netflix-firebase--netflix-clone-32386.us-central1.hosted.app

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 35.219.200.25, located in United States and belongs to GOOGLE-2, US. The main domain is netflix-firebase--netflix-clone-32386.us-central1.hosted.app.
TLS certificate: Issued by WR3 on June 11th 2024. Valid for: 3 months.

This is the only time netflix-firebase--netflix-clone-32386.us-central1.hosted.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	35.219.200.25 35.219.200.25	19527 (GOOGLE-2) (GOOGLE-2)
1	2600:9000:250... 2600:9000:250b:3c00:9:2939:6700:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2

3 35.219.200.25 (United States)

ASN19527 (GOOGLE-2, US)
PTR: 25.200.219.35.bc.googleusercontent.com

netflix-firebase--netflix-clone-32386.us-central1.hosted.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:250b:3c00:9:2939:6700:93a1 (United States)

ASN16509 (AMAZON-02, US)

wpassets.brainstation.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	hosted.app netflix-firebase--netflix-clone-32386.us-central1.hosted.app	879 KB
1	brainstation.io wpassets.brainstation.io	317 KB
4	2

	Domain	Requested by
3	netflix-firebase--netflix-clone-32386.us-central1.hosted.app	netflix-firebase--netflix-clone-32386.us-central1.hosted.app
1	wpassets.brainstation.io
4	2

This site contains no links.

Subject Issuer	Validity	Valid
netflix-firebase--netflix-clone-32386.us-central1.hosted.app WR3	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.brainstation.io Amazon RSA 2048 M02	`2024-02-24` - `2025-03-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/
Frame ID: 6A636F83466781039CAB8BF7B8EB77B9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

React Redux App

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1196 kB
Transfer

4610 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response netflix-firebase--netflix-clone-32386.us-central1.hosted.app/	2 KB 1 KB	466ms 171ms	Document text/html	35.219.200.25 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.219.200.25 , United States, ASN19527 (GOOGLE-2, US), Reverse DNS 25.200.219.35.bc.googleusercontent.com Software envoy / Express Resource Hash `cd749c89b83a77a433b31448413d954575083d62a07f3ff3b4edef726442fae1` Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private cdn-cache-status miss content-encoding gzip content-type text/html; charset=utf-8 date Tue, 11 Jun 2024 06:08:24 GMT etag W/"6b5-DN9u0fhkTRRQSJOf0AzX8vNYRcg" server envoy vary Accept-Encoding via 1.1 google x-powered-by Express
GET H2	200	bundle.js Show response netflix-firebase--netflix-clone-32386.us-central1.hosted.app/static/js/	4 MB 874 KB	208ms 207ms	Script application/javascript	35.219.200.25 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/static/js/bundle.js Requested by Host: netflix-firebase--netflix-clone-32386.us-central1.hosted.app URL: https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.219.200.25 , United States, ASN19527 (GOOGLE-2, US), Reverse DNS 25.200.219.35.bc.googleusercontent.com Software envoy / Express Resource Hash `efd6e1037e19c22cd70784d8173fc99f7bc762bf5787085c96a95bc2a70121be` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers cdn-cache-status miss date Tue, 11 Jun 2024 06:08:24 GMT content-encoding gzip via 1.1 google server envoy etag W/"43013a-1GUTCMIDL7Iq851IzQEV4jkvrns" x-powered-by Express vary Accept-Encoding access-control-allow-methods * content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private accept-ranges bytes access-control-allow-headers * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	Netflix-Background.jpg wpassets.brainstation.io/app/uploads/2017/04/13100509/	316 KB 317 KB	177ms 43ms	Image image/jpeg	2600:9000:250b:3c00:9:2939:6700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://wpassets.brainstation.io/app/uploads/2017/04/13100509/Netflix-Background.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:250b:3c00:9:2939:6700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `c4d143fbc63dde4eb0f0f8bd9a8ced56f7e0bd663e45b3a4b7f5f30c9f105be1` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 20 Apr 2024 18:45:37 GMT x-amz-version-id i8qOpHi0HOf8EtvuHpIkeOew1b.uXl3r via 1.1 4d8384431ad0b8e60c79585b2d139316.cloudfront.net (CloudFront) last-modified Thu, 12 Aug 2021 07:27:58 GMT server AmazonS3 x-amz-cf-pop IAD12-P4 age 4447369 etag "d2edb29f3f970c36aadecbb01ed0bb79" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 323929 x-amz-cf-id GBHD04uaM9kcjdhKeBSf3IbwaxV8n5OF8a6nspNdhE1mof2W-cWBdQ== expires Fri, 12 Aug 2022 07:27:57 GMT
GET H3	200	favicon.ico netflix-firebase--netflix-clone-32386.us-central1.hosted.app/	4 KB 4 KB	163ms 163ms	Other image/x-icon	35.219.200.25 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 35.219.200.25 , United States, ASN19527 (GOOGLE-2, US), Reverse DNS 25.200.219.35.bc.googleusercontent.com Software envoy / Express Resource Hash `3c524384b3a9b9b59bdbddc6cb5d8eaf79ffd07fb51080071386e0f832e80563` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://netflix-firebase--netflix-clone-32386.us-central1.hosted.app/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 11 Jun 2024 06:08:25 GMT content-encoding gzip via 1.1 google x-powered-by Express alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cdn-cache-status miss last-modified Tue, 01 Jan 1980 00:00:01 GMT server envoy etag W/"e01-49773873e8" vary Accept-Encoding access-control-allow-methods * content-type image/x-icon access-control-allow-origin * cache-control public,max-age=0 accept-ranges bytes access-control-allow-headers *

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| webpackHotUpdatenetflix_clone object| __REACT_DEVTOOLS_GLOBAL_HOOK__ boolean| __reactRefreshInjected string| __reactRouterVersion

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

netflix-firebase--netflix-clone-32386.us-central1.hosted.app
wpassets.brainstation.io
2600:9000:250b:3c00:9:2939:6700:93a1
35.219.200.25
3c524384b3a9b9b59bdbddc6cb5d8eaf79ffd07fb51080071386e0f832e80563
c4d143fbc63dde4eb0f0f8bd9a8ced56f7e0bd663e45b3a4b7f5f30c9f105be1
cd749c89b83a77a433b31448413d954575083d62a07f3ff3b4edef726442fae1
efd6e1037e19c22cd70784d8173fc99f7bc762bf5787085c96a95bc2a70121be

netflix-firebase--netflix-clone-32386.us-central1.hosted.app Open in urlscan Pro 35.219.200.25 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1196 kBTransfer

4610 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

netflix-firebase--netflix-clone-32386.us-central1.hosted.app Open in urlscan Pro
35.219.200.25 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1196 kB
Transfer

4610 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!