URL: http://199.48.160.69/22/Bulbasaur/br/
Submission: On July 23 via manual from IT

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 8 HTTP transactions. The main IP is 199.48.160.69, located in Jacksonville, United States and belongs to NODESDIRECT - Nodes Direct, US. The main domain is 199.48.160.69.
This is the only time 199.48.160.69 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
3 199.48.160.69 19531 (NODESDIRECT)
1 3 2a01:578:3::3... 16509 (AMAZON-02)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 208.94.4.90 12182 (INTERNAP-...)
8 4
Apex Domain
Subdomains
Transfer
3 netflix.com
www.netflix.com
2 KB
3 160.69
199.48.160.69
201 KB
2 nflxext.com
assets.nflxext.com
411 KB
1 sugarsync.com
www.sugarsync.com
1 goo.gl
goo.gl
639 B
8 5
Domain Requested by
3 www.netflix.com 1 redirects 199.48.160.69
3 199.48.160.69 199.48.160.69
2 assets.nflxext.com 199.48.160.69
1 www.sugarsync.com 199.48.160.69
1 goo.gl 1 redirects
8 5

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
www.netflix.com
media.netflix.com
ir.netflix.com
jobs.netflix.com
fast.com
Subject Issuer Validity Valid
www.netflix.com
DigiCert SHA2 Secure Server CA
2018-02-07 -
2020-02-07
2 years crt.sh

1970-01-01 -
1970-01-01
a few seconds crt.sh
assets.nflxext.com
DigiCert SHA2 Secure Server CA
2018-03-09 -
2020-03-09
2 years crt.sh
*.sugarsync.com
COMODO RSA Domain Validation Secure Server CA
2017-10-14 -
2020-10-13
3 years crt.sh

This page contains 2 frames:

Primary Page: http://199.48.160.69/22/Bulbasaur/br/
Frame ID: 0061C005AA9760EF63B24153065875CD
Requests: 7 HTTP requests in this frame

Frame: https://www.sugarsync.com/pf/D3247132_873_252509033?directDownload=true
Frame ID: 0F1386434368CBEE8E4CE9D4ED4B1FFE
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i

Page Statistics

8
Requests

63 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

612 kB
Transfer

921 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.netflix.com/pkg/4.5.0/web/33a97309/js/3/0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d28011d902d24822f24302080b1c33f93cb7421bd0183c476880e1ba1b682a82b82182282c82083482682483682d83382e2f38258308238328288313378358378278046e06df6da01a6f90193ee7cc0053e019518719f3d03c91b31c06f26ee6f56f66f16f07f86ef6f36f878077e74474580a1da81f77801d2927e07df0000263fb7db7e53323319333a07d777c77d7773e23d17790302317de7da74879b75a74675577f7c17c00297bd7c37c57217c47bf0369437bc7f57350257f219919819a18b00a7fa40030e/js/bk HTTP 302
  • https://www.netflix.com/NotFound?prev=https%3A%2F%2Fwww.netflix.com%2Fpkg%2F4.5.0%2Fweb%2F33a97309%2Fjs%2F3%2F0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d28011d902d24822f24302080b1c33f93cb7421bd0183c476880e1ba1b682a82b82182282c82083482682483682d83382e2f38258308238328288313378358378278046e06df6da01a6f90193ee7cc0053e019518719f3d03c91b31c06f26ee6f56f66f16f07f86ef6f36f878077e74474580a1da81f77801d2927e07df0000263fb7db7e53323319333a07d777c77d7773e23d17790302317de7da74879b75a74675577f7c17c00297bd7c37c57217c47bf0369437bc7f57350257f219919819a18b00a7fa40030e%2Fjs%2Fbk
Request Chain 6
  • http://goo.gl/MJSHUp HTTP 307
  • https://goo.gl/MJSHUp HTTP 302
  • https://www.sugarsync.com/pf/D3247132_873_252509033?directDownload=true

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
199.48.160.69/22/Bulbasaur/br/
291 KB
64 KB
Document
General
Full URL
http://199.48.160.69/22/Bulbasaur/br/
Protocol
HTTP/1.1
Server
199.48.160.69 Jacksonville, United States, ASN19531 (NODESDIRECT - Nodes Direct, US),
Reverse DNS
GameTalk.com.br
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
eaceb9664df8066d29ef7b89a278eb9c00948f2af3ca2073512dce533d5a7fd2

