netflixx.devyash.in.eu.org Open in urlscan Pro
76.76.21.164 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://netflixx.devyash.in.eu.org/
Effective URL:
https://netflixx.devyash.in.eu.org/
Submission: On August 05 via api (August 5th 2023, 12:03:53 pm UTC) from US — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 76.76.21.164, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is netflixx.devyash.in.eu.org.
TLS certificate: Issued by R3 on August 3rd 2023. Valid for: 3 months.

This is the only time netflixx.devyash.in.eu.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	76.76.21.164 76.76.21.164	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.106 52.222.139.106	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2491:800:14:41bb:de80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:205... 2600:9000:2057:c00:c:174a:c400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:eb02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
17	6

5 76.76.21.164 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

netflixx.devyash.in.eu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-106.ams50.r.cloudfront.net

mir-s3-cdn-cf.behance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:800:14:41bb:de80:93a1 (United States)

ASN16509 (AMAZON-02, US)

image.tmdb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2057:c00:c:174a:c400:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.themoviedb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb02 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.stickpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	themoviedb.org api.themoviedb.org — Cisco Umbrella Rank: 42890	45 KB
5	eu.org 1 redirects netflixx.devyash.in.eu.org	206 KB
1	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 4853	100 KB
1	stickpng.com assets.stickpng.com — Cisco Umbrella Rank: 171967	18 KB
1	tmdb.org image.tmdb.org — Cisco Umbrella Rank: 20271
1	behance.net mir-s3-cdn-cf.behance.net — Cisco Umbrella Rank: 25433	3 KB
17	6

	Domain	Requested by
9	api.themoviedb.org	netflixx.devyash.in.eu.org
5	netflixx.devyash.in.eu.org	1 redirects netflixx.devyash.in.eu.org
1	assets.nflxext.com	netflixx.devyash.in.eu.org
1	assets.stickpng.com
1	image.tmdb.org
1	mir-s3-cdn-cf.behance.net
17	6

This site contains no links.

Subject Issuer	Validity	Valid
netflixx.devyash.in.eu.org R3	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.behance.net Amazon RSA 2048 M01	`2023-04-23` - `2024-05-21`	a year	crt.sh
*.tmdb.org Amazon RSA 2048 M02	`2023-03-01` - `2023-12-21`	10 months	crt.sh
*.themoviedb.org Amazon RSA 2048 M01	`2023-02-23` - `2023-10-18`	8 months	crt.sh
stickpng.com E1	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2023-07-27` - `2023-08-27`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://netflixx.devyash.in.eu.org/
Frame ID: AF9D7F7DDDDB7D21325F339F8BE94645
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Page URL History Show full URLs

http://netflixx.devyash.in.eu.org/ HTTP 308
https://netflixx.devyash.in.eu.org/ Page URL

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

370 kB
Transfer

877 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://netflixx.devyash.in.eu.org/ HTTP 308
https://netflixx.devyash.in.eu.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
netflixx.devyash.in.eu.org/
Redirect Chain

http://netflixx.devyash.in.eu.org/
https://netflixx.devyash.in.eu.org/

584 B
817 B

31ms
11ms

Document
text/html

76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflixx.devyash.in.eu.org/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

adb766638881e7ce0665645ff0ea3fde2fa88d30d3beb1dbb8c2c55984dfc41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 151663
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-length: 584
content-type: text/html; charset=utf-8
date: Sat, 05 Aug 2023 12:03:46 GMT
etag: "ae220debbc49ec14eb5d4afacde681b9"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::49r5p-1691237026633-8837d630489b

Redirect headers

Content-Type: text/plain
Location: https://netflixx.devyash.in.eu.org/
Refresh: 0;url=https://netflixx.devyash.in.eu.org/
server: Vercel

GET
H2 200 main.f5a5af6a.js Show response
netflixx.devyash.in.eu.org/static/js/ 623 KB
184 KB 10ms
10ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js

