netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app Open in urlscan Pro
76.76.21.98 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
Effective URL:
https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
Submission: On November 20 via api (November 20th 2023, 5:12:27 pm UTC) from US — Scanned from CA

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 76.76.21.98, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	76.76.21.98 76.76.21.98	16509 (AMAZON-02) (AMAZON-02)
1	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
2	142.251.16.101 142.251.16.101	15169 (GOOGLE) (GOOGLE)
6	45.57.90.1 45.57.90.1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	23.246.56.143 23.246.56.143	2906 (AS-SSI) (AS-SSI)
3	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
16	6

3 76.76.21.98 (Walnut, United States)

ASN16509 (AMAZON-02, US)

netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.16.101 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f101.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.57.90.1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.246.56.143 (Hong Kong, Hong Kong)

ASN2906 (AS-SSI, US)
PTR: ipv4-c027-hkg001-ix.1.oca.nflxvideo.net

occ-0-395-299.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 5083	561 KB
3	gstatic.com fonts.gstatic.com	42 KB
3	vercel.app netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app	201 KB
2	google.com apis.google.com — Cisco Umbrella Rank: 112	43 KB
1	nflxso.net occ-0-395-299.1.nflxso.net	248 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
16	6

	Domain	Requested by
6	assets.nflxext.com
3	fonts.gstatic.com	fonts.googleapis.com
3	netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app	netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
2	apis.google.com	netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app apis.google.com
1	occ-0-395-299.1.nflxso.net
1	fonts.googleapis.com	netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
16	6

This site contains no links.

Subject Issuer	Validity	Valid
*.vercel.app R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2023-11-05` - `2023-12-07`	a month	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
Frame ID: 4CCE66689C3252300563C10225D6448F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix React Clone - Watch Movies Online

Page URL History Show full URLs

http://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/ HTTP 307
https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/ Page URL

Detected technologies

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1096 kB
Transfer

1683 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/ HTTP 307
https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
Redirect Chain

http://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/

863 B
1 KB

149ms
62ms

Document
text/html

76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

359343a23d1f5382c3b7242d491b03777711a127fd0624cda8a1137d40cbf51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5756691
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-length: 863
content-type: text/html; charset=utf-8
date: Mon, 20 Nov 2023 17:12:21 GMT
etag: "c42087cd971bdf3681dc512e2ef4254e"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-robots-tag: noindex
x-vercel-cache: HIT
x-vercel-id: iad1::rdvkj-1700500341046-b5445e3ce543

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
Non-Authoritative-Reason: HSTS

GET
H2 200 main.5cb70e2a.js Show response
netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/static/js/ 675 KB
195 KB 41ms
40ms Script
application/javascript 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/static/js/main.5cb70e2a.js

Requested by

Host: netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
URL: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

495c3a78831bedb6bbfab0fe60754da76f73a5d8f83615d7cfffdd08d67e2e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 20 Nov 2023 17:12:21 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: iad1::rdvkj-1700500341103-bc5e74296a3f
age: 326722
etag: W/"e12881555e39c68e2985f3addd363638"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.5cb70e2a.js"
x-robots-tag: noindex

GET
H2 200 main.0ba6110c.css
netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/static/css/ 23 KB
6 KB 50ms
49ms Stylesheet
text/css 76.76.21.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/static/css/main.0ba6110c.css

Requested by

Host: netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
URL: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

06fa3e92ecd4a44d22d9f1498f06369f8bff32a3ba82660e2cb3130300f4f1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 20 Nov 2023 17:12:21 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: iad1::9rqjm-1700500341103-0c6985e2e682
age: 13394536
etag: W/"ca517959b7a9483e95dc5fb59ef63e27"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.0ba6110c.css"
x-robots-tag: noindex

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 123ms
48ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
URL: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/static/css/main.0ba6110c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

aaa9cc6fe7db84e17e77b67ae2b0463a01bbe7a1ab33e297c07d7f986ad6bae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
date: Mon, 20 Nov 2023 17:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 20 Nov 2023 17:12:21 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 18 KB
8 KB 119ms
48ms Script
text/javascript 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?onload=__iframefcb39508

Requested by

Host: netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
URL: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/static/js/main.5cb70e2a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f101.1e100.net

Software

sffe /

Resource Hash

41965213138cc14eca403a0af1c4e4888851f56e749f8a70e8459e6a35dc8747

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 17:12:21 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7121
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e958786061f50e70"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 17:12:21 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/ 104 KB
35 KB 36ms
36ms Script
text/javascript 142.251.16.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.AOzoyjtjrhQ.O/m=gapi_iframes/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9-fA1P7IZFa1fdRj158NoDqrnbYA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?onload=__iframefcb39508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.16.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bl-in-f101.1e100.net

Software

sffe /

Resource Hash

80a34683eadf82e572ea71fc0964b93ff3d391e04573a9764ec7f7d1d15ac7c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 16 Nov 2023 02:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35586
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:22:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 02:57:15 GMT

GET
H/1.1 200
OK VN-en-20230612-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/39f3c979-c105-4948-9c51-611eedf3a6fd/aa02ddf2-423e-4abb-929d-5ba8d950cad4/ 324 KB
324 KB 244ms
177ms Image
image/jpeg 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/39f3c979-c105-4948-9c51-611eedf3a6fd/aa02ddf2-423e-4abb-929d-5ba8d950cad4/VN-en-20230612-popsignuptwoweeks-perspective_alpha_website_large.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cb31535f1bd07de2e0e874fcf416de015ad209779a54fa7ffaab14db782d549