Request headers

Host
199.48.160.69
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 06:22:32 GMT
Server
Apache/2.4.7 (Ubuntu)
Last-Modified
Fri, 25 Nov 2016 20:46:12 GMT
ETag
"48cd6-54226365fed00-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html
WebsiteDetect?source=wwwhead&fetchType=css
www.netflix.com/ichnaea/cl2/freeform/
0
0
Stylesheet
General
Full URL
https://www.netflix.com/ichnaea/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::364d:a2c1 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://199.48.160.69/22/Bulbasaur/br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
http://199.48.160.69/22/Bulbasaur/br/
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization,Content-Type,Accept,Cookie,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,debugRequest
Access-Control-Allow-Methods
GET, POST, OPTIONS
index.css
199.48.160.69/22/Bulbasaur/br/css/
100 KB
16 KB
Stylesheet
General
Full URL
http://199.48.160.69/22/Bulbasaur/br/css/index.css
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
HTTP/1.1
Security
, ,
Server
199.48.160.69 Jacksonville, United States, ASN19531 (NODESDIRECT - Nodes Direct, US),
Reverse DNS
GameTalk.com.br
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
a0b724eccfb5d7c21419c0432d7bbeda2cf0f10b527ab5ace8346c696ed65ae9

Request headers

Referer
http://199.48.160.69/22/Bulbasaur/br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 06:22:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Oct 2016 18:05:02 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"18f28-53eaed4faef80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
16088
BR-pt-20161003-pophoursaltreverse-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv2/29346487-9014-42a0-916d-fbef843d73f9/524fabd5-6d70-488f-b980-a0669daf2c47/
332 KB
333 KB
Image
General
Full URL
https://assets.nflxext.com/ffe/siteui/vlv2/29346487-9014-42a0-916d-fbef843d73f9/524fabd5-6d70-488f-b980-a0669daf2c47/BR-pt-20161003-pophoursaltreverse-perspective_alpha_website_large.jpg
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
2d50068c65a7154358f18dc088bd38dfdcc7c1733926a8dd935b9c0f557820fd

Request headers

Referer
http://199.48.160.69/22/Bulbasaur/br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 23 Jul 2019 06:22:57 GMT
last-modified
Wed, 05 Oct 2016 17:14:04 GMT
server
Apache
content-md5
AXnJqOBBnebaPyoxR+/mbA==
content-type
image/jpeg
status
200
cache-control
public, max-age=23117823
accept-ranges
bytes
content-length
340073
expires
Wed, 15 Apr 2020 20:00:00 GMT
asset_cancelanytime.png
199.48.160.69/22/Bulbasaur/br/imagens/
120 KB
121 KB
Image
General
Full URL
http://199.48.160.69/22/Bulbasaur/br/imagens/asset_cancelanytime.png
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
HTTP/1.1
Security
, ,
Server
199.48.160.69 Jacksonville, United States, ASN19531 (NODESDIRECT - Nodes Direct, US),
Reverse DNS
GameTalk.com.br
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
51970481505081816cdbd87e423e229df0f29a7275f470f1f25d1578111d3fd0

