n-pro.vercel.app Open in urlscan Pro
76.76.21.93 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://n-pro.vercel.app/login
Submission: On October 28 via automatic, source openphish (October 28th 2024, 1:14:17 am UTC) — Scanned from IT

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 76.76.21.93, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is n-pro.vercel.app.
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.

This is the only time n-pro.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
14	76.76.21.93 76.76.21.93	16509 (AMAZON-02) (AMAZON-02)
1 1	3.233.95.182 3.233.95.182	14618 (AMAZON-AES) (AMAZON-AES)
1	185.15.59.240 185.15.59.240	14907 (WIKIMEDIA) (WIKIMEDIA)
15	3

14 76.76.21.93 (Walnut, United States)

ASN16509 (AMAZON-02, US)

n-pro.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.95.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-95-182.compute-1.amazonaws.com

rb.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.59.240 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	vercel.app n-pro.vercel.app	408 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3371	2 KB
1	rb.gy 1 redirects rb.gy — Cisco Umbrella Rank: 104661	194 B
15	3

	Domain	Requested by
14	n-pro.vercel.app	n-pro.vercel.app
1	upload.wikimedia.org
1	rb.gy	1 redirects
15	3

This site contains no links.

Subject Issuer	Validity	Valid
*.vercel.app R11	`2024-10-17` - `2025-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://n-pro.vercel.app/login
Frame ID: D9F5AD38CC57F8C9A93EB60F6EA41083
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

N Pro | Login

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

409 kB
Transfer

782 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://rb.gy/ulxxee HTTP 301
https://upload.wikimedia.org/wikipedia/commons/0/08/Netflix_2015_logo.svg

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
n-pro.vercel.app/ 1 KB
938 B 205ms
76ms Document
text/html 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

db08e25c1fe6b423d0d55c3217dbf26e63035ce30b2adcb3a4e6488334078058

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 581277
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="login"
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 28 Oct 2024 01:14:09 GMT
etag: W/"db08e25c1fe6b423d0d55c3217dbf26e63035ce30b2adcb3a4e6488334078058"
last-modified: Mon, 21 Oct 2024 07:46:11 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-matched-path: /login
x-vercel-cache: HIT
x-vercel-id: fra1::kf74v-1730078049084-dbc5330c4ea0

GET
H2 200 439a4ccedf23735a.css
n-pro.vercel.app/_next/static/css/ 12 KB
4 KB 96ms
94ms Stylesheet
text/css 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/css/439a4ccedf23735a.css

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8a9f85777a6f0f5eca33335fcd76317e4354fd512a1cbd06fa916f5e82a2cc3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"8a9f85777a6f0f5eca33335fcd76317e4354fd512a1cbd06fa916f5e82a2cc3e"
age: 573202
x-matched-path: /_next/static/css/439a4ccedf23735a.css
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="439a4ccedf23735a.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::qk68d-1730078049246-9fa0d1a11fbe

GET
H2 200 webpack-2cace27db6d56ef1.js Show response
n-pro.vercel.app/_next/static/chunks/ 4 KB
2 KB 48ms
47ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/webpack-2cace27db6d56ef1.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f7b4c0da898ac1eaa7d9fa433dece9974f16aa73eb14d2b041caad10878271b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"f7b4c0da898ac1eaa7d9fa433dece9974f16aa73eb14d2b041caad10878271b5"
age: 573202
x-matched-path: /_next/static/chunks/webpack-2cace27db6d56ef1.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="webpack-2cace27db6d56ef1.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::kf74v-1730078049246-cd0ff8d300ce

GET
H2 200 framework-fc97f3f1282ce3ed.js Show response
n-pro.vercel.app/_next/static/chunks/ 137 KB
46 KB 49ms
47ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/framework-fc97f3f1282ce3ed.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aadb91364d1393a1e6b4bc849eaabb92c4ed68437fb5f0ea95bd9d66ceeee2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"aadb91364d1393a1e6b4bc849eaabb92c4ed68437fb5f0ea95bd9d66ceeee2da"
age: 573201
x-matched-path: /_next/static/chunks/framework-fc97f3f1282ce3ed.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="framework-fc97f3f1282ce3ed.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::kf74v-1730078049266-737e77d30275

GET
H2 200 main-f4ae3437c92c1efc.js Show response
n-pro.vercel.app/_next/static/chunks/ 101 KB
28 KB 146ms
144ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/main-f4ae3437c92c1efc.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f875d5804068be9c659e35d8905a691b0165a6ddd2547b6d876be7b2fb060d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"f875d5804068be9c659e35d8905a691b0165a6ddd2547b6d876be7b2fb060d66"
age: 573202
x-matched-path: /_next/static/chunks/main-f4ae3437c92c1efc.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="main-f4ae3437c92c1efc.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::nx6rs-1730078049266-210354b1edf2

