dasw-final.herokuapp.com Open in urlscan Pro
52.1.26.16  Malicious Activity! Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request NetflixLogin.html Show response dasw-final.herokuapp.com/HTML/	19 KB 20 KB	520ms 200ms	Document text/html	52.1.26.16 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.26.16 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-26-16.compute-1.amazonaws.com Software Cowboy / Express Resource Hash 5e5bc2f4bfca26125a266a0ef3a5ae37e95f64fec6d7a1f00b19718b4e543f8c Request headers Host dasw-final.herokuapp.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server Cowboy Connection keep-alive X-Powered-By Express Access-Control-Allow-Origin * Accept-Ranges bytes Cache-Control public, max-age=0 Last-Modified Wed, 13 May 2020 22:37:38 GMT Etag W/"4ca3-172102fa750" Content-Type text/html; charset=UTF-8 Content-Length 19619 Date Thu, 14 May 2020 00:18:03 GMT Via 1.1 vegur
GET H/1.1	200 OK	none Show response codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v405e4bb1/js/js/bootstrap.js,common%7Cbootstrap.js/2/4P034n4m4a05464w4O070p004Q4r4p4I4d4x4k4A0b024L14/bck/true/	9 KB 4 KB	677ms 656ms	Script application/javascript	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v405e4bb1/js/js/bootstrap.js,common%7Cbootstrap.js/2/4P034n4m4a05464w4O070p004Q4r4p4I4d4x4k4A0b024L14/bck/true/none Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 50653ffe086283c85dfee7bdded3d953ac8aafb85538b747ffd38633fe1aa85d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 14 May 2020 00:18:04 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id df68ad49-b5e3-448a-8635-eb5a0d8d6130 Connection keep-alive Timing-Allow-Origin https://www.netflix.com Content-Length 3628 Expires Sat, 07 Nov 2020 16:01:55 GMT
GET H/1.1	200 OK	none Show response codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v405e4bb1/js/js/components%7Clogin%7CloginControllerClient.js/2/4P034n4m4a05464w4O070p004Q4r4p4I4d4x4k4A0b024L14/l/true/	846 KB 257 KB	33ms 5ms	Script application/javascript	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-js-v405e4bb1/js/js/components%7Clogin%7CloginControllerClient.js/2/4P034n4m4a05464w4O070p004Q4r4p4I4d4x4k4A0b024L14/l/true/none Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash e7c3381830966e54ad1c8b7ef72bb0e66e78f1a6263ac8244440eb12d1856d6d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 14 May 2020 00:18:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id 82e462aa-1e7f-48d6-b984-5d255be29b25 Connection keep-alive Timing-Allow-Origin https://www.netflix.com Content-Length 263016 Expires Sun, 15 Nov 2020 23:00:12 GMT
GET		WebsiteDetect www.netflix.com/personalization/cl2/freeform/	0 0
GET H/1.1	200 OK	none codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v405e4bb1/css/css/less%7Ccore%7Cerror-page.less/1/CvFxN3wp9EKM/none/true/	20 KB 5 KB	25ms 5ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v405e4bb1/css/css/less%7Ccore%7Cerror-page.less/1/CvFxN3wp9EKM/none/true/none Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash c92decd92a0491b9fdc651bd8a19b3ddc80dd869d507834aaaf7568b2a8f56db Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 14 May 2020 00:18:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Content-Type text/css; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id cf76639f-0679-49e6-b3a0-6f03e427c7b3 Connection keep-alive Timing-Allow-Origin https://www.netflix.com Content-Length 4743 Expires Mon, 16 Nov 2020 00:01:03 GMT
GET H/1.1	200 OK	none codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v405e4bb1/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/CvFxN3wp9EKM/none/true/	160 KB 25 KB	25ms 6ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v405e4bb1/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/CvFxN3wp9EKM/none/true/none Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash d22aba1c96f027aa9ce3cc366dae2864f0fb57a98b6b41ffeb58ed4fb5c7d343 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 14 May 2020 00:18:03 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server nginx Content-Type text/css; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=16070400 req_id 68ae68bb-0736-475e-b5df-f523708369d8 Connection keep-alive Timing-Allow-Origin https://www.netflix.com Content-Length 24994 Expires Mon, 16 Nov 2020 00:03:13 GMT
GET H/1.1	200 OK	MX-en-20200302-popsignuptwoweeks-perspective_alpha_website_large.jpg assets.nflxext.com/ffe/siteui/vlv3/3b48f428-24ed-4692-bb04-bc7771854131/58f8f09c-4a79-44b4-9375-d2cdfd8a333e/	350 KB 350 KB	483ms 464ms	Image image/jpeg	2a00:86c0:2091::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/vlv3/3b48f428-24ed-4692-bb04-bc7771854131/58f8f09c-4a79-44b4-9375-d2cdfd8a333e/MX-en-20200302-popsignuptwoweeks-perspective_alpha_website_large.jpg Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 89dfecb27fa9a9fa2b847723adbb804048f80e5995ff98d013f359196b1c64ea Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 14 May 2020 00:18:04 GMT Last-Modified Wed, 04 Mar 2020 18:54:58 GMT Server nginx Content-MD5 O/L7+zrTQQvQHBIsC6WwmA== Content-Type image/jpeg Cache-Control public, max-age=6752 Connection keep-alive Accept-Ranges bytes Content-Length 358580 Expires Thu, 14 May 2020 02:10:36 GMT
GET H2	200	facebook-messenger-logo-icon-facebook-picture-thumbnail.jpg p7.hiclipart.com/preview/282/704/972/	4 KB 5 KB	31ms 12ms	Image image/jpeg	2606:4700:3037::681f:4461 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://p7.hiclipart.com/preview/282/704/972/facebook-messenger-logo-icon-facebook-picture-thumbnail.jpg Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::681f:4461 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6a1a532d4770e560b1de931aaaeff815653f9ffaa5c9882dcd3cbc3717b6135 Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 14 May 2020 00:18:03 GMT cf-cache-status HIT age 9471291 status 200 content-length 4210 cf-request-id 02b224b24800001f15539a3200000001 last-modified Mon, 04 Mar 2019 09:41:16 GMT server cloudflare etag "5c7cf2bc-1072" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 19 Jan 2021 09:23:12 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 59307096df801f15-FRA cf-bgj csam-hash
GET		jquery.min.js ajax.googleapis.com/ajax/libs/jquery/1.7.1/	0 0
GET H/1.1	200 OK	nf-icon-v1-93.woff assets.nflxext.com/ffe/siteui/fonts/	72 KB 72 KB	19ms 6ms	Font font/woff	2a00:86c0:2091::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2091::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/0.0.1-shakti-css-v405e4bb1/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/CvFxN3wp9EKM/none/true/none Origin https://dasw-final.herokuapp.com Response headers Date Thu, 14 May 2020 00:18:04 GMT Last-Modified Mon, 29 Jan 2018 01:50:51 GMT Server nginx Content-MD5 fPYVbMSBJEtaJUNi17c/AA== Content-Type font/woff Access-Control-Allow-Origin * Cache-Control public, max-age=13767383 Connection keep-alive Accept-Ranges bytes Content-Length 73572 Expires Wed, 15 Apr 2020 20:00:00 GMT
PATCH H/1.1	404 Not Found	NetflixLogin.html Show response dasw-final.herokuapp.com/HTML/	163 B 476 B	109ms 109ms	XHR text/html	52.1.26.16 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Requested by Host: dasw-final.herokuapp.com URL: https://dasw-final.herokuapp.com/HTML/NetflixLogin.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.1.26.16 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-1-26-16.compute-1.amazonaws.com Software Cowboy / Express Resource Hash fd540f9a5e77b6b561bdc2d08cfb2ca72bcab5eaba99c3416bf78938adcf8f2f Security Headers Name Value Content-Security-Policy default-src 'none' X-Content-Type-Options nosniff Request headers Referer https://dasw-final.herokuapp.com/HTML/NetflixLogin.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Security-Policy default-src 'none' Via 1.1 vegur X-Content-Type-Options nosniff Server Cowboy X-Powered-By Express Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Date Thu, 14 May 2020 00:18:05 GMT Connection keep-alive Content-Length 163

