www.streaming-now.co
Open in
urlscan Pro
18.244.18.58
Malicious Activity!
Public Scan
Effective URL: https://www.streaming-now.co/
Submission: On May 28 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M02 on April 7th 2024. Valid for: a year.
This is the only time www.streaming-now.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 18.244.18.58 18.244.18.58 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a04:4e42:400... 2a04:4e42:400::649 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2008 | 15169 (GOOGLE) (GOOGLE) | |
7 | 18.244.18.71 18.244.18.71 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 172.67.137.76 172.67.137.76 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-58.fra56.r.cloudfront.net
streaming-now.co | |
www.streaming-now.co |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-71.fra56.r.cloudfront.net
www.streaming-now.co |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
streaming-now.co
1 redirects
streaming-now.co www.streaming-now.co |
51 KB |
1 |
ddtmob.com
ddtmob.com |
762 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39 |
85 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 776 |
30 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
11 | www.streaming-now.co |
www.streaming-now.co
|
1 | ddtmob.com |
www.streaming-now.co
|
1 | www.googletagmanager.com |
www.streaming-now.co
|
1 | code.jquery.com |
www.streaming-now.co
|
1 | streaming-now.co | 1 redirects |
14 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.ddtsports.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.streaming-now.co Amazon RSA 2048 M02 |
2024-04-07 - 2025-05-07 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
ddtmob.com GTS CA 1P5 |
2024-05-22 - 2024-08-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.streaming-now.co/
Frame ID: 211D7144F3D1E6390B68B2C07F66FFEF
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Live streamingPage URL History Show full URLs
-
http://streaming-now.co/
HTTP 307
https://streaming-now.co/ HTTP 302
https://www.streaming-now.co/ Page URL
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Log in
Search URL Search Domain Scan URL
Title: selfcare website
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://streaming-now.co/
HTTP 307
https://streaming-now.co/ HTTP 302
https://www.streaming-now.co/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.streaming-now.co/ Redirect Chain
|
30 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
www.streaming-now.co/css/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
238 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42402.png
www.streaming-now.co/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
42403.png
www.streaming-now.co/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c2a_loading.gif
www.streaming-now.co/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
play.png
www.streaming-now.co/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PLAYER_barre_black.jpeg
www.streaming-now.co/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icoA.png
www.streaming-now.co/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
c2a_loading.gif
www.streaming-now.co/images/ |
3 KB 284 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
visit.png
ddtmob.com/track/ |
95 B 762 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
www.streaming-now.co/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_phone.png
www.streaming-now.co/images/ |
905 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| querySelectorAll_do function| getRandomInt function| _0x48c9 function| _0x10ba function| addEvent function| validateNumber function| validatePin function| invalidSendPin function| invalidValidatePin function| successSendPin function| successValidatePin function| closePage function| _0x30d329 function| _0x22a3 function| _0x218f function| _0x204300 function| _0x3b0e function| gtag function| _0x1816 object| dataLayer string| msisdn string| pin string| txnid number| msisdnLength number| countryPrefix number| pinLength number| baseLiveCount function| monitorMSISDN function| pageViewPixel function| _0x17f7 function| initEventPixel function| _0xa5d1 object| google_tag_manager object| google_tag_data2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.streaming-now.co/ | Name: _gcl_au Value: 1.1.2060524615.1716923531 |
|
ddtmob.com/ | Name: user_id Value: 9546881961a9da7973084e8639616f3b94c16d989a18cd347de9ac92daea3507a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22user_id%22%3Bi%3A1%3Bs%3A36%3A%2260ab154a-7348-4d24-ac8c-d6829320ad70%22%3B%7D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
ddtmob.com
streaming-now.co
www.googletagmanager.com
www.streaming-now.co
172.67.137.76
18.244.18.58
18.244.18.71
2a00:1450:4001:810::2008
2a04:4e42:400::649
2e9be9ea1ef2b624da4c4f7b7a401a903797a9b068d04011f0faf27653fce95f
3580dda40c2dd1eb7b17b711b71f6d2a818b7dfb9f2b5a18d37fdc9efa350d92
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4fa6eb1931794d0759c20d0387fb36562200a00618b2c4d8ef86aa572aff6384
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
8e64b47b1dd32d6a422cb0d718a4a0eaa7ced810596700d6990ae310ae544f99
988a05fcfe2c6552adf981a192c3157e76ac350e177199c027689d4c8fd1ff77
9e67d37d6738e8127b26993ee6cf002e7b82afcf965ad4249729e306e15fb719
a815c8571569128668423a729ef32f4ccd52a79ebb417fb90702fc93c7decf50
b0c0e6d0b97a180e6b90eab999d05868e96d5e14543773e1bfc8a9bc74007357
bc54c7d457b75be382c0314b5959499a0c2086b6c3e1f91f03c7975bb32ea0bf
d836998ba1ce3741c4e433e8b94fd2b8f2d1d12f3ac64a72d12febd150f82181
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e