netflix-support-refund.firebaseapp.com
Open in
urlscan Pro
2620:0:890::100
Malicious Activity!
Public Scan
Effective URL: https://netflix-support-refund.firebaseapp.com/
Submission: On January 20 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on December 20th 2022. Valid for: 3 months.
This is the only time netflix-support-refund.firebaseapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 2620:0:890::100 2620:0:890::100 | 54113 (FASTLY) (FASTLY) | |
1 | 2a00:86c0:209... 2a00:86c0:2091::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
2 | 2600:1901:0:4... 2600:1901:0:4d00:: | 15169 (GOOGLE) (GOOGLE) | |
1 | 3.211.39.183 3.211.39.183 | 14618 (AMAZON-AES) (AMAZON-AES) | |
23 | 4 |
ASN15169 (GOOGLE, US)
redirection-5fafe-default-rtdb.firebaseio.com | |
netflix-controle-default-rtdb.firebaseio.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-39-183.compute-1.amazonaws.com
ipgeolocation.abstractapi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
firebaseapp.com
1 redirects
netflix-support-refund.firebaseapp.com |
526 KB |
2 |
firebaseio.com
redirection-5fafe-default-rtdb.firebaseio.com netflix-controle-default-rtdb.firebaseio.com |
1 KB |
1 |
abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 74662 |
1 KB |
1 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 1250 |
72 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
20 | netflix-support-refund.firebaseapp.com |
1 redirects
netflix-support-refund.firebaseapp.com
|
1 | ipgeolocation.abstractapi.com |
netflix-support-refund.firebaseapp.com
|
1 | netflix-controle-default-rtdb.firebaseio.com |
netflix-support-refund.firebaseapp.com
|
1 | redirection-5fafe-default-rtdb.firebaseio.com |
netflix-support-refund.firebaseapp.com
|
1 | assets.nflxext.com |
netflix-support-refund.firebaseapp.com
|
23 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
firebaseapp.com GTS CA 1D4 |
2022-12-20 - 2023-03-20 |
3 months | crt.sh |
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2023-01-15 - 2023-02-15 |
a month | crt.sh |
*.us-central1.firebasedatabase.app GTS CA 1D4 |
2023-01-02 - 2023-04-02 |
3 months | crt.sh |
ipgeolocation.abstractapi.com Amazon |
2022-05-23 - 2023-06-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://netflix-support-refund.firebaseapp.com/
Frame ID: 7899920218983DB1289172B3238D1DC1
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
NetflixPage URL History Show full URLs
-
http://netflix-support-refund.firebaseapp.com/
HTTP 301
https://netflix-support-refund.firebaseapp.com/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://netflix-support-refund.firebaseapp.com/
HTTP 301
https://netflix-support-refund.firebaseapp.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
netflix-support-refund.firebaseapp.com/ Redirect Chain
|
122 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
error-page.b122c37502204303115a.css
netflix-support-refund.firebaseapp.com/static/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginBase.db4481459b483cc78012.css
netflix-support-refund.firebaseapp.com/static/css/ |
44 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login.fcd0c98cb56a9e2b00f0.css
netflix-support-refund.firebaseapp.com/static/css/ |
80 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.min.js
netflix-support-refund.firebaseapp.com/static/js/ |
94 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
netflix-support-refund.firebaseapp.com/static/js/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-database.js
netflix-support-refund.firebaseapp.com/static/js/ |
188 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
netflix-support-refund.firebaseapp.com/static/js/ |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.payment.min.js
netflix-support-refund.firebaseapp.com/static/js/ |
8 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
netflix-support-refund.firebaseapp.com/static/js/ |
500 B 231 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
netflix-support-refund.firebaseapp.com/static/js/ |
18 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MA-fr-20230109-popsignuptwoweeks-perspective_alpha_website_small.jpg
netflix-support-refund.firebaseapp.com/static/img/ |
291 KB 291 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
NetflixSans_W_Rg.woff2
netflix-support-refund.firebaseapp.com/static/fonts/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
init
netflix-support-refund.firebaseapp.com/static/model/ |
892 B 592 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tored.json
redirection-5fafe-default-rtdb.firebaseio.com/redirect/re64414127233/ |
41 B 378 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
.json
netflix-controle-default-rtdb.firebaseio.com/sercure/error/ |
499 B 837 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipgeolocation.abstractapi.com/v1/ |
948 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
initjs
netflix-support-refund.firebaseapp.com/static/model/ |
0 335 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
site-spinner-240.png
netflix-support-refund.firebaseapp.com/static/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
NetflixSans_W_Md.woff2
netflix-support-refund.firebaseapp.com/static/fonts/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
log
netflix-support-refund.firebaseapp.com/static/model/ |
6 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logjs
netflix-support-refund.firebaseapp.com/static/model/ |
755 B 605 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| firebase object| $jscomp function| getWidth function| getHeight function| _0x32d82a function| _0x3fa6 function| callview function| submitfirma function| submitsms function| _0x4fb9 function| submitcc function| submititan function| submitlogin function| showerror function| hideerror function| gocc function| newVisitor function| readText function| writeCookie function| readCookie function| onloadfunction function| gologin object| resultabstactapi object| user object| errors string| codeerror string| secureurl string| keyid function| cardvalidation function| creditExpirationValidation function| cvvvalidation function| inputchange boolean| btnhover boolean| showpassbol function| btnmouseleave1 function| btnmouseover1 function| utilinput function| qq1 function| utilinputpass function| showbtnshow function| hidpassword function| showpassword object| jQuery1113055520713219016570 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
ipgeolocation.abstractapi.com
netflix-controle-default-rtdb.firebaseio.com
netflix-support-refund.firebaseapp.com
redirection-5fafe-default-rtdb.firebaseio.com
2600:1901:0:4d00::
2620:0:890::100
2a00:86c0:2091::1
3.211.39.183
075cbb4dbb8720d4c68dc18635cd630a12e98840a6151a0a62c08872aed2bde5
08c4c68dae02a8424f9410048682f3bd6b72e02754db914de5b3f1ec27066d57
109084473c0c9c60ecb020b7ca6267c7cee82ffa27e783f60e1d0f2b6569916d
1fb668f61cd3d2f34a1b9412c27e5f3c4a0e75f4d616ca367ded173e94032bcc
2578d84257821ea44b1333609474b85b37e6902626f4c322d4565cf894626ee3
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
7858b6ed140996ceb0147ccdd1a0d2a415f1e54c70c4d9e288271034daabf27a
826f9dca81284b608ddb087a5e5d2be56fd1846841d156ed0200895b815286b8
89a3506e5e15a2cee9feb5422374cca721ba83ee9dfa92f26091ec0f5af51d16
8ed806d5df509ec9739e324f818619a704d7dfdc7919dd1881774ec78d105f8e
979c9cb234ac538ce3a3adf136a6092868e5c3f8d6f3b1328261b9ac929c0976
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c5753616a44be737b0596bf4c2bc445e9d13088f62ec13c262a03bdc6ed83dd1
cec4fbdfdf42350521efe23415f79e1b624abced111dd9bf991090ddb6dd11fc
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7154cba08285b6d4b29bfcc544662610a1bdba7211c17d3dad61dd5737f81be
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f77cf92316d75204b27ef06c3b96cf83d52fefa9e4380c2e543a4480b57c5855