www.helpstek-netflix-support.shivafashionsinc.com Open in urlscan Pro
119.18.54.84 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.helpstek-netflix-support.shivafashionsinc.com/
Effective URL:
https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha
Submission: On July 30 via automatic, source certstream-suspicious (July 30th 2021, 11:46:57 am UTC)

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 119.18.54.84, located in India and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is www.helpstek-netflix-support.shivafashionsinc.com.
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.

This is the only time www.helpstek-netflix-support.shivafashionsinc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 10	119.18.54.84 119.18.54.84	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
1	2a00:86c0:209... 2a00:86c0:2091::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
10	2

10 119.18.54.84 (India) 1 redirects

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)

www.helpstek-netflix-support.shivafashionsinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:86c0:2091::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	shivafashionsinc.com 1 redirects www.helpstek-netflix-support.shivafashionsinc.com	166 KB
1	nflxext.com assets.nflxext.com	85 KB
10	2

	Domain	Requested by
10	www.helpstek-netflix-support.shivafashionsinc.com	1 redirects www.helpstek-netflix-support.shivafashionsinc.com
1	assets.nflxext.com	www.helpstek-netflix-support.shivafashionsinc.com
10	2

This site contains no links.

Subject Issuer	Validity	Valid
*.shivafashionsinc.com R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-25` - `2021-08-23`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha
Frame ID: C0730711E82E25C7794B6672FF43786A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.helpstek-netflix-support.shivafashionsinc.com/ HTTP 302
https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

