www.streaming-now.co Open in urlscan Pro
18.244.18.58 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://streaming-now.co/
Effective URL:
https://www.streaming-now.co/
Submission: On May 28 via api (May 28th 2024, 7:12:15 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 18.244.18.58, located in United States and belongs to AMAZON-02, US. The main domain is www.streaming-now.co.
TLS certificate: Issued by Amazon RSA 2048 M02 on April 7th 2024. Valid for: a year.

This is the only time www.streaming-now.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Office 365 (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	18.244.18.58 18.244.18.58	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
7	18.244.18.71 18.244.18.71	16509 (AMAZON-02) (AMAZON-02)
1	172.67.137.76 172.67.137.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	5

5 18.244.18.58 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-58.fra56.r.cloudfront.net

streaming-now.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.streaming-now.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.244.18.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-71.fra56.r.cloudfront.net

www.streaming-now.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.137.76 (United States)

ASN13335 (CLOUDFLARENET, US)

ddtmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	streaming-now.co 1 redirects streaming-now.co www.streaming-now.co	51 KB
1	ddtmob.com ddtmob.com	762 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	85 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
14	4

	Domain	Requested by
11	www.streaming-now.co	www.streaming-now.co
1	ddtmob.com	www.streaming-now.co
1	www.googletagmanager.com	www.streaming-now.co
1	code.jquery.com	www.streaming-now.co
1	streaming-now.co	1 redirects
14	5

This site contains links to these domains. Also see Links.

Domain
www.ddtsports.com

Subject Issuer	Validity	Valid
*.streaming-now.co Amazon RSA 2048 M02	`2024-04-07` - `2025-05-07`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
ddtmob.com GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.streaming-now.co/
Frame ID: 211D7144F3D1E6390B68B2C07F66FFEF
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live streaming

Page URL History Show full URLs

http://streaming-now.co/ HTTP 307
https://streaming-now.co/ HTTP 302
https://www.streaming-now.co/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

166 kB
Transfer

406 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ddtsports.com/
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.ddtsports.com/
Title: selfcare website

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://streaming-now.co/ HTTP 307
https://streaming-now.co/ HTTP 302
https://www.streaming-now.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.streaming-now.co/
Redirect Chain

http://streaming-now.co/
https://streaming-now.co/
https://www.streaming-now.co/

30 KB
11 KB

399ms
360ms

Document
text/html

18.244.18.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.streaming-now.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3580dda40c2dd1eb7b17b711b71f6d2a818b7dfb9f2b5a18d37fdc9efa350d92

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Tue, 28 May 2024 19:12:09 GMT
etag: W/"bdc4a5e99847fbe1c31fe50f6ae8b9a6"
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-id: RZFgJ_4T26pRl_v4xr8sswShz70P-mdYZNReKKrYgHvNi1UEjsVQLA==
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 28 May 2024 19:12:09 GMT
location: https://www.streaming-now.co/
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-id: -IxKWlupI1wGLkfFYMc13W-YA5UqniBY-gdzlpvMgI2NghGj2i613Q==
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 160ms
48ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Origin: https://www.streaming-now.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2779711
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mxp6925-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716923530.065889,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 5, 938860

GET
H2 200 style.css
www.streaming-now.co/css/ 15 KB
4 KB 334ms
333ms Stylesheet
text/css 18.244.18.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.streaming-now.co/css/style.css
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e9be9ea1ef2b624da4c4f7b7a401a903797a9b068d04011f0faf27653fce95f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
content-encoding: gzip
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: W/"e8fbc93d5a32ae1a13bab56a02ab8c86"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ycTh0hymir5PYl81kdlDFmimH8hjB3Jexr5mwB-0jV4O6Fe1KM2HeA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 175ms
77ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11039742093

Requested by

Host: www.streaming-now.co
URL: https://www.streaming-now.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4fa6eb1931794d0759c20d0387fb36562200a00618b2c4d8ef86aa572aff6384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86284
x-xss-protection: 0
last-modified: Tue, 28 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 May 2024 19:12:10 GMT

GET
H2 200 42402.png
www.streaming-now.co/images/ 5 KB
6 KB 342ms
341ms Image
image/png 18.244.18.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/42402.png
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a815c8571569128668423a729ef32f4ccd52a79ebb417fb90702fc93c7decf50

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "d241a93d08f1fdc63d9304995d73620c"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 5384
x-amz-cf-id: -LoA7HLpbozvVQlsZJ5xMbJN7TmO7DawVt144CkeMgYvA0rLFVaCQg==

GET
H2 200 42403.png
www.streaming-now.co/images/ 4 KB
4 KB 425ms
425ms Image
image/png 18.244.18.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/42403.png
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-58.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 988a05fcfe2c6552adf981a192c3157e76ac350e177199c027689d4c8fd1ff77

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "b52fd162d3269e07655bf6ad62d23dd4"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3796
x-amz-cf-id: 6bHVWft_VAuWThrYBVy8T20Ea0eJImdWYvZGIG0QloTuT3lWEkmpAQ==

GET
H3 200 c2a_loading.gif
www.streaming-now.co/images/ 3 KB
3 KB 336ms
336ms Image
image/gif 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/c2a_loading.gif
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "f5f09658da453dca7d686ad9e5786ada"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2892
x-amz-cf-id: RdX_xpOmFVR1cOcOBkP-9PQgjDkunuaHwtlB1eYK9lX3CpZy8zWz1A==

GET
H3 200 play.png
www.streaming-now.co/images/ 1 KB
1 KB 429ms
428ms Image
image/png 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/play.png
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d836998ba1ce3741c4e433e8b94fd2b8f2d1d12f3ac64a72d12febd150f82181

