urlscan.io logo urlscan.io
SecurityTrails logo

auth-gaza293pre.com Open in urlscan Pro
91.212.166.54  Public Scan

Go To Rescan Add Verdict Report
URL: https://auth-gaza293pre.com/login.php
Submission: On August 13 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 91.212.166.54, located in Russian Federation and belongs to PROTON66, RU. The main domain is auth-gaza293pre.com.
TLS certificate: Issued by R3 on July 11th 2023. Valid for: 3 months.
This is the only time auth-gaza293pre.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 91.212.166.54 198953 (PROTON66)
1 23.81.45.4 134351 (LEASEWEB-...)
1 51.75.161.238 16276 (OVH)
4 3
Domain Requested by
2 auth-gaza293pre.com auth-gaza293pre.com
1 monophy.com auth-gaza293pre.com
1 cdn.iphoneincanada.ca auth-gaza293pre.com
4 3

This site contains links to these domains. Also see Links.

Domain
www.netflix.com
help.netflix.com
Subject Issuer Validity Valid
auth-gaza293pre.com
R3		 2023-07-11 -
2023-10-09		 3 months crt.sh
www.iphoneincanada.ca
R3		 2023-07-02 -
2023-09-30		 3 months crt.sh
monophy.com
R3		 2023-06-08 -
2023-09-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://auth-gaza293pre.com/login.php
Frame ID: 6AF61120892438B136087F59A3465D0F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

965 kB
Transfer

995 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
auth-gaza293pre.com/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-gaza293pre.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.212.166.54 , Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PHP/8.0.30 PleskLin
Resource Hash
cfd78835ebe491d958464e9eeae947125382476f525f0c089443e6d8be7a109e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
4543
content-type
text/html; charset=UTF-8
date
Sun, 13 Aug 2023 23:20:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/8.0.30 PleskLin
netflix.css
auth-gaza293pre.com/assets/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth-gaza293pre.com/assets/css/netflix.css
Requested by
Host: auth-gaza293pre.com
URL: https://auth-gaza293pre.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.212.166.54 , Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e7c02c5e3fa2740baad7af7dde8d032bd62d7c351a38aaa647c54ee805477387

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://auth-gaza293pre.com/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:20:17 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 14:05:16 GMT
server
nginx
etag
W/"620fa79c-5f36"
x-powered-by
PleskLin
content-type
text/css
Netflix.jpeg
cdn.iphoneincanada.ca/wp-content/uploads/2021/11/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iphoneincanada.ca/wp-content/uploads/2021/11/Netflix.jpeg
Requested by
Host: auth-gaza293pre.com
URL: https://auth-gaza293pre.com/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.81.45.4 , Japan, ASN134351 (LEASEWEB-AS-AP Leaseweb Japan K.K., JP),
Reverse DNS
edge.presslabs.net
Software
nginx /
Resource Hash
7944bb8d3647cee057cffa0377109e89690ca3ce6ecb5428648fcd17f8f24b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://auth-gaza293pre.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 13 Aug 2023 23:20:17 GMT
strict-transport-security
max-age=31536000; preload
last-modified
Tue, 09 Nov 2021 12:09:08 GMT
server
nginx
etag
"618a64e4-7399"
x-presslabs-cache
HIT
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age = 315360000
accept-ranges
bytes
content-length
29593
x-request-id
5402944a108e4855f833b1cb479c8cd2
expires
Thu, 31 Dec 2037 23:55:55 GMT
monophy.gif
monophy.com/media/N256GFy1u6M6Y/ 		927 KB
927 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://monophy.com/media/N256GFy1u6M6Y/monophy.gif
Requested by
Host: auth-gaza293pre.com
URL: https://auth-gaza293pre.com/login.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
51.75.161.238 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
vps-8e98e0e8.vps.ovh.net
Software
nginx /
Resource Hash
2c11a81c22d299b086e419d6baea43d0bd35e7732743eb162f77afc4c7cd0f4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://auth-gaza293pre.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 13 Aug 2023 23:20:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer
Last-Modified
Sun, 13 Aug 2023 18:35:00 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
949125
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| IsValidJson function| sendData function| onLoginResponse function| setError string| tmpHTML function| buttonLoading function| CheckMail function| CheckPassword function| Login

1 Cookies

Domain/Path Name / Value
auth-gaza293pre.com/ Name: PHPSESSID
Value: ddkbj7s2p5afg1m8vj8orbgesv