Requested by

Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

055e10add5aec8411fb4e1bde0b3408905ad2808468cf1aff4ef84adcc87b1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::49r5p-1691237026648-d1706656ffbb
age: 58684
etag: W/"ba3c8fbae821c59c639d7d92b02f3d59"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.f5a5af6a.js"

GET
H2 200 main.4a7ea929.css
netflixx.devyash.in.eu.org/static/css/ 11 KB
3 KB 16ms
16ms Stylesheet
text/css 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflixx.devyash.in.eu.org/static/css/main.4a7ea929.css

Requested by

Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7e71ae8e16522d4203e488db7347204658efb6981097628296a2efe132db9cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::zfnqv-1691237026648-a4847f516c82
age: 151663
etag: W/"f0c6a45d4fe9dc925c2d1f51e48ae038"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.4a7ea929.css"

GET
H2 200 netflix.774e8c1632ac9433608b.png
netflixx.devyash.in.eu.org/static/media/ 17 KB
17 KB 12ms
11ms Image
image/png 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixx.devyash.in.eu.org/static/media/netflix.774e8c1632ac9433608b.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

218bc2b47bb718e6c65206f46f0c9791edcfdf5ccff6e6abcecb7637be7cf33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::52kmx-1691237026764-9a91622c1604
age: 151662
etag: "a1f673e7df715f16dae49f4874009082"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="netflix.774e8c1632ac9433608b.png"
accept-ranges: bytes
content-length: 17322

GET
H2 200 1bdc9a33850498.56ba69ac2ba5b.png
mir-s3-cdn-cf.behance.net/project_modules/disp/ 2 KB
3 KB 90ms
24ms Image
image/png 52.222.139.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mir-s3-cdn-cf.behance.net/project_modules/disp/1bdc9a33850498.56ba69ac2ba5b.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-106.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14aaeb419910909e8a008c02c574f87836e67a487e4f50c82796d54e579b6d6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 09:10:51 GMT
x-amz-version-id: o318Ry3n23meDiUOtCOFXGyuvMCyFIl2
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2016 22:35:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 96776
etag: "33db09513083d86358fe59ad8f888de0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2628000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2477
x-amz-cf-id: KCK21FyQdFhxUvtYV7_VVAwkA3CtnIIhrkJVIv5bLgxvvMLB4eAJGg==

GET
H2 404 undefined
image.tmdb.org/t/p/original/ 0
0 52ms
8ms Image
text/html 2600:9000:2491:800:14:41bb:de80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.tmdb.org/t/p/original/undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:800:14:41bb:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H2 200 tv Show response
api.themoviedb.org/3/discover/ 11 KB
5 KB 161ms
106ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/tv?api_key=2f620a578bad9938a47556bdc8d61a21&with_networks=213
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 928b9e11f4d4f0fb76598f1b7699d7048c0c797a3f7832da7c86a5effab08864

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: o9vydBd5obKWmHEOIr6XdhpggbGHX05-PC-01o8T8_WfquL22rL75w==

GET
H2 200 tv Show response
api.themoviedb.org/3/discover/ 11 KB
5 KB 162ms
107ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/tv?api_key=2f620a578bad9938a47556bdc8d61a21&with_networks=213
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 928b9e11f4d4f0fb76598f1b7699d7048c0c797a3f7832da7c86a5effab08864

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: YUJzd1tchEk7Q59yXq2k7x6SLdHIDR2HHPUIGfaVZREJUJ_ZfyegEw==

GET
H2 200 week Show response
api.themoviedb.org/3/trending/all/ 13 KB
6 KB 163ms
109ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/trending/all/week?api_key=2f620a578bad9938a47556bdc8d61a21&language=en-US
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 67adf947364a070b7113291ecdffdd19ab95e8780af7ad646bbd33cc8f3a955c

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
server: openresty
x-memc: HIT
etag: W/"67adf947364a070b7113291ecdffdd19"
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
x-memc-key: e6865c0cc44dd6a6f2697c7f67dfc1ac
x-memc-expires: 270
x-amz-cf-id: HongAywXgizN9XCVFdAgWSwzNTjOepQJaVXx-plgfqjbvuzu946rIg==
x-memc-age: 330