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "4b1707d994b1d286ca304cb40f137032"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1155
x-amz-cf-id: DyB9W2c7hEnTeaObY0GyL8KU0_9tk7p6th0fHyhjvKNhWGq_kyltGQ==

GET
H3 200 PLAYER_barre_black.jpeg
www.streaming-now.co/images/ 8 KB
8 KB 335ms
335ms Image
image/jpeg 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/PLAYER_barre_black.jpeg
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0c0e6d0b97a180e6b90eab999d05868e96d5e14543773e1bfc8a9bc74007357

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "0b83d149b34c28a267e899b5a3d2ec95"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 8095
x-amz-cf-id: TAZ1Ffed1nBAqJGJimXlIM-I8t5SRIUKVN7fdgY9qSpVNnofgwqKFw==

GET
H3 200 icoA.png
www.streaming-now.co/images/ 10 KB
10 KB 424ms
423ms Image
image/png 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/icoA.png
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e67d37d6738e8127b26993ee6cf002e7b82afcf965ad4249729e306e15fb719

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "42cb4ad37a988755c4ffcffd1491af63"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10274
x-amz-cf-id: qhraQj7HNLA_TMKuhcyI2BSYILlqD4ESuMrssOo8sape-ee6R1GjFw==

GET
H3 200 c2a_loading.gif
www.streaming-now.co/images/ 3 KB
284 B 304ms
48ms Image
image/gif 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/c2a_loading.gif
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:10 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "f5f09658da453dca7d686ad9e5786ada"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: M1EJPpMjW9AvvZ-1E5ApFTaYyWg0zsb6H9Cpk4jtampSQ2GzGy082g==
content-length: 2892

GET
H3 200 visit.png
ddtmob.com/track/ 95 B
762 B 684ms
503ms Image
image/png 172.67.137.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddtmob.com/track/visit.png?campaignid=null&adgroupid=null&placement=null&device=null&devicemodel=null&creative=null&position=null&lang=de-DE&gclid=null&rntm=1716923530371
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.137.76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.26
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 28 May 2024 19:12:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dRqyBt3npIpoVV42pO0KQVpSePeAU%2B%2F52CBXczOJnXObttfI0XCriIl4oIWJyAsV5vN%2Ff9QXwVNJWM3TUcdXnruEGa8b0XIHVwuS7b1MziTQcLidSeBcfhr1KjJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
cf-ray: 88b08e021c119747-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 favicon.ico
www.streaming-now.co/ 1 KB
1 KB 419ms
418ms Other
image/vnd.microsoft.icon 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.streaming-now.co/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e64b47b1dd32d6a422cb0d718a4a0eaa7ced810596700d6990ae310ae544f99

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:11 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "487688cc4ad04b55532e7719b729b3a6"
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1150
x-amz-cf-id: SPSVi-qCra6Gkp6ijivfVe1bvR-vBoCkwmlgTXrrC_9YcdChr8groQ==

GET
H3 200 logo_phone.png
www.streaming-now.co/images/ 905 B
1 KB 354ms
353ms Image
image/png 18.244.18.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.streaming-now.co/images/logo_phone.png
Requested by: Host: www.streaming-now.co
URL: https://www.streaming-now.co/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc54c7d457b75be382c0314b5959499a0c2086b6c3e1f91f03c7975bb32ea0bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.streaming-now.co/css/style.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 19:12:12 GMT
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 11:24:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
etag: "a428a81265ed05424fa9edbf9d610c99"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 905
x-amz-cf-id: 6oBhViNQewxLQnCLzmSXgNCoYNcFISA6qCcAeCkkdunF9Q_0cCCfDg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Office 365 (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.streaming-now.co/	1970-01-20 23:04:59	Name: _gcl_au Value: 1.1.2060524615.1716923531
			ddtmob.com/	1970-01-21 05:40:59	Name: user_id Value: 9546881961a9da7973084e8639616f3b94c16d989a18cd347de9ac92daea3507a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22user_id%22%3Bi%3A1%3Bs%3A36%3A%2260ab154a-7348-4d24-ac8c-d6829320ad70%22%3B%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.streaming-now.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
ddtmob.com
streaming-now.co
www.googletagmanager.com
www.streaming-now.co
172.67.137.76
18.244.18.58
18.244.18.71
2a00:1450:4001:810::2008
2a04:4e42:400::649
2e9be9ea1ef2b624da4c4f7b7a401a903797a9b068d04011f0faf27653fce95f
3580dda40c2dd1eb7b17b711b71f6d2a818b7dfb9f2b5a18d37fdc9efa350d92
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4fa6eb1931794d0759c20d0387fb36562200a00618b2c4d8ef86aa572aff6384
67045b2289294c222cbab0dbfd07e0af1a40ba39c4ff6165ea9578e2345385da
8e64b47b1dd32d6a422cb0d718a4a0eaa7ced810596700d6990ae310ae544f99
988a05fcfe2c6552adf981a192c3157e76ac350e177199c027689d4c8fd1ff77
9e67d37d6738e8127b26993ee6cf002e7b82afcf965ad4249729e306e15fb719
a815c8571569128668423a729ef32f4ccd52a79ebb417fb90702fc93c7decf50
b0c0e6d0b97a180e6b90eab999d05868e96d5e14543773e1bfc8a9bc74007357
bc54c7d457b75be382c0314b5959499a0c2086b6c3e1f91f03c7975bb32ea0bf
d836998ba1ce3741c4e433e8b94fd2b8f2d1d12f3ac64a72d12febd150f82181
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.streaming-now.co Open in urlscan Pro 18.244.18.58 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

40 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

166 kBTransfer

406 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

36 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

www.streaming-now.co Open in urlscan Pro
18.244.18.58 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

166 kB
Transfer

406 kB
Size

2
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!