www.up-netflix.info Open in urlscan Pro
87.120.127.15 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.up-netflix.info/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2024, 3:06:00 pm UTC) — Scanned from IT

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 87.120.127.15, located in Bulgaria and belongs to EKABI, US. The main domain is www.up-netflix.info.
TLS certificate: Issued by R10 on October 12th 2024. Valid for: 3 months.

This is the only time www.up-netflix.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
10	87.120.127.15 87.120.127.15	401115 (EKABI) (EKABI)
2 5	104.17.245.203 104.17.245.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

10 87.120.127.15 (Bulgaria)

ASN401115 (EKABI, US)

www.up-netflix.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.245.203 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	up-netflix.info www.up-netflix.info	556 KB
5	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 797	660 KB
13	2

	Domain	Requested by
10	www.up-netflix.info	unpkg.com www.up-netflix.info
5	unpkg.com	2 redirects www.up-netflix.info
13	2

This site contains no links.

Subject Issuer	Validity	Valid
up-netflix.info R10	`2024-10-12` - `2025-01-10`	3 months	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.up-netflix.info/
Frame ID: FB15157D244C3B28630A268683079395
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1216 kB
Transfer

2418 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://unpkg.com/react@17/umd/react.development.js HTTP 302
https://unpkg.com/react@17.0.2/umd/react.development.js

Request Chain 1

https://unpkg.com/react-dom@17/umd/react-dom.development.js HTTP 302
https://unpkg.com/react-dom@17.0.2/umd/react-dom.development.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.up-netflix.info/ 4 KB
2 KB 644ms
74ms Document
text/html 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-netflix.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PHP/8.3.12 PleskLin
Resource Hash: 1ef2a7c919179098a2d50a9f37502ff098a030caa0f0e0c6864ab0c2f11c5bdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 1687
content-type: text/html; charset=UTF-8
date: Mon, 14 Oct 2024 15:05:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/8.3.12 PleskLin

GET
H2

200

react.development.js Show response
unpkg.com/react@17.0.2/umd/
Redirect Chain

https://unpkg.com/react@17/umd/react.development.js
https://unpkg.com/react@17.0.2/umd/react.development.js

103 KB
39 KB

80ms
79ms

Script
application/javascript

104.17.245.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react@17.0.2/umd/react.development.js

Requested by

Host: www.up-netflix.info
URL: https://www.up-netflix.info/

Protocol

Server

104.17.245.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428424bc51edcf9a0239c976a06951a343674afe62002f2b32d1140f1df5c024

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "19a88-MYEIbVozw4lR0q9DKcqGBVx9vkE"
age: 19325147
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 15:05:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HR5V459VDT5J6GM016MTFQ9Y-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d2878505def0d59-MXP
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /react@17.0.2/umd/react.development.js
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d2878359b1d0d59-MXP
access-control-allow-origin: *
date: Mon, 14 Oct 2024 15:05:51 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JA5S0QD94J87YVQNRX9W6DYE-fra
server: cloudflare

GET
H2

200

react-dom.development.js Show response
unpkg.com/react-dom@17.0.2/umd/
Redirect Chain

https://unpkg.com/react-dom@17/umd/react-dom.development.js
https://unpkg.com/react-dom@17.0.2/umd/react-dom.development.js

918 KB
317 KB

487ms
487ms

Script
application/javascript

104.17.245.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/react-dom@17.0.2/umd/react-dom.development.js

Requested by

Host: www.up-netflix.info
URL: https://www.up-netflix.info/

Protocol

Server

104.17.245.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b15115bcef52d1e23f6de6267bc7d96278b966c53e17b2624a51279a2dedf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "e583d-44V8vCIQ0txOYaenWQQhKwnDgoM"
age: 19330938
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 15:05:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HR5NK8DGX9W2XQQPPATKJKKH-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d2878360bc90d59-MXP
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /react-dom@17.0.2/umd/react-dom.development.js
content-encoding: br
cf-cache-status: HIT
age: 34
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8d2878359b1c0d59-MXP
access-control-allow-origin: *
date: Mon, 14 Oct 2024 15:05:47 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JA5RZNBS09TYFD6VGE6MK3FV-cdg
server: cloudflare

GET
H2 200 babel.min.js Show response
unpkg.com/babel-standalone@6.26.0/ 773 KB
304 KB 880ms
80ms Script
application/javascript 104.17.245.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/babel-standalone@6.26.0/babel.min.js

Requested by

Host: www.up-netflix.info
URL: https://www.up-netflix.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.245.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16264c935ce04deba3cdfffebe899664667daf4d3ec671af3a05e88f4268d630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.up-netflix.info
Referer: https://www.up-netflix.info/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "c12c4-ThTJ4pzCBas4tpOaoNlcmxq256I"
age: 19335106
x-content-type-options: nosniff
date: Mon, 14 Oct 2024 15:05:47 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Aug 2017 16:20:24 GMT
fly-request-id: 01HR5HM42V437QHM12QY5KZZD8-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d2878359b170d59-MXP
access-control-allow-origin: *
server: cloudflare

GET
H2 200 main.js Show response
www.up-netflix.info/assets/ 77 KB
11 KB 223ms
220ms XHR
text/javascript 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-netflix.info/assets/main.js
Requested by: Host: unpkg.com
URL: https://unpkg.com/babel-standalone@6.26.0/babel.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b754f1be8f48db66dc6f630971d907d90e12127d7fd433dbcb5c6fb66ff11d29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

content-encoding: br
date: Mon, 14 Oct 2024 15:05:51 GMT
etag: W/"6703d709-1335f"
content-type: text/javascript
last-modified: Mon, 07 Oct 2024 12:41:45 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 fav.ico
www.up-netflix.info/assets/ 66 KB
66 KB 160ms
157ms Other
image/vnd.microsoft.icon 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-netflix.info/assets/fav.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5a6841e0564158a9554ef7b1ca8a326a8550ad88673732c180e1b768dbe23652