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.netflix.com

URL

https://www.netflix.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login

Domain

ajax.googleapis.com

URL

http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| loginBTN

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.nflxext.com
codex.nflxext.com
dasw-final.herokuapp.com
p7.hiclipart.com
www.netflix.com
ajax.googleapis.com
www.netflix.com
2606:4700:3037::681f:4461
2a00:86c0:2090::1
2a00:86c0:2091::1
52.1.26.16
50653ffe086283c85dfee7bdded3d953ac8aafb85538b747ffd38633fe1aa85d
5e5bc2f4bfca26125a266a0ef3a5ae37e95f64fec6d7a1f00b19718b4e543f8c
89dfecb27fa9a9fa2b847723adbb804048f80e5995ff98d013f359196b1c64ea
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
c92decd92a0491b9fdc651bd8a19b3ddc80dd869d507834aaaf7568b2a8f56db
d22aba1c96f027aa9ce3cc366dae2864f0fb57a98b6b41ffeb58ed4fb5c7d343
d6a1a532d4770e560b1de931aaaeff815653f9ffaa5c9882dcd3cbc3717b6135
e7c3381830966e54ad1c8b7ef72bb0e66e78f1a6263ac8244440eb12d1856d6d
fd540f9a5e77b6b561bdc2d08cfb2ca72bcab5eaba99c3416bf78938adcf8f2f