www.ustreamgo.com Open in urlscan Pro
185.247.225.40  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.ustreamgo.com/	15 KB 3 KB	265ms 64ms	Document text/html	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Full URL http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 760a9f944cfdeb9e90a7d01e07bc490461319698b607ea3a2e8dd65850c9d17b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 13 Sep 2023 10:18:32 GMT Last-Modified Tue, 12 Sep 2023 18:10:04 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN
GET H/1.1	200 OK	css.css www.ustreamgo.com/css/	5 KB 887 B	65ms 64ms	Stylesheet text/css	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Full URL http://www.ustreamgo.com/css/css.css Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 947d72b48f208f498af39ccf179554b5b2ddb047fcff650d06469a2b9d996224 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:15:18 GMT Server nginx X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type text/css Vary Accept-Encoding, Accept-Encoding Connection keep-alive
GET H/1.1	200 OK	style.css www.ustreamgo.com/css/	33 KB 7 KB	131ms 66ms	Stylesheet text/css	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Full URL http://www.ustreamgo.com/css/style.css Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash ab69dc2cb13cab45f72a7564cd598b721851e5a9d601c043431266d823ba176e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:15:18 GMT Server nginx X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type text/css Vary Accept-Encoding, Accept-Encoding Connection keep-alive
GET H/1.1	200 OK	jquery.min.js Show response www.ustreamgo.com/js/	138 KB 37 KB	138ms 73ms	Script application/javascript	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Full URL http://www.ustreamgo.com/js/jquery.min.js Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 390b033ebca134254b8ce56c425ce918bed7ec595def21f91a9558d0a21fd298 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:16:04 GMT Server nginx X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Connection keep-alive
GET H/1.1	200 OK	main.js Show response www.ustreamgo.com/js/	3 KB 1 KB	129ms 64ms	Script application/javascript	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Full URL http://www.ustreamgo.com/js/main.js Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 6340c2dc70c36c553a7e253f22d552333cb0cde07dcf147df313827dbb13074f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:16:04 GMT Server nginx X-Frame-Options SAMEORIGIN Transfer-Encoding chunked Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Connection keep-alive
GET H/1.1	200 OK	mov.png www.ustreamgo.com/img/	445 B 716 B	64ms 64ms	Image image/png	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Show image Full URL http://www.ustreamgo.com/img/mov.png Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 7f3b5813af08639f509729cbb27b1a04d96943fd26f9310cd253d046f3334702 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:15:40 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 445
GET H/1.1	200 OK	film.png www.ustreamgo.com/img/	2 KB 2 KB	64ms 64ms	Image image/png	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Show image Full URL http://www.ustreamgo.com/img/film.png Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 3be2c8f23f4c5677593d5c88b76a3cddbcab7366dd48653dfa938f8dec11ea90 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:15:40 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2134
GET H/1.1	200 OK	img-product.png www.ustreamgo.com/img/	11 KB 11 KB	64ms 64ms	Image image/png	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Show image Full URL http://www.ustreamgo.com/img/img-product.png Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/ Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash 7458cc5c8e6464162d23320632e69d0b17de0b4631105cbe5698d56b028c040b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:15:40 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 11157
GET H/1.1	200 OK	bg.jpg www.ustreamgo.com/img/	259 KB 259 KB	65ms 64ms	Image image/jpeg	185.247.225.40 FLOKINET
General Check archive.org Show headers Download Go to Show image Full URL http://www.ustreamgo.com/img/bg.jpg Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/css/style.css Protocol HTTP/1.1 Server 185.247.225.40 Bucharest, Romania, ASN200651 (FLOKINET, SC), Reverse DNS ro9.flokinet.is Software nginx / Resource Hash cdbb8bd903dd6fe325ab434193200da2111679906e51c2fcfc3175dde5c65708 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer http://www.ustreamgo.com/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers Date Wed, 13 Sep 2023 10:18:33 GMT X-Content-Type-Options nosniff Last-Modified Tue, 12 Sep 2023 18:15:40 GMT Server nginx X-Frame-Options SAMEORIGIN Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 265116
GET H2	200	pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	165ms 77ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2 Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/css/css.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.ustreamgo.com/ Origin http://www.ustreamgo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Sat, 09 Sep 2023 08:15:11 GMT x-content-type-options nosniff age 353002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7968 x-xss-protection 0 last-modified Tue, 08 Oct 2019 21:22:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 08:15:11 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	132ms 44ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2 Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/css/css.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.ustreamgo.com/ Origin http://www.ustreamgo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Sat, 09 Sep 2023 09:56:18 GMT x-content-type-options nosniff age 346935 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7836 x-xss-protection 0 last-modified Tue, 08 Oct 2019 21:22:13 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 09:56:18 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	137ms 50ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2 Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/css/css.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.ustreamgo.com/ Origin http://www.ustreamgo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Sat, 09 Sep 2023 08:33:35 GMT x-content-type-options nosniff age 351898 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7960 x-xss-protection 0 last-modified Tue, 08 Oct 2019 21:22:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Sep 2024 08:33:35 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2 fonts.gstatic.com/s/poppins/v9/	8 KB 8 KB	125ms 40ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2 Requested by Host: www.ustreamgo.com URL: http://www.ustreamgo.com/css/css.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.ustreamgo.com/ Origin http://www.ustreamgo.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36 Response headers date Fri, 08 Sep 2023 04:13:06 GMT x-content-type-options nosniff age 453927 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7924 x-xss-protection 0 last-modified Tue, 08 Oct 2019 21:22:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 07 Sep 2024 04:13:06 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| init

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
www.ustreamgo.com
185.247.225.40
2a00:1450:4001:811::2003
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
390b033ebca134254b8ce56c425ce918bed7ec595def21f91a9558d0a21fd298
3be2c8f23f4c5677593d5c88b76a3cddbcab7366dd48653dfa938f8dec11ea90
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
6340c2dc70c36c553a7e253f22d552333cb0cde07dcf147df313827dbb13074f
7458cc5c8e6464162d23320632e69d0b17de0b4631105cbe5698d56b028c040b
760a9f944cfdeb9e90a7d01e07bc490461319698b607ea3a2e8dd65850c9d17b
7f3b5813af08639f509729cbb27b1a04d96943fd26f9310cd253d046f3334702
947d72b48f208f498af39ccf179554b5b2ddb047fcff650d06469a2b9d996224
ab69dc2cb13cab45f72a7564cd598b721851e5a9d601c043431266d823ba176e
cdbb8bd903dd6fe325ab434193200da2111679906e51c2fcfc3175dde5c65708
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388