lvs-netflix.com
Open in
urlscan Pro
162.0.209.192
Malicious Activity!
Public Scan
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 14th 2021. Valid for: a year.
This is the only time lvs-netflix.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 162.0.209.192 162.0.209.192 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::2001 | 15169 (GOOGLE) (GOOGLE) | |
4 | 4 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business126-2.web-hosting.com
lvs-netflix.com |
ASN15169 (GOOGLE, US)
ci3.googleusercontent.com |
ASN15169 (GOOGLE, US)
ci6.googleusercontent.com |
ASN15169 (GOOGLE, US)
ci5.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
googleusercontent.com
ci3.googleusercontent.com ci6.googleusercontent.com ci5.googleusercontent.com |
7 KB |
1 |
lvs-netflix.com
lvs-netflix.com |
7 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
1 | ci5.googleusercontent.com |
lvs-netflix.com
|
1 | ci6.googleusercontent.com |
lvs-netflix.com
|
1 | ci3.googleusercontent.com |
lvs-netflix.com
|
1 | lvs-netflix.com | |
4 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
www.netflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
lvs-netflix.com Sectigo RSA Domain Validation Secure Server CA |
2021-04-14 - 2022-04-14 |
a year | crt.sh |
*.googleusercontent.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lvs-netflix.com/
Frame ID: B56E4106FCEFBB888EE0A38E83B31E55
Requests: 4 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Title: Help Center
Search URL Search Domain Scan URL
Title: contact us
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Communication Settings
Search URL Search Domain Scan URL
Title: help.netflix.com
Search URL Search Domain Scan URL
Title: 12546_en_US
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy Statement
Search URL Search Domain Scan URL
Title: Netflix International B.V.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
lvs-netflix.com/ |
65 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZQQN6HNOJ3zD6LKGPp006t6hiteN6naAXik7db17NYjKUtw3QcbyS_Mu-ntwGYc_BvH2RHwBF5wZoRBUqMnd2ve5COD_KJuzDf8g__8eiw8=s0-d-e1-ft
ci3.googleusercontent.com/proxy/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
L9T5WYvtTUI0IDGrvb56b8xj8k0TmO_NQG7ZCMnAU97DLzW6axTq1HTzlIe2vKU2rWid6sn0Frs0JoZwj8WxWo2Snt9BWiMt_3ttFRKmlZAwNWcwl3ZoKUzB-levauW9gDDYMgxJX988ax-tspiKysy8Q2HyWwEH4usQTcmmamqG5iNbWU7PShZT1nob5TyYiNwbU...
ci6.googleusercontent.com/proxy/ |
43 B 441 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O4liAkf7VnArvS18l8abw8nafEXuI3awedQ-dqbWZ0XBIfFlrAGc7pcZddbt3yTrE_V4rii6FMQB0fXdjwgeM35duoGHqYMKsJ9DHA=s0-d-e1-ft
ci5.googleusercontent.com/proxy/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ci3.googleusercontent.com
ci5.googleusercontent.com
ci6.googleusercontent.com
lvs-netflix.com
162.0.209.192
2a00:1450:4001:802::2001
2a00:1450:4001:811::2001
2a00:1450:4001:82b::2001
b97ac7f4ab2b2012e933f3630a164a66a56d4e01dc6ebf38e8f1cd3ba7bd2590
e1da5cd02d74bb5ba944e3ce44037860ac9f42392eec6c99b9543910e1a3a5fe
e9dd777fb2236aeeb7f8f7681aeea7a0a35b49334ca69f6f4fa7ad83ec6ff9b3
fa0c2899833c60a4943cce410669e93f0015a3a5712906e7f23f96ddb355b012