hostsport.online Open in urlscan Pro
154.41.249.238 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hostsport.online/
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On May 08 via api (May 8th 2024, 6:38:22 am UTC) from IT — Scanned from IT

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 154.41.249.238, located in Meppel, Netherlands and belongs to AS-HOSTINGER, CY. The main domain is hostsport.online.
TLS certificate: Issued by R3 on May 4th 2024. Valid for: 3 months.

This is the only time hostsport.online was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	154.41.249.238 154.41.249.238	47583 (AS-HOSTINGER) (AS-HOSTINGER)
7	162.19.88.68 162.19.88.68	16276 (OVH) (OVH)
4	45.57.90.1 45.57.90.1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	172.67.75.130 172.67.75.130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

3 154.41.249.238 (Meppel, Netherlands)

ASN47583 (AS-HOSTINGER, CY)

hostsport.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.19.88.68 (France)

ASN16276 (OVH, FR)
PTR: ns3221377.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.57.90.1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.130 (United States)

ASN13335 (CLOUDFLARENET, US)

pngimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 18335	829 KB
4	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 5734	79 KB
3	hostsport.online hostsport.online	6 KB
1	pngimg.com pngimg.com — Cisco Umbrella Rank: 87802	87 KB
15	4

	Domain	Requested by
7	i.postimg.cc	hostsport.online
4	assets.nflxext.com	hostsport.online
3	hostsport.online	hostsport.online
1	pngimg.com
15	4

This site contains no links.

Subject Issuer	Validity	Valid
hostsport.online R3	`2024-05-04` - `2024-08-02`	3 months	crt.sh
postimg.cc R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2024-04-29` - `2024-05-30`	a month	crt.sh
pngimg.com GTS CA 1P5	`2024-03-25` - `2024-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hostsport.online/
Frame ID: 96E32107B20B44E8F683B7F51F2A9785
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix Brasil - assista programas de TV online, assista filmes online

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1000 kB
Transfer

1289 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
hostsport.online/ 12 KB
3 KB 1808ms
653ms Document
text/html 154.41.249.238
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://hostsport.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.41.249.238 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4f7916435c249c4fc3e8c88a3e35bf6c8aae8e52135e4eb47e210f2f28ca2bd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-length: 2937
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 08 May 2024 06:38:16 GMT
etag: "31be-663afd97-4d96f63e0d2cb663;br"
last-modified: Wed, 08 May 2024 04:20:39 GMT
platform: hostinger
server: hcdn
x-hcdn-cache-status: DYNAMIC
x-hcdn-request-id: 6282d27509bb299113a5a3610ff2246b-srv-edge3
x-hcdn-upstream-rt: 0.562

GET
H2 200 styles.css
hostsport.online/src/ 8 KB
2 KB 106ms
105ms Stylesheet
text/css 154.41.249.238
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://hostsport.online/src/styles.css

Requested by

Host: hostsport.online
URL: https://hostsport.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.41.249.238 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

20b59b4364df3d74566b1aa70daba381ff0c4f87b7fe495c88ea4ef859ef7389

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 121
alt-svc: h3=":443"; ma=86400
content-length: 1739
x-hcdn-cache-status: HIT
last-modified: Wed, 08 May 2024 04:20:40 GMT
server: hcdn
etag: "21bd-663afd98-e87e01b73e87ce77;br"
x-hcdn-request-id: 0eec03e296c8d456ae755e38336c4804-srv-edge3
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Wed, 15 May 2024 06:36:15 GMT

GET
H2 200 IN-en-20210719-popsignuptwoweeks-perspective-alpha-website-small.jpg
i.postimg.cc/X7bC6ptn/ 321 KB
322 KB 304ms
70ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/X7bC6ptn/IN-en-20210719-popsignuptwoweeks-perspective-alpha-website-small.jpg
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: f3d12cd9b88ea32890e9d0cb722725e9820eb4a21c68f77880e9dd3279c508d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:50:27 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 328757
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tv.png
i.postimg.cc/YSsW58BP/ 11 KB
11 KB 304ms
71ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/YSsW58BP/tv.png
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:50:04 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11418
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mobile-0819.jpg
i.postimg.cc/ZqRNs223/ 48 KB
49 KB 290ms
71ms Image
image/jpeg 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/ZqRNs223/mobile-0819.jpg
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:49:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 49614
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 boxshot.png
i.postimg.cc/zBynv6k5/ 20 KB
20 KB 290ms
71ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/zBynv6k5/boxshot.png
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:49:08 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 20506
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 download-icon.gif
i.postimg.cc/Sx47dZm7/ 22 KB
22 KB 290ms
71ms Image
image/gif 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Sx47dZm7/download-icon.gif
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:48:47 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 22171
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 device-pile-in.png
i.postimg.cc/J0TKvZK4/ 148 KB
149 KB 314ms
95ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/J0TKvZK4/device-pile-in.png
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 4a3bfdf68de04166878c6bfa4c5b0f57a100cad45ab80939433e8f7aeef4b7a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:48:17 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 151687
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AAAABVxd-X2-Wn-FSp49e-Xb1do0euaj-F8up-NImjof-E77-XSt-Khf5k-UHG94-DPl-Ti-GYq-Pe-YNtiox-82-NWEK0-Ls3-Cn-Le3-WWCl-Gdi-JP.png
i.postimg.cc/YSh7sz3j/ 256 KB
257 KB 113ms
113ms Image
image/png 162.19.88.68
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/YSh7sz3j/AAAABVxd-X2-Wn-FSp49e-Xb1do0euaj-F8up-NImjof-E77-XSt-Khf5k-UHG94-DPl-Ti-GYq-Pe-YNtiox-82-NWEK0-Ls3-Cn-Le3-WWCl-Gdi-JP.png
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.68 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221377.ip-162-19-88.eu
Software: nginx /
Resource Hash: 5370e4e0a2035ada734ce093e4d724e5efe3dd94a243846f2b497f43001dc689