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:21 GMT
Last-Modified: Wed, 14 Jun 2023 13:40:24 GMT
Server: nginx
Content-MD5: TdEM68jtsdvxN/a1RIFjqQ==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 331852
Expires: Mon, 27 Nov 2023 17:12:22 GMT

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 96ms
29ms Image
image/png 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:21 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Mon, 27 Nov 2023 17:12:22 GMT

GET
H/1.1 200
OK mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 48 KB
49 KB 95ms
29ms Image
image/jpeg 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:21 GMT
Last-Modified: Wed, 14 Aug 2019 17:59:05 GMT
Server: nginx
Content-MD5: pIMz1DwZYS7WGYf6Xb/zxQ==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49614
Expires: Mon, 27 Nov 2023 17:12:22 GMT

GET
H/1.1 200
OK boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 20 KB
20 KB 95ms
29ms Image
image/png 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/boxshot.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:21 GMT
Last-Modified: Wed, 14 Nov 2018 18:48:14 GMT
Server: nginx
Content-MD5: WH4EDyAll5IJSQHKlzlmng==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20506
Expires: Mon, 27 Nov 2023 17:12:22 GMT

GET
H/1.1 200
OK download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 22 KB
22 KB 94ms
28ms Image
image/gif 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/download-icon.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:21 GMT
Last-Modified: Mon, 12 Nov 2018 22:40:57 GMT
Server: nginx
Content-MD5: 3Ty3jbeMPgoTybd+4Z3u5g==
Content-Type: image/gif
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22171
Expires: Mon, 27 Nov 2023 17:12:22 GMT

GET
H/1.1 200
OK device-pile-vn.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 299ms
233ms Image
image/png 45.57.90.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile-vn.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:21 GMT
Last-Modified: Wed, 11 Jan 2023 12:55:02 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Mon, 27 Nov 2023 17:12:22 GMT

GET
H/1.1 200
OK AAAABejKYujIIDQciqmGJJ8BtXkYKKTi5jiqexltvN1YmvXYIfX8B9CYwooUSIzOKneblRFthZAFsYLMgKMyNfeHwk16DmEkpIIcb6A3.png
occ-0-395-299.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ 247 KB
248 KB 759ms
248ms Image
image/png 23.246.56.143
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://occ-0-395-299.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/AAAABejKYujIIDQciqmGJJ8BtXkYKKTi5jiqexltvN1YmvXYIfX8B9CYwooUSIzOKneblRFthZAFsYLMgKMyNfeHwk16DmEkpIIcb6A3.png?r=f55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.246.56.143 Hong Kong, Hong Kong, ASN2906 (AS-SSI, US),
Reverse DNS: ipv4-c027-hkg001-ix.1.oca.nflxvideo.net
Software: nginx /
Resource Hash: eea9de1cdc682d9ea1d1e395e35baa6e35a6d685664bd636e8bf2900158134d1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date: Mon, 20 Nov 2023 17:12:22 GMT
Last-Modified: Thu, 01 Jun 2023 20:52:44 GMT
Server: nginx
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "bac31463a9cffbfeed00e05c47a46595"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public, s-maxage=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 253151

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 13 KB
14 KB 108ms
36ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 15 Nov 2023 07:54:04 GMT
x-content-type-options: nosniff
age: 465497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13724
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:20:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 07:54:04 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 124ms
52ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 18 Nov 2023 02:21:49 GMT
x-content-type-options: nosniff
age: 226232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 02:21:49 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v24/ 14 KB
14 KB 128ms
56ms Font
font/woff2 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

sffe /

Resource Hash

7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 17 Nov 2023 06:31:35 GMT
x-content-type-options: nosniff
age: 297646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14168
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 06:31:35 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-20 20:45:11	Name: NID Value: 511=LQTuj2G18w3IufSyimh4vOEae5N2CkdolUZFt8IdATeCNE1IDSL34iQn47PkBrnduyV1voh5IXT6C7eIn2JG6slPXU17vnH-WOWRdlZc9HROG_fAAnFe8bo-8ulBZFs3dXHYVURYhUNgM0CCMI_Vx3Sk0gHOHEuxPWOfGlrHOU0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
assets.nflxext.com
fonts.googleapis.com
fonts.gstatic.com
netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app
occ-0-395-299.1.nflxso.net
142.251.16.101
142.251.163.94
172.253.63.95
23.246.56.143
45.57.90.1
76.76.21.98
06fa3e92ecd4a44d22d9f1498f06369f8bff32a3ba82660e2cb3130300f4f1e4
359343a23d1f5382c3b7242d491b03777711a127fd0624cda8a1137d40cbf51d
41965213138cc14eca403a0af1c4e4888851f56e749f8a70e8459e6a35dc8747
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
495c3a78831bedb6bbfab0fe60754da76f73a5d8f83615d7cfffdd08d67e2e79
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
6cb31535f1bd07de2e0e874fcf416de015ad209779a54fa7ffaab14db782d549
7a7ce1a34f3e9944fe88fc61abbc93b6db383afa2b90815fd7ccea456fbce4e5
80a34683eadf82e572ea71fc0964b93ff3d391e04573a9764ec7f7d1d15ac7c4
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
aaa9cc6fe7db84e17e77b67ae2b0463a01bbe7a1ab33e297c07d7f986ad6bae3
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
bd9a6192274f8f2f3ce31cd3d2cae5ebe32e2fa86fc7c4f60a3c28556e496d56
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
eea9de1cdc682d9ea1d1e395e35baa6e35a6d685664bd636e8bf2900158134d1

netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app Open in urlscan Pro 76.76.21.98 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

1096 kBTransfer

1683 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

netflix-clone-react-9uy6gpwm7-nctrung10.vercel.app Open in urlscan Pro
76.76.21.98 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1096 kB
Transfer

1683 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!