GET
H2 200 top_rated Show response
api.themoviedb.org/3/movie/ 12 KB
5 KB 66ms
12ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/movie/top_rated?api_key=2f620a578bad9938a47556bdc8d61a21&language=en-US
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 83da5c6a724bb05ed80199e8036ecfc02090fb93642527888ac9f71644e247b9

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 11:39:01 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
age: 1485
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=21600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HXNrMH1ap5pn1OIsc9JbOlgO6BstuRxoR1kJeXM9cb9baUbfgoTuvg==

GET
H2 200 movie Show response
api.themoviedb.org/3/discover/ 13 KB
5 KB 161ms
108ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/movie?api_key=2f620a578bad9938a47556bdc8d61a21&with_genres=28
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: e3e76cd849566727cd7c7bd649c97dbb3afe312cf118a215931c1caa9a91c3db

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: GE5VeQHqAVvnthsBCEHf2fn9hHZQu9PT9FH1ebu1o_iZbB6WndodAg==

GET
H2 200 movie Show response
api.themoviedb.org/3/discover/ 12 KB
5 KB 281ms
229ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/movie?api_key=2f620a578bad9938a47556bdc8d61a21&with_genres=35
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 2d1098d28b85d2f857161b49c907e69a39d30b6b7d2384be22e19d10826026fb

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:47 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iDBFRdOAuLrfKdHvrXUd8G7m-EABF1ufHxK0eXCj8ZG4St_oW5mjeg==

GET
H2 200 movie Show response
api.themoviedb.org/3/discover/ 12 KB
5 KB 220ms
168ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/movie?api_key=2f620a578bad9938a47556bdc8d61a21&with_genres=27
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 9750f97bb660dc17ad485890e60c077339af4d611f58ae696f8c18f233ac03b0

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: c3zHGSYukdGGuH0OW32MxBGX923V0gvAppMa56CpZ5mxMO2EBvOlFQ==

GET
H2 200 movie Show response
api.themoviedb.org/3/discover/ 12 KB
5 KB 284ms
232ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/movie?api_key=2f620a578bad9938a47556bdc8d61a21&with_genres=10749
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 799983fa7a8bae3bc370f8f35a3a192f6754da4785f62797430ac590d96960a0

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:47 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dBzfchFZLdPhn6oc-CexMM8Q84CPXPAcXYA4-wcGW1ecB0zHzWubLg==

GET
H2 200 movie Show response
api.themoviedb.org/3/discover/ 12 KB
5 KB 218ms
166ms XHR
application/json 2600:9000:2057:c00:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/discover/movie?api_key=2f620a578bad9938a47556bdc8d61a21&with_genres=99
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/js/main.f5a5af6a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c00:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: d7c231df07f0aea8588e8eed81a02391a1147586271141abf7ff0e5ae8cd37f4

Request headers

Accept: application/json, text/plain, */*
Referer: https://netflixx.devyash.in.eu.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
content-encoding: br
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Zc9o3BTMt43UgywfIihgkjCVcvQIWLhNKcMxdYCwSfASKfo_iFqEWg==

GET
H2 200 580b57fcd9996e24bc43c529.png
assets.stickpng.com/images/ 17 KB
18 KB 55ms
16ms Image
image/png 2606:4700:3038::6815:eb02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.stickpng.com/images/580b57fcd9996e24bc43c529.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eb02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 218bc2b47bb718e6c65206f46f0c9791edcfdf5ccff6e6abcecb7637be7cf33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 12:03:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YJ69NQ61GJRGQV77
age: 4031
alt-svc: h3=":443"; ma=86400
content-length: 17322
x-amz-id-2: fHO92pibJkmvdrBeqASefXbfVOfhxZiL13sjcdWdchENU8X+LNbxqF4PwnGO0tePtJowBknnwFc=
last-modified: Sat, 22 Oct 2016 12:38:23 GMT
server: cloudflare
etag: "a1f673e7df715f16dae49f4874009082"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLCQaRSx0XkZCAl4LPHjHQggDxQ4hT9C12JMLtrNSyvhh9cXL6YhjamvcTv7dGmLK6tVy2DUPuFn9uXSbs4arkq%2FnsGjHDTavnFkFF1yORQorKWs0qdGO6nBxrdYcHIs1HxXRL48COhPnje5od2OUBdt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f1ee619985c362b-FRA

