f5d83fc953700a4247ba218
d7db0e1244fa029b903168f6a0b21bdc0cd0d98b6e2e8c7b39283a38d559b581
e27be853bc076807f383e8a42ab96d75fc39d91988c2d0b1272fcf2c0c48672e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc185f2b963e204610ddf550f9a5dafcb0cb9b59d5e1bda933dd0962ec818c1c