Request headers

Referer
http://199.48.160.69/22/Bulbasaur/br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 23 Jul 2019 06:22:33 GMT
Last-Modified
Wed, 12 Oct 2016 18:07:40 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1e185-53eaede65d300"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
123269
NotFound?prev=https%3A%2F%2Fwww.netflix.com%2Fpkg%2F4.5.0%2Fweb%2F33a97309%2Fjs%2F3%2F0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d2...
www.netflix.com/
Redirect Chain
  • https://www.netflix.com/pkg/4.5.0/web/33a97309/js/3/0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d28011d902d24822f24302080b1c33f93cb7...
  • https://www.netflix.com/NotFound?prev=https%3A%2F%2Fwww.netflix.com%2Fpkg%2F4.5.0%2Fweb%2F33a97309%2Fjs%2F3%2F0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e7...
0
0
Script
General
Full URL
https://www.netflix.com/NotFound?prev=https%3A%2F%2Fwww.netflix.com%2Fpkg%2F4.5.0%2Fweb%2F33a97309%2Fjs%2F3%2F0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d28011d902d24822f24302080b1c33f93cb7421bd0183c476880e1ba1b682a82b82182282c82083482682483682d83382e2f38258308238328288313378358378278046e06df6da01a6f90193ee7cc0053e019518719f3d03c91b31c06f26ee6f56f66f16f07f86ef6f36f878077e74474580a1da81f77801d2927e07df0000263fb7db7e53323319333a07d777c77d7773e23d17790302317de7da74879b75a74675577f7c17c00297bd7c37c57217c47bf0369437bc7f57350257f219919819a18b00a7fa40030e%2Fjs%2Fbk
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::364d:a2c1 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://199.48.160.69/22/Bulbasaur/br/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date
Tue, 23 Jul 2019 06:22:57 GMT
Via
1.1 i-009e0883dae84bb20 (eu-west-1)
X-Content-Type-Options
nosniff
Server
nq_website_core-prod-release d1a9fa45-1d02-4ecc-9abb-0f574aea85ee
X-Netflix.nfstatus
1_1
X-Frame-Options
DENY
Strict-Transport-Security
max-age=31536000
X-Netflix.proxy.execution-time
8
location
https://www.netflix.com/NotFound?prev=https%3A%2F%2Fwww.netflix.com%2Fpkg%2F4.5.0%2Fweb%2F33a97309%2Fjs%2F3%2F0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d28011d902d24822f24302080b1c33f93cb7421bd0183c476880e1ba1b682a82b82182282c82083482682483682d83382e2f38258308238328288313378358378278046e06df6da01a6f90193ee7cc0053e019518719f3d03c91b31c06f26ee6f56f66f16f07f86ef6f36f878077e74474580a1da81f77801d2927e07df0000263fb7db7e53323319333a07d777c77d7773e23d17790302317de7da74879b75a74675577f7c17c00297bd7c37c57217c47bf0369437bc7f57350257f219919819a18b00a7fa40030e%2Fjs%2Fbk
Edge-Control
no-cache, no-store
X-Originating-URL
https://www.netflix.com/pkg/4.5.0/web/33a97309/js/3/0270137f43e419c7e61973de3df1933dc3dd1dc1c101f3cf0347dd7fd1ae19d9321be3c10041cb02301e7e73f37437411c923e00e0383d28011d902d24822f24302080b1c33f93cb7421bd0183c476880e1ba1b682a82b82182282c82083482682483682d83382e2f38258308238328288313378358378278046e06df6da01a6f90193ee7cc0053e019518719f3d03c91b31c06f26ee6f56f66f16f07f86ef6f36f878077e74474580a1da81f77801d2927e07df0000263fb7db7e53323319333a07d777c77d7773e23d17790302317de7da74879b75a74675577f7c17c00297bd7c37c57217c47bf0369437bc7f57350257f219919819a18b00a7fa40030e/js/bk
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
X-Xss-Protection
1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
nf-icon-v1-80.woff
assets.nflxext.com/ffe/siteui/fonts/
78 KB
78 KB
Font
General
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-80.woff
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:297::33c4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
2555364bdd6374d0c273c69322f2f78554c02fe630ee6582eeb2d2c9031d1a9d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://199.48.160.69/22/Bulbasaur/br/css/index.css
Origin
http://199.48.160.69

