![](/screenshots/5b657b38-773e-4500-b673-a94b5a156a9a.png)
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app
Open in
urlscan Pro
76.76.21.98
Malicious Activity!
Public Scan
Submission: On September 05 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on July 8th 2023. Valid for: 3 months.
This is the only time netflix-clone-project-1ypg452ly-muhammad32130.vercel.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 76.76.21.98 76.76.21.98 | 16509 (AMAZON-02) (AMAZON-02) | |
2 2 | 34.192.8.152 34.192.8.152 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
1 | 2001:df2:e500... 2001:df2:e500:ed1a::2:b | 14907 (WIKIMEDIA) (WIKIMEDIA) | |
12 | 3 |
ASN16509 (AMAZON-02, US)
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-8-152.compute-1.amazonaws.com
rb.gy |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
vercel.app
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app |
214 KB |
2 |
rb.gy
2 redirects
rb.gy — Cisco Umbrella Rank: 84524 |
467 B |
1 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3055 |
2 KB |
1 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 3486 |
307 KB |
12 | 4 |
Domain | Requested by | |
---|---|---|
10 | netflix-clone-project-1ypg452ly-muhammad32130.vercel.app |
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app
|
2 | rb.gy | 2 redirects |
1 | upload.wikimedia.org | |
1 | assets.nflxext.com | |
12 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.vercel.app R3 |
2023-07-08 - 2023-10-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/login
Frame ID: C5E254E72F4A8EF0C59140E9824C19DB
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://rb.gy/p2hphi HTTP 301
- https://assets.nflxext.com/ffe/siteui/vlv3/d0982892-13ac-4702-b9fa-87a410c1f2da/519e3d3a-1c8c-4fdb-8f8a-7eabdbe87056/AE-en-20220321-popsignuptwoweeks-perspective_alpha_website_large.jpg
- https://rb.gy/ulxxee HTTP 301
- https://upload.wikimedia.org/wikipedia/commons/0/08/Netflix_2015_logo.svg
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/ |
1 KB 877 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d29a2c7b9ee4e373.css
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/css/ |
26 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webpack-f8ef13cff37c12b0.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-2c79e2a64abdb08b.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/chunks/ |
138 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-0ecb9ccfcb6c9b24.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/chunks/ |
88 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_app-2cb78622f9c59a10.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/chunks/pages/ |
473 KB 120 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
281-9a986cc3a12b5123.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/chunks/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-4b2d9ddd076e86df.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/chunks/pages/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_buildManifest.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/OGynod4N3vVrUkAuNgnps/ |
664 B 895 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_ssgManifest.js
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app/_next/static/OGynod4N3vVrUkAuNgnps/ |
95 B 263 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AE-en-20220321-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/d0982892-13ac-4702-b9fa-87a410c1f2da/519e3d3a-1c8c-4fdb-8f8a-7eabdbe87056/ Redirect Chain
|
307 KB 307 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Netflix_2015_logo.svg
upload.wikimedia.org/wikipedia/commons/0/08/ Redirect Chain
|
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
netflix-clone-project-1ypg452ly-muhammad32130.vercel.app
rb.gy
upload.wikimedia.org
2001:df2:e500:ed1a::2:b
2a00:86c0:2090::1
34.192.8.152
76.76.21.98
0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92
164f9727c1a4396f0b0fe2783976c5a2596f38657064e228bd4ee2d8d82d75f4
25fd6cd79b8ba2617614386cf09115f23130d24d136354469033122928635453
94edfca8495070488f44ebbb372e1aa3b418fff5f6cf684f73152b81607b671d
97298b3d36cd1841c049153e68e37e5ef5f88bb4747a9fef0942ff82aedd4e13
a768affe439e65d37b6875ea37cb883c1addc73facd1f43158f0a618eabcfc82
ab963d7d5bb6c2ee379a1c837f99f3f82b8b6a17aa6c71fbf1d5b78b63a72d46
b4f44396c1ac8c7e738ebd91363717b090c95848a83964814d8671e4ceee6159
d25af22042ae98db93fae55f5d67cafd910e98d704be9b56b2b06dcf61784feb
f2ae26ff518d9519afd2a3dc277d84e098458e6b6b85fa9548cda2bed24435e7
f9643597c3d5d08dbdcfab538b11a8dee095fa167284866673ba3eed62664c2a
ff0b84463f63e9da50cf987ad2461fe7a10213f3d0550711991c1b590ed77136