evershineenterprises.co.in
Open in
urlscan Pro
148.66.136.53
Malicious Activity!
Public Scan
Submission: On June 29 via api from JP — Scanned from SG
Summary
This is the only time evershineenterprises.co.in was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 148.66.136.53 148.66.136.53 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
3 | 2a00:86c0:209... 2a00:86c0:2091::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
7 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
evershineenterprises.co.in
1 redirects
evershineenterprises.co.in |
72 KB |
3 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4129 |
178 KB |
7 | 2 |
Domain | Requested by | |
---|---|---|
5 | evershineenterprises.co.in |
1 redirects
evershineenterprises.co.in
|
3 | assets.nflxext.com |
evershineenterprises.co.in
|
7 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.netflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2023-06-11 - 2023-07-13 |
a month | crt.sh |
This page contains 1 frames:
Primary Page:
http://evershineenterprises.co.in/netflix/update/
Frame ID: 7A4128C41E212F773FBA3C855E98FD62
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
NetflixPage URL History Show full URLs
-
http://evershineenterprises.co.in/netflix/update
HTTP 301
http://evershineenterprises.co.in/netflix/update/ Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Questions? Contact us.
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Corporate Information
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://evershineenterprises.co.in/netflix/update
HTTP 301
http://evershineenterprises.co.in/netflix/update/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
evershineenterprises.co.in/netflix/update/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
evershineenterprises.co.in/netflix/update/assets/css/ |
217 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
evershineenterprises.co.in/netflix/update/assets/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
evershineenterprises.co.in/netflix/update/assets/js/ |
19 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| filter0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
evershineenterprises.co.in
148.66.136.53
2a00:86c0:2091::1
7225dce04616869acf868470c9f635c97cc1c1304dce951840130ac5c9bbd413
73ab9a0d44bf454ca0190571a80cce77d3292f47bd6d8e273a4a628cf304c6b1
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
e69fe58af35c0362191ab831ad708bd0ba946471fb0939b45ad10eba1ba368b4
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127