GET
H/1.1 200
OK IN-en-20230417-popsignuptwoweeks-perspective_alpha_website_small.jpg
assets.nflxext.com/ffe/siteui/vlv3/efb4855d-e702-43e5-9997-bba0154152e0/42f6dd08-d478-46e4-a4a8-e3a93aa7e085/ 99 KB
100 KB 68ms
20ms Image
image/jpeg 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/efb4855d-e702-43e5-9997-bba0154152e0/42f6dd08-d478-46e4-a4a8-e3a93aa7e085/IN-en-20230417-popsignuptwoweeks-perspective_alpha_website_small.jpg
Requested by: Host: netflixx.devyash.in.eu.org
URL: https://netflixx.devyash.in.eu.org/static/css/main.4a7ea929.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 474fc6998bddbf0989041d146149ff5d9ba22c6bf64b45af7f4cc486a77e97a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixx.devyash.in.eu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sat, 05 Aug 2023 12:03:46 GMT
Last-Modified: Wed, 19 Apr 2023 13:45:46 GMT
Server: nginx
Content-MD5: 6mneI0Lv5suX+o+LSHvAbA==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101797
Expires: Sat, 12 Aug 2023 12:03:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunknetflix

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://image.tmdb.org/t/p/original/undefined Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.themoviedb.org
assets.nflxext.com
assets.stickpng.com
image.tmdb.org
mir-s3-cdn-cf.behance.net
netflixx.devyash.in.eu.org
2600:9000:2057:c00:c:174a:c400:93a1
2600:9000:2491:800:14:41bb:de80:93a1
2606:4700:3038::6815:eb02
2a00:86c0:2090::1
52.222.139.106
76.76.21.164
055e10add5aec8411fb4e1bde0b3408905ad2808468cf1aff4ef84adcc87b1b8
14aaeb419910909e8a008c02c574f87836e67a487e4f50c82796d54e579b6d6d
218bc2b47bb718e6c65206f46f0c9791edcfdf5ccff6e6abcecb7637be7cf33b
2d1098d28b85d2f857161b49c907e69a39d30b6b7d2384be22e19d10826026fb
474fc6998bddbf0989041d146149ff5d9ba22c6bf64b45af7f4cc486a77e97a0
67adf947364a070b7113291ecdffdd19ab95e8780af7ad646bbd33cc8f3a955c
799983fa7a8bae3bc370f8f35a3a192f6754da4785f62797430ac590d96960a0
7e71ae8e16522d4203e488db7347204658efb6981097628296a2efe132db9cac
83da5c6a724bb05ed80199e8036ecfc02090fb93642527888ac9f71644e247b9
928b9e11f4d4f0fb76598f1b7699d7048c0c797a3f7832da7c86a5effab08864
9750f97bb660dc17ad485890e60c077339af4d611f58ae696f8c18f233ac03b0
adb766638881e7ce0665645ff0ea3fde2fa88d30d3beb1dbb8c2c55984dfc41f
d7c231df07f0aea8588e8eed81a02391a1147586271141abf7ff0e5ae8cd37f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e76cd849566727cd7c7bd649c97dbb3afe312cf118a215931c1caa9a91c3db

netflixx.devyash.in.eu.org Open in urlscan Pro 76.76.21.164 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

370 kBTransfer

877 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

netflixx.devyash.in.eu.org Open in urlscan Pro
76.76.21.164 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

370 kB
Transfer

877 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!