GET
H2 200 _app-f981851ffb7d1f7c.js Show response
n-pro.vercel.app/_next/static/chunks/pages/ 239 KB
76 KB 104ms
101ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/pages/_app-f981851ffb7d1f7c.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3d96c2fc3ff7ad947294c2554a49c120810df61b848bd0da7f6dba2ed8352736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"3d96c2fc3ff7ad947294c2554a49c120810df61b848bd0da7f6dba2ed8352736"
age: 573201
x-matched-path: /_next/static/chunks/pages/_app-f981851ffb7d1f7c.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="_app-f981851ffb7d1f7c.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::9sf7g-1730078049267-55acf6a99ee3

GET
H2 200 959-3f6582526a33c187.js Show response
n-pro.vercel.app/_next/static/chunks/ 14 KB
6 KB 148ms
146ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/959-3f6582526a33c187.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c68b36c4c59a5571f64bacf14e3d93fff91194f32a2f169d9806df7f2d8f2dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"c68b36c4c59a5571f64bacf14e3d93fff91194f32a2f169d9806df7f2d8f2dc3"
age: 573202
x-matched-path: /_next/static/chunks/959-3f6582526a33c187.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="959-3f6582526a33c187.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::d7nlz-1730078049266-7fdace466c55

GET
H2 200 536-4f735a32eca6ab71.js Show response
n-pro.vercel.app/_next/static/chunks/ 18 KB
7 KB 76ms
74ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/536-4f735a32eca6ab71.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8d08452695465d96bedeab04c30403402b89db357770eb7509004a1680bc9a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"8d08452695465d96bedeab04c30403402b89db357770eb7509004a1680bc9a31"
age: 573200
x-matched-path: /_next/static/chunks/536-4f735a32eca6ab71.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="536-4f735a32eca6ab71.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:49 GMT
x-vercel-id: fra1::4vj5l-1730078049266-0ccf37b8eb2e

GET
H2 200 login-986c4b6f26caeb0a.js Show response
n-pro.vercel.app/_next/static/chunks/pages/ 4 KB
2 KB 148ms
146ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/chunks/pages/login-986c4b6f26caeb0a.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b5be032a068dc1c2568f6650c9851a5100c3a1693cf6f955252d0635b9f84e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"b5be032a068dc1c2568f6650c9851a5100c3a1693cf6f955252d0635b9f84e3e"
age: 573200
x-matched-path: /_next/static/chunks/pages/login-986c4b6f26caeb0a.js
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="login-986c4b6f26caeb0a.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:48 GMT
x-vercel-id: fra1::gnptx-1730078049266-19ddf2d72dcb

GET
H2 200 _buildManifest.js Show response
n-pro.vercel.app/_next/static/8uyKAJA0Cgbf4O6VonxJM/ 658 B
932 B 146ms
145ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/8uyKAJA0Cgbf4O6VonxJM/_buildManifest.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

277320d52c561989d2ff9a0375ec22a13565a0ea29741754e581e2b162720907

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-vercel-cache: HIT
etag: W/"277320d52c561989d2ff9a0375ec22a13565a0ea29741754e581e2b162720907"
age: 573202
x-matched-path: /_next/static/8uyKAJA0Cgbf4O6VonxJM/_buildManifest.js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 658
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="_buildManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::ls2b6-1730078049267-0b2195d653f1

GET
H2 200 _ssgManifest.js Show response
n-pro.vercel.app/_next/static/8uyKAJA0Cgbf4O6VonxJM/ 77 B
280 B 48ms
46ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/8uyKAJA0Cgbf4O6VonxJM/_ssgManifest.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-vercel-cache: HIT
etag: W/"6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e"
age: 573201
x-matched-path: /_next/static/8uyKAJA0Cgbf4O6VonxJM/_ssgManifest.js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::vtb92-1730078049266-2b71ac2662f1

GET
H2 200 _middlewareManifest.js Show response
n-pro.vercel.app/_next/static/8uyKAJA0Cgbf4O6VonxJM/ 92 B
296 B 140ms
139ms Script
application/javascript 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/_next/static/8uyKAJA0Cgbf4O6VonxJM/_middlewareManifest.js

Requested by

Host: n-pro.vercel.app
URL: https://n-pro.vercel.app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public,max-age=31536000,immutable
x-vercel-cache: HIT
etag: W/"de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a"
age: 573201
x-matched-path: /_next/static/8uyKAJA0Cgbf4O6VonxJM/_middlewareManifest.js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="_middlewareManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Mon, 21 Oct 2024 10:00:47 GMT
x-vercel-id: fra1::65jtr-1730078049267-0fbb8fa5c281