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
last-modified: Wed, 27 Dec 2023 09:46:15 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 262393
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.js Show response
hostsport.online/src/ 680 B
648 B 96ms
96ms Script
application/x-javascript 154.41.249.238
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://hostsport.online/src/index.js

Requested by

Host: hostsport.online
URL: https://hostsport.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

154.41.249.238 Meppel, Netherlands, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

b5528040252e5b99f256a37b596f3157b1894e917ae8d7a74e2e2b95e17c931d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:16 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 121
alt-svc: h3=":443"; ma=86400
content-length: 245
x-hcdn-cache-status: HIT
last-modified: Wed, 08 May 2024 04:20:40 GMT
server: hcdn
etag: "2a8-663afd98-2537f90e41f224bd;br"
x-hcdn-request-id: 3787bf67e3e8c8d96d37a79044389b96-srv-edge3
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Wed, 15 May 2024 06:36:15 GMT

GET
H/1.1 206
Partial Content video-tv-in-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 47 KB
0 472ms
42ms Media
video/x-m4v 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-in-0819.m4v
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://hostsport.online/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 06:38:16 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: pYX28yVkH4IOMnLz7ACG7Q==
Content-Type: video/x-m4v
Content-Range: bytes 0-267711/267712
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 267712
Expires: Wed, 15 May 2024 06:38:17 GMT

GET
H/1.1 206
Partial Content video-devices-in.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 73 KB
73 KB 503ms
50ms Media
video/x-m4v 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices-in.m4v
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 92259a1c73354bce2540a94397feed47d41bde07f23359decea3187799e5c19d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://hostsport.online/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 06:38:16 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: c+JdHa496slk30MRHATJcw==
Content-Type: video/x-m4v
Content-Range: bytes 0-74302/74303
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 74303
Expires: Wed, 15 May 2024 06:38:17 GMT

GET
H/1.1 206
Partial Content video-tv-in-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 5 KB
6 KB 95ms
58ms Media
video/x-m4v 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-in-0819.m4v
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87c71d9108c7ead2c27f80bc5e874f9292f8aa8b657fa9bee6835bddf758cdb8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://hostsport.online/
Range: bytes=262144-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 06:38:17 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: pYX28yVkH4IOMnLz7ACG7Q==
Content-Type: video/x-m4v
Content-Range: bytes 262144-267711/267712
Cache-Control: max-age=604801
Content-Length: 5568
Expires: Wed, 15 May 2024 06:38:18 GMT

GET
H/1.1 206
Partial Content video-tv-in-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 229 KB
0 0ms
0ms Media
video/x-m4v 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-in-0819.m4v
Requested by: Host: hostsport.online
URL: https://hostsport.online/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://hostsport.online/
Range: bytes=32768-
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 06:38:17 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: pYX28yVkH4IOMnLz7ACG7Q==
Content-Type: video/x-m4v
Content-Range: bytes 32768-267711/267712
Cache-Control: max-age=604801
Content-Length: 234944
Expires: Wed, 15 May 2024 06:38:18 GMT

GET
H2 200 netflix_PNG15.png
pngimg.com/uploads/netflix/small/ 86 KB
87 KB 1394ms
397ms Other
image/png 172.67.75.130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pngimg.com/uploads/netflix/small/netflix_PNG15.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.130 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ccd35b4edaf58ef46457c6790a2f5a68e377af4bc5a05eb81d54cacd2e06fe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://hostsport.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 06:38:18 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 17 Jan 2021 12:54:02 GMT
server: cloudflare
etag: "15963"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=1800
accept-ranges: bytes
cf-ray: 88077233bb5a0e43-MXP
content-length: 88419

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
hostsport.online
i.postimg.cc
pngimg.com
154.41.249.238
162.19.88.68
172.67.75.130
45.57.90.1
20b59b4364df3d74566b1aa70daba381ff0c4f87b7fe495c88ea4ef859ef7389
27ccd35b4edaf58ef46457c6790a2f5a68e377af4bc5a05eb81d54cacd2e06fe
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4a3bfdf68de04166878c6bfa4c5b0f57a100cad45ab80939433e8f7aeef4b7a4
4f7916435c249c4fc3e8c88a3e35bf6c8aae8e52135e4eb47e210f2f28ca2bd7
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5370e4e0a2035ada734ce093e4d724e5efe3dd94a243846f2b497f43001dc689
87c71d9108c7ead2c27f80bc5e874f9292f8aa8b657fa9bee6835bddf758cdb8
92259a1c73354bce2540a94397feed47d41bde07f23359decea3187799e5c19d
b5528040252e5b99f256a37b596f3157b1894e917ae8d7a74e2e2b95e17c931d
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
f3d12cd9b88ea32890e9d0cb722725e9820eb4a21c68f77880e9dd3279c508d5

hostsport.online Open in urlscan Pro 154.41.249.238 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1000 kBTransfer

1289 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

hostsport.online Open in urlscan Pro
154.41.249.238 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1000 kB
Transfer

1289 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!