netflix-mern-frontend.vercel.app

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 76.76.21.22, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is netflix-mern-frontend.vercel.app.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.

This is the only time netflix-mern-frontend.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address		AS Autonomous System
5	76.76.21.22 76.76.21.22		16509 (AMAZON-02) (AMAZON-02)
5	1

5 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

netflix-mern-frontend.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	vercel.app netflix-mern-frontend.vercel.app	652 KB
5	1

	Domain	Requested by
5	netflix-mern-frontend.vercel.app	netflix-mern-frontend.vercel.app
5	1

This site contains no links.

Subject Issuer	Validity	Valid
*.vercel.app R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://netflix-mern-frontend.vercel.app/login
Frame ID: 30A7A86F1700D8A2A405B7AB64A0AA08
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix-React

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

652 kB
Transfer

970 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
netflix-mern-frontend.vercel.app/ 648 B
900 B 96ms
33ms Document
text/html 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-mern-frontend.vercel.app/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5d8caadec1d1cc9f6097479cd8919e070bd536098e1d6047ea00025dc882136e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 107719
cache-control: s-maxage=0
content-disposition: inline; filename="index.html"
content-length: 648
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 01:36:35 GMT
etag: "ee0b33254bb422b3dc5c12f5db255f02"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: fra1::rdbpk-1698629795228-b4a5bdb3a776

GET
H2 200 main.cc7b7b4f.js Show response
netflix-mern-frontend.vercel.app/static/js/ 450 KB
132 KB 27ms
27ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-mern-frontend.vercel.app/static/js/main.cc7b7b4f.js

Requested by

Host: netflix-mern-frontend.vercel.app
URL: https://netflix-mern-frontend.vercel.app/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

179725bd98f0b1bfbdfafe9f1865cd38578dcc1044aa0fcbaf3b43265bc567b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-mern-frontend.vercel.app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:36:35 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::rdbpk-1698629795266-094d3f960f83
age: 107790
etag: W/"c42ebc07a5de0b91b74e50f122a6181c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.cc7b7b4f.js"

GET
H2 200 main.f779e001.css
netflix-mern-frontend.vercel.app/static/css/ 551 B
705 B 50ms
49ms Stylesheet
text/css 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-mern-frontend.vercel.app/static/css/main.f779e001.css

Requested by

Host: netflix-mern-frontend.vercel.app
URL: https://netflix-mern-frontend.vercel.app/login

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

03d947af5493e0230190abd56c45f03731967b307687b74e4b9dad95ac357a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-mern-frontend.vercel.app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:36:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::89gdt-1698629795266-658c08d2bc35
age: 107791
etag: "86d6353f4ed85efc5db8db0127f3cf35"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.f779e001.css"
accept-ranges: bytes
content-length: 551

GET
H2 200 login.08de858350c54c61e554.jpg
netflix-mern-frontend.vercel.app/static/media/ 502 KB
503 KB 34ms
33ms Image
image/jpeg 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflix-mern-frontend.vercel.app/static/media/login.08de858350c54c61e554.jpg

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ce59d7fea9020adad1f73b792af00d6b65ab4713ab82f3e0c6309a4804435124

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-mern-frontend.vercel.app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:36:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::pvgvr-1698629795395-dc70d82490a0
age: 107785
etag: "9fa1b41a04c4a671027edd7b452c8bba"
x-vercel-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="login.08de858350c54c61e554.jpg"
accept-ranges: bytes
content-length: 514392

GET
H2 200 logo.f4070143e1f521da82a1.png
netflix-mern-frontend.vercel.app/static/media/ 16 KB
16 KB 26ms
26ms Image
image/png 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflix-mern-frontend.vercel.app/static/media/logo.f4070143e1f521da82a1.png

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

131556b654ab66a0d9a394a2c251cc2d852d7aeca75b562d9788b778b95440f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-mern-frontend.vercel.app/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 01:36:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::tgl6w-1698629795395-0bbf0019af7b
age: 107790
etag: "8562b6565f5ae1db5e4af40d85b4ed2d"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="logo.f4070143e1f521da82a1.png"
accept-ranges: bytes
content-length: 16470

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

netflix-mern-frontend.vercel.app
76.76.21.22
03d947af5493e0230190abd56c45f03731967b307687b74e4b9dad95ac357a7d
131556b654ab66a0d9a394a2c251cc2d852d7aeca75b562d9788b778b95440f5
179725bd98f0b1bfbdfafe9f1865cd38578dcc1044aa0fcbaf3b43265bc567b0
5d8caadec1d1cc9f6097479cd8919e070bd536098e1d6047ea00025dc882136e
ce59d7fea9020adad1f73b792af00d6b65ab4713ab82f3e0c6309a4804435124

netflix-mern-frontend.vercel.app Open in urlscan Pro 76.76.21.22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

652 kBTransfer

970 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

netflix-mern-frontend.vercel.app Open in urlscan Pro
76.76.21.22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

652 kB
Transfer

970 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!