GET
H2 200 favicon.ico
n-pro.vercel.app/ 25 KB
9 KB 47ms
46ms Other
image/vnd.microsoft.icon 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n-pro.vercel.app/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932"
age: 184958
x-matched-path: /favicon.ico
access-control-allow-origin: *
date: Mon, 28 Oct 2024 01:14:09 GMT
content-disposition: inline; filename="favicon.ico"
content-type: image/vnd.microsoft.icon
server: Vercel
last-modified: Fri, 25 Oct 2024 21:51:30 GMT
x-vercel-id: fra1::d7nlz-1730078049472-c5cf64eb4a07

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
H2

200

Netflix_2015_logo.svg
upload.wikimedia.org/wikipedia/commons/0/08/
Redirect Chain

https://rb.gy/ulxxee
https://upload.wikimedia.org/wikipedia/commons/0/08/Netflix_2015_logo.svg

1 KB
2 KB

717ms
55ms

Image
image/svg+xml

185.15.59.240
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/0/08/Netflix_2015_logo.svg

Protocol

Server

185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

ATS/9.2.5 /

Resource Hash

0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/

Response headers

access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
content-encoding: gzip
etag: W/6dbba458959d4ce1edd2f5b3ab3ae13b
age: 73279
x-object-meta-sha1base36: 3ezp8jl2fgt1vd8mxyse4qtyn1i218e
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options: nosniff
server-timing: cache;desc="hit-front", host;desc="cp3074"
x-cache: cp3074 hit, cp3074 hit/377
date: Sun, 27 Oct 2024 04:52:50 GMT
content-type: image/svg+xml
last-modified: Wed, 06 Feb 2019 12:31:58 GMT
vary: Accept-Encoding
x-client-ip: 185.198.62.147
x-cache-status: hit-front
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 623
server: ATS/9.2.5

Redirect headers

strict-transport-security: max-age=15552000
expires: -1
cache-control: no-cache, no-store
location: https://upload.wikimedia.org/wikipedia/commons/0/08/Netflix_2015_logo.svg
content-length: 0
date: Mon, 28 Oct 2024 01:14:09 GMT
engine: Rebrandly.redirect, version 2.1

GET
H2 200 image
n-pro.vercel.app/_next/ 225 KB
225 KB 51ms
50ms Image
image/webp 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n-pro.vercel.app/_next/image?url=https%3A%2F%2Frb.gy%2Fp2hphi&w=1920&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1ff6cc1450809b27ad90a5cadf55f91e0be8a6e9549dbac00fb6b4faa0df06b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://n-pro.vercel.app/login

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=604801, must-revalidate
x-vercel-cache: HIT
x-vercel-id: fra1::d7nlz-1730078049502-1a2ec1b47c42
age: 242623
x-vercel-imgsrc: be362993d2d3e6d7b6d4cf470f0ebce8
content-length: 230196
date: Fri, 25 Oct 2024 05:50:25 GMT
content-disposition: inline; filename="p2hphi.webp"
content-type: image/webp
server: Vercel
last-modified: Wed, 23 Mar 2022 12:52:16 GMT
vary: Accept

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://n-pro.vercel.app/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

n-pro.vercel.app
rb.gy
upload.wikimedia.org
185.15.59.240
3.233.95.182
76.76.21.93
0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92
1ff6cc1450809b27ad90a5cadf55f91e0be8a6e9549dbac00fb6b4faa0df06b0
277320d52c561989d2ff9a0375ec22a13565a0ea29741754e581e2b162720907
2b8ad2d33455a8f736fc3a8ebf8f0bdea8848ad4c0db48a2833bd0f9cd775932
3d96c2fc3ff7ad947294c2554a49c120810df61b848bd0da7f6dba2ed8352736
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
8a9f85777a6f0f5eca33335fcd76317e4354fd512a1cbd06fa916f5e82a2cc3e
8d08452695465d96bedeab04c30403402b89db357770eb7509004a1680bc9a31
aadb91364d1393a1e6b4bc849eaabb92c4ed68437fb5f0ea95bd9d66ceeee2da
b5be032a068dc1c2568f6650c9851a5100c3a1693cf6f955252d0635b9f84e3e
c68b36c4c59a5571f64bacf14e3d93fff91194f32a2f169d9806df7f2d8f2dc3
db08e25c1fe6b423d0d55c3217dbf26e63035ce30b2adcb3a4e6488334078058
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7b4c0da898ac1eaa7d9fa433dece9974f16aa73eb14d2b041caad10878271b5
f875d5804068be9c659e35d8905a691b0165a6ddd2547b6d876be7b2fb060d66

n-pro.vercel.app Open in urlscan Pro 76.76.21.93 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

93 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

409 kBTransfer

782 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

n-pro.vercel.app Open in urlscan Pro
76.76.21.93 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

409 kB
Transfer

782 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!