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

etag: "66ec2879-1083e"
accept-ranges: bytes
content-length: 67646
date: Mon, 14 Oct 2024 15:05:51 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
x-powered-by: PleskLin

POST
H2 200 caca.php
www.up-netflix.info/ 700 B
0 490ms
445ms Fetch
text/html 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-netflix.info/caca.php
Requested by: Host: www.up-netflix.info
URL: https://www.up-netflix.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PHP/8.3.12, PleskLin
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.up-netflix.info/

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
pragma: no-cache
expires: Thu, 19 Nov 1981 08:52:00 GMT
content-length: 457
date: Mon, 14 Oct 2024 15:05:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.3.12, PleskLin
server: nginx
vary: Accept-Encoding

GET
H2 200 load.css
www.up-netflix.info/assets/ 303 B
401 B 80ms
51ms Stylesheet
text/css 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-netflix.info/assets/load.css
Requested by: Host: unpkg.com
URL: https://unpkg.com/react-dom@17/umd/react-dom.development.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 317f642e515b1c367d4b88887f67db9ead83e0e104520e2eadc472c6b00c9e44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

x-powered-by: PleskLin
content-encoding: gzip
etag: "12f-62278fc905040-gzip"
x-accel-version: 0.01
accept-ranges: bytes
content-length: 194
date: Mon, 14 Oct 2024 15:05:52 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 ngif.gif
www.up-netflix.info/assets/img/ 151 KB
151 KB 105ms
77ms Image
image/gif 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.up-netflix.info/assets/img/ngif.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dfd878f305680feacdcc4b078ef212a65a92b26f89bf4925fd664eff1e49f47d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

etag: "66ec2879-25a67"
accept-ranges: bytes
content-length: 154215
date: Mon, 14 Oct 2024 15:05:52 GMT
content-type: image/gif
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 login.css
www.up-netflix.info/assets/ 3 KB
900 B 104ms
103ms Stylesheet
text/css 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to

Full URL: https://www.up-netflix.info/assets/login.css
Requested by: Host: unpkg.com
URL: https://unpkg.com/react-dom@17/umd/react-dom.development.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0efb120969d0469829165e1dc2290b90864401562cc91e9a987151a0465a1646

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

content-encoding: br
date: Mon, 14 Oct 2024 15:05:53 GMT
etag: W/"66ec2879-a7b"
content-type: text/css
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 logo.svg
www.up-netflix.info/assets/img/ 1 KB
1 KB 106ms
106ms Image
image/svg+xml 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.up-netflix.info/assets/img/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

etag: "66ec2879-45e"
accept-ranges: bytes
content-length: 1118
date: Mon, 14 Oct 2024 15:05:53 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 fb.png
www.up-netflix.info/assets/img/ 1 KB
2 KB 99ms
99ms Image
image/png 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.up-netflix.info/assets/img/fb.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/

Response headers

etag: "66ec2879-5af"
accept-ranges: bytes
content-length: 1455
date: Mon, 14 Oct 2024 15:05:53 GMT
content-type: image/png
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 back.jpg
www.up-netflix.info/assets/img/ 322 KB
322 KB 82ms
80ms Image
image/jpeg 87.120.127.15
EKABI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.up-netflix.info/assets/img/back.jpg
Requested by: Host: www.up-netflix.info
URL: https://www.up-netflix.info/assets/login.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.120.127.15 , Bulgaria, ASN401115 (EKABI, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5112587a097996eace609b27acbb2e3dc8a0d41e06613746c8e1c64e4fd4aae1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.up-netflix.info/assets/login.css

Response headers

etag: "66ec2879-50629"
accept-ranges: bytes
content-length: 329257
date: Mon, 14 Oct 2024 15:05:53 GMT
content-type: image/jpeg
last-modified: Thu, 19 Sep 2024 13:34:49 GMT
server: nginx
x-powered-by: PleskLin

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.up-netflix.info/	1969-12-31 23:59:59	Name: netflix Value: 59kdj677s9vj7ri2cd2rc8elam

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.up-netflix.info/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

unpkg.com
www.up-netflix.info
104.17.245.203
87.120.127.15
0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92
0efb120969d0469829165e1dc2290b90864401562cc91e9a987151a0465a1646
16264c935ce04deba3cdfffebe899664667daf4d3ec671af3a05e88f4268d630
1ef2a7c919179098a2d50a9f37502ff098a030caa0f0e0c6864ab0c2f11c5bdb
317f642e515b1c367d4b88887f67db9ead83e0e104520e2eadc472c6b00c9e44
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
428424bc51edcf9a0239c976a06951a343674afe62002f2b32d1140f1df5c024
4b15115bcef52d1e23f6de6267bc7d96278b966c53e17b2624a51279a2dedf01
5112587a097996eace609b27acbb2e3dc8a0d41e06613746c8e1c64e4fd4aae1
5a6841e0564158a9554ef7b1ca8a326a8550ad88673732c180e1b768dbe23652
b754f1be8f48db66dc6f630971d907d90e12127d7fd433dbcb5c6fb66ff11d29
dfd878f305680feacdcc4b078ef212a65a92b26f89bf4925fd664eff1e49f47d

www.up-netflix.info Open in urlscan Pro 87.120.127.15 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

85 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1216 kBTransfer

2418 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

www.up-netflix.info Open in urlscan Pro
87.120.127.15 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1216 kB
Transfer

2418 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!