Response headers

date
Tue, 23 Jul 2019 06:22:57 GMT
last-modified
Thu, 28 Jan 2016 20:46:04 GMT
server
Apache
content-md5
GkWpE2r/FESZk08OjSTsgQ==
access-control-allow-origin
*
content-type
font/woff
status
200
cache-control
public, max-age=23117823
accept-ranges
bytes
content-length
79392
expires
Wed, 15 Apr 2020 20:00:00 GMT
Cookie set D3247132_873_252509033?directDownload=true
www.sugarsync.com/pf/ Frame 0F13
Redirect Chain
  • http://goo.gl/MJSHUp
  • https://goo.gl/MJSHUp
  • https://www.sugarsync.com/pf/D3247132_873_252509033?directDownload=true
0
0
Document
General
Full URL
https://www.sugarsync.com/pf/D3247132_873_252509033?directDownload=true
Requested by
Host: 199.48.160.69
URL: http://199.48.160.69/22/Bulbasaur/br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.94.4.90 , United States, ASN12182 (INTERNAP-2BLK - Internap Corporation, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://www.sugarsync.com https://www.sugarsync.jp https://*.sugarsync.com https://*.sugarsync.jp; child-src 'self' https://www.sugarsync.com https://www.sugarsync.jp https://*.sugarsync.com https://*.sugarsync.jp https://zuora.com https://www.zuora.com https://*.cloudsponge.com https://*.doubleclick.net https://www.surveymonkey.com https://surveymonkey.com https://facebook.com https://*.facebook.com https://*.facebook.net https://*.twitter.com https://*.google.com https://*.evyy.net https://www.ojrq.net https://*.a8.net https://*.emjcd.com https://*.dnb.com https://*.dunsregistered.com https://*.youtube.com; frame-src 'self' https://www.sugarsync.com https://www.sugarsync.jp https://*.sugarsync.com https://*.sugarsync.jp https://zuora.com https://www.zuora.com https://*.cloudsponge.com https://*.doubleclick.net https://www.surveymonkey.com https://surveymonkey.com https://facebook.com https://*.facebook.com https://*.facebook.net https://*.twitter.com https://*.google.com https://*.evyy.net https://www.ojrq.net https://*.a8.net https://*.emjcd.com https://*.dnb.com https://*.dunsregistered.com https://*.youtube.com;
Strict-Transport-Security max-age=63072000;
X-Xss-Protection 1; mode=block

Request headers

Host
www.sugarsync.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://199.48.160.69/22/Bulbasaur/br/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://199.48.160.69/22/Bulbasaur/br/

Response headers

Date
Tue, 23 Jul 2019 06:22:58 GMT
Server
Apache
X-XSS-Protection
1; mode=block
Strict-Transport-Security
max-age=63072000;
Vary
Host,User-Agent,Accept-Encoding
Set-Cookie
JSESSIONID=355CE1DF54103A1B6959B651A21553CC; Path=/; Secure
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Expires
Wed, 31 Dec 1969 23:59:59 GMT
Content-Language
en-US
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self' https://www.sugarsync.com https://www.sugarsync.jp https://*.sugarsync.com https://*.sugarsync.jp; child-src 'self' https://www.sugarsync.com https://www.sugarsync.jp https://*.sugarsync.com https://*.sugarsync.jp https://zuora.com https://www.zuora.com https://*.cloudsponge.com https://*.doubleclick.net https://www.surveymonkey.com https://surveymonkey.com https://facebook.com https://*.facebook.com https://*.facebook.net https://*.twitter.com https://*.google.com https://*.evyy.net https://www.ojrq.net https://*.a8.net https://*.emjcd.com https://*.dnb.com https://*.dunsregistered.com https://*.youtube.com; frame-src 'self' https://www.sugarsync.com https://www.sugarsync.jp https://*.sugarsync.com https://*.sugarsync.jp https://zuora.com https://www.zuora.com https://*.cloudsponge.com https://*.doubleclick.net https://www.surveymonkey.com https://surveymonkey.com https://facebook.com https://*.facebook.com https://*.facebook.net https://*.twitter.com https://*.google.com https://*.evyy.net https://www.ojrq.net https://*.a8.net https://*.emjcd.com https://*.dnb.com https://*.dunsregistered.com https://*.youtube.com;
Content-Length
1802
Connection
close
Content-Type
text/html;charset=utf-8

Redirect headers

status
302
content-type
application/binary
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 23 Jul 2019 06:22:57 GMT
location
https://www.sugarsync.com/pf/D3247132_873_252509033?directDownload=true
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-2EmEUKvKT/pwwekSDPcmsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-2EmEUKvKT/pwwekSDPcmsQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DurableDeepLinkUi/cspreport
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43,39"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| netflix

1 Cookies

Domain/Path Name / Value
www.sugarsync.com/ Name: JSESSIONID
Value: 355CE1DF54103A1B6959B651A21553CC