blueworkers.org
Open in
urlscan Pro
54.193.184.88
Public Scan
URL:
https://blueworkers.org/companies/netflix-2059742
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On May 08 via api from IT — Scanned from IT
Submission Tags: @ecarlesi possiblethreat phishing netflix Search All
Submission: On May 08 via api from IT — Scanned from IT
Summary
This website contacted 7 IPs
in 1 countries
across 5 domains to perform 8 HTTP transactions.
The main IP is 54.193.184.88, located in
San Jose, United States and
belongs to AMAZON-02, US.
The main domain is blueworkers.org.
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.
This is the only time blueworkers.org was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.
This is the only time blueworkers.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 54.193.184.88 54.193.184.88 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 108.138.34.83 108.138.34.83 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 18.245.33.69 18.245.33.69 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 142.250.181.228 142.250.181.228 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 216.58.206.67 216.58.206.67 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 52.219.120.249 52.219.120.249 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 52.219.120.193 52.219.120.193 | 16509 (AMAZON-02) (AMAZON-02) | |
| 8 | 7 |
1
54.193.184.88
(San Jose, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-184-88.us-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-184-88.us-west-1.compute.amazonaws.com
| blueworkers.org |
2
108.138.34.83
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-83.muc50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-83.muc50.r.cloudfront.net
| d2x33it9a58aqn.cloudfront.net |
1
18.245.33.69
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-245-33-69.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-245-33-69.fra56.r.cloudfront.net
| d3535lqr6sqxto.cloudfront.net |
1
142.250.181.228
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net
| www.google.com |
1
52.219.120.249
(San Jose, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
| jboardio.s3-us-west-1.amazonaws.com |
1
52.219.120.193
(San Jose, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
| jboard-tenant.s3.us-west-1.amazonaws.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
cloudfront.net
d2x33it9a58aqn.cloudfront.net d3535lqr6sqxto.cloudfront.net |
124 KB |
| 2 |
amazonaws.com
jboardio.s3-us-west-1.amazonaws.com jboard-tenant.s3.us-west-1.amazonaws.com |
24 KB |
| 1 |
gstatic.com
www.gstatic.com |
202 KB |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
882 B |
| 1 |
blueworkers.org
blueworkers.org |
6 KB |
| 8 | 5 |
| Domain | Requested by | |
|---|---|---|
| 2 | d2x33it9a58aqn.cloudfront.net |
blueworkers.org
|
| 1 | jboard-tenant.s3.us-west-1.amazonaws.com | |
| 1 | jboardio.s3-us-west-1.amazonaws.com |
blueworkers.org
|
| 1 | www.gstatic.com |
www.google.com
|
| 1 | www.google.com |
blueworkers.org
|
| 1 | d3535lqr6sqxto.cloudfront.net |
blueworkers.org
|
| 1 | blueworkers.org | |
| 8 | 7 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.netflix.com |
| jboard.io |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| blueworkers.org R3 |
2024-05-07 - 2024-08-05 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-04-16 - 2024-07-09 |
3 months | crt.sh |
| *.s3-us-west-1.amazonaws.com Amazon RSA 2048 M01 |
2023-11-24 - 2024-11-17 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://blueworkers.org/companies/netflix-2059742
Frame ID: 61BC19FC3661F8FF9B54F5FBB2950AF5
Requests: 8 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
URL: https://www.netflix.com/
Title: netflix.com
Title: netflix.com
Search URL Search Domain Scan URL
URL: https://jboard.io/?utm_medium=referral&utm_source=powered_by_link&utm_campaign=blueworkers.org
Title: JBoard
Title: JBoard
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
netflix-2059742
blueworkers.org/companies/ |
16 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.css
d2x33it9a58aqn.cloudfront.net/css/ |
238 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
eE8B2DfL4wH7b9Fugk70lufBMKL5Sphu2tOJnYtu.png
d3535lqr6sqxto.cloudfront.net/logos/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
api.js
www.google.com/recaptcha/ |
1 KB 882 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
app.js
d2x33it9a58aqn.cloudfront.net/js/ |
250 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ |
506 KB 202 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
netflix.png
jboardio.s3-us-west-1.amazonaws.com/default/employers/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
N6fZCmvwkL5vzwmRs5IOoWRlpnK8oQIFpbQMnfb1.png
jboard-tenant.s3.us-west-1.amazonaws.com/favicons/ |
920 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| $jBoard object| $theme object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| axios function| jQuery function| $ function| onloadRecaptchaCallback object| recaptcha2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| blueworkers.org/ | Name: XSRF-TOKEN Value: eyJpdiI6IjNKTC9NRG9uQ1JzWmpmR0Q2TFBYUHc9PSIsInZhbHVlIjoibGo2NTNDdDJ2NUgzRVJ3Sm1OakpMaW1rdktZS1dUNWxCdGVMR05WMEtHakhPS2U4Q1VIajRaSG5NZGo5UHlHWlkwaFg5N3ZCeDlrSC91eHQzNGFNa0lVU3crNFNNdzRIWkFILzExMi9FaUtQSWZtcElHVkxLUzI2Z1pGUVdUZFEiLCJtYWMiOiI0NjMyZTMzMDI3MWViMjBjM2NmODIxMjEwYjdlM2E3OGRkZmYwOTU5NTc1ZWZjNjE0OWFlZWY0NDQ3YjZkYjFiIn0%3D |
|
| blueworkers.org/ | Name: jboard_tenant_session Value: eyJpdiI6InZvVXBjaVRISmRDdUFYZThzYWg1UEE9PSIsInZhbHVlIjoiZVhWdXJ5azYwK2ZwaHhtQVdBVXBUanFMN1BFNG5LUjduajlpam00SUZ6c2hRbW9ETVhSUVNpSFlPQ1U0M3M3NERLQVdyUTNQbTZ2cS9MdjN6WGhaT1EyY2dPc0V3K1M4NWxkbWRmRlJpSzUvbUkvTmViRkF4SCtiUjZHV2tDRlIiLCJtYWMiOiJjMmZmOGZiZTBjY2I2MjRlYjI3NTdkODNkZDdhOWVkMDQ3MDNjNjFkODk0MzdhNWI4MDFlODJhOTFiOWMwNzZkIn0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blueworkers.org
d2x33it9a58aqn.cloudfront.net
d3535lqr6sqxto.cloudfront.net
jboard-tenant.s3.us-west-1.amazonaws.com
jboardio.s3-us-west-1.amazonaws.com
www.google.com
www.gstatic.com
108.138.34.83
142.250.181.228
18.245.33.69
216.58.206.67
52.219.120.193
52.219.120.249
54.193.184.88
1599dd780f6130947fc05d465ede8c5738c7148de1bbbe5c584fcc0cf8bd5b95
231336ed913a5ebd4445b85486e053caf2b81cab91318241375f3f7a245b6c6b
85d444e0092140372c9c98ab3877315b43d3cf97565f3f99f690e5a58f51543a
8be597581072c921cacaa132d743a865828149fcf77f58ac2b83b88be32188c9
928fd889d06de7620f865510ebb6d5c7f65c2e908271102d2692c4b0897b7a66
c2c979b175857c61ef6d55ebdad06e06d3f0a156e7c9f20a124668cba761bf48
c864becdb21040332e024c57aa3302d9cc3ac7cb2318970166d4b8938debfefa
cf6a8bfcedb4391499570d2463091ea534c1a1905f398777fcbda8d98efefebd