10
Requests

10 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

251 kB
Transfer

642 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.helpstek-netflix-support.shivafashionsinc.com/ HTTP 302
https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request captcha Show response www.helpstek-netflix-support.shivafashionsinc.com/app/ Redirect Chain https://www.helpstek-netflix-support.shivafashionsinc.com/ https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha	226 KB 35 KB	467ms 466ms	Document text/html	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `33c414eb7f3469597135a208b3cece8dfbbabddb80acf618a77d620312eb81e1` Request headers :method GET :authority www.helpstek-netflix-support.shivafashionsinc.com :scheme https :path /app/captcha pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT server Apache expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb; path=/ vary Accept-Encoding content-encoding gzip accept-ranges none content-type text/html; charset=UTF-8 Redirect headers date Fri, 30 Jul 2021 11:46:33 GMT server Apache location app/captcha content-length 0 content-type text/html; charset=UTF-8
GET H2	200	jquery.min.js Show response www.helpstek-netflix-support.shivafashionsinc.com/app/js/	91 KB 41 KB	295ms 294ms	Script application/javascript	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/js/jquery.min.js Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729` Request headers :path /app/js/jquery.min.js pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT content-encoding gzip last-modified Tue, 10 Jul 2018 12:16:12 GMT server Apache accept-ranges none vary Accept-Encoding content-type application/javascript
GET H2	200	jquery-ui.min.js Show response www.helpstek-netflix-support.shivafashionsinc.com/app/js/	232 KB 83 KB	346ms 345ms	Script application/javascript	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/js/jquery-ui.min.js Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf` Request headers :path /app/js/jquery-ui.min.js pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT content-encoding gzip last-modified Tue, 10 Jul 2018 12:16:12 GMT server Apache accept-ranges none vary Accept-Encoding content-type application/javascript
GET H2	200	sample.css www.helpstek-netflix-support.shivafashionsinc.com/app/	2 KB 876 B	200ms 199ms	Stylesheet text/css	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/sample.css Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `e8cee5e3c8fbcd7dcf89c51379555bb7c8d0576c9f67a62dcd6fdafc154de1a5` Request headers :path /app/sample.css pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT content-encoding gzip last-modified Fri, 11 Jun 2021 07:31:06 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges none content-length 814
GET H2	404	b.css www.helpstek-netflix-support.shivafashionsinc.com/app/	0 0	200ms 199ms	Stylesheet text/html	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/b.css Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash Request headers :path /app/b.css pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT content-encoding gzip last-modified Mon, 01 Mar 2021 17:22:29 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 358
GET H2	200	jq.css www.helpstek-netflix-support.shivafashionsinc.com/app/js/	795 B 447 B	323ms 322ms	Stylesheet text/css	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/js/jq.css Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `f53496922ff8f25b86b3b6cdedeb33a0936c740eea133caf9905bf31ebc8fa05` Request headers :path /app/js/jq.css pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT content-encoding gzip last-modified Fri, 09 Nov 2018 04:24:10 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges none content-length 392
GET H2	200	signin.js Show response www.helpstek-netflix-support.shivafashionsinc.com/app/	1 KB 813 B	322ms 322ms	Script application/javascript	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/signin.js Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `20e83c0811e760b2927242f95ec205547e5b6b8553ce6537618dc74599d850c6` Request headers :path /app/signin.js pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:36 GMT content-encoding gzip last-modified Sat, 17 Apr 2021 07:55:50 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges none content-length 758
GET H2	404	b.css www.helpstek-netflix-support.shivafashionsinc.com/app/	0 0	181ms 181ms	Stylesheet text/html	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/b.css Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash Request headers :path /app/b.css pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/captcha User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:37 GMT content-encoding gzip last-modified Mon, 01 Mar 2021 17:22:29 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 358
GET H/1.1	200 OK	login-the-crown_2-1500x1000.jpg assets.nflxext.com/ffe/siteui/acquisition/login/	84 KB 85 KB	24ms 5ms	Image image/jpeg	2a00:86c0:2091::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/login/login-the-crown_2-1500x1000.jpg Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/sample.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash `baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04` Request headers Referer https://www.helpstek-netflix-support.shivafashionsinc.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 30 Jul 2021 11:46:37 GMT Last-Modified Mon, 24 Oct 2016 20:49:51 GMT Server nginx Content-MD5 5GY/BZWwL7HDlH/B8V64Eg== Content-Type image/jpeg Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 86226 Expires Tue, 25 Aug 2020 06:53:07 GMT
GET H2	200	cptcha.png www.helpstek-netflix-support.shivafashionsinc.com/app/images/	5 KB 5 KB	188ms 188ms	Image image/png	119.18.54.84 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL https://www.helpstek-netflix-support.shivafashionsinc.com/app/images/cptcha.png Requested by Host: www.helpstek-netflix-support.shivafashionsinc.com URL: https://www.helpstek-netflix-support.shivafashionsinc.com/app/js/jq.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 119.18.54.84 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS Software Apache / Resource Hash `02b13270326590d6def38e34ea50ad9121dea9904a21f5ca578e12eecea93b50` Request headers :path /app/images/cptcha.png pragma no-cache cookie PHPSESSID=8f2a0ed016ca60a44b6831661bb34eeb accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority www.helpstek-netflix-support.shivafashionsinc.com referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/js/jq.css :scheme https sec-fetch-site same-origin :method GET Referer https://www.helpstek-netflix-support.shivafashionsinc.com/app/js/jq.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 11:46:37 GMT last-modified Fri, 11 Jun 2021 03:26:34 GMT server Apache accept-ranges bytes content-length 5469 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.helpstek-netflix-support.shivafashionsinc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8f2a0ed016ca60a44b6831661bb34eeb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
www.helpstek-netflix-support.shivafashionsinc.com
119.18.54.84
2a00:86c0:2091::1
02b13270326590d6def38e34ea50ad9121dea9904a21f5ca578e12eecea93b50
20e83c0811e760b2927242f95ec205547e5b6b8553ce6537618dc74599d850c6
33c414eb7f3469597135a208b3cece8dfbbabddb80acf618a77d620312eb81e1
51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04
e8cee5e3c8fbcd7dcf89c51379555bb7c8d0576c9f67a62dcd6fdafc154de1a5
f53496922ff8f25b86b3b6cdedeb33a0936c740eea133caf9905bf31ebc8fa05
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

www.helpstek-netflix-support.shivafashionsinc.com Open in urlscan Pro 119.18.54.84 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

10 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

251 kBTransfer

642 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

1 Cookies

Indicators

www.helpstek-netflix-support.shivafashionsinc.com Open in urlscan Pro
119.18.54.84 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

10 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

251 kB
Transfer

642 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!