netflix-event.ml Open in urlscan Pro
2606:4700:3031::ac43:b96d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://netflix-event.ml/
Submission Tags: @phishunt_io
Submission: On March 14 via api (March 14th 2021, 8:00:37 am UTC) from ES

Summary HTTP 41 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3031::ac43:b96d, located in United States and belongs to CLOUDFLARENET, US. The main domain is netflix-event.ml.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 14th 2021. Valid for: a year.

This is the only time netflix-event.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3031::ac43:b96d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
6	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:86c0:209... 2a00:86c0:2091::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	2606:4700::68... 2606:4700::6812:6b08	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:210... 2a02:26f0:2100:190::33c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a05:d018:76c... 2a05:d018:76c:b685:e8ab:afd3:af51:3aed	16509 (AMAZON-02) (AMAZON-02)
2	2a01:578:3::3... 2a01:578:3::34d5:c7f2	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
41	17

4 2606:4700:3031::ac43:b96d (United States)

ASN13335 (CLOUDFLARENET, US)

netflix-event.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

codex.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:86c0:2091::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6b08 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.000webhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2100:190::33c4 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ae.nflximg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:76c:b685:e8ab:afd3:af51:3aed (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:578:3::34d5:c7f2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ichnaea-web.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

4968236.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	nflxext.com codex.nflxext.com assets.nflxext.com	2 MB
6	cookielaw.org cdn.cookielaw.org	108 KB
4	netflix.com www.netflix.com ichnaea-web.netflix.com	2 KB
4	netflix-event.ml netflix-event.ml	73 KB
3	doubleclick.net 2 redirects 4968236.fls.doubleclick.net googleads.g.doubleclick.net	2 KB
2	google.de www.google.de adservice.google.de	373 B
2	google.com 1 redirects www.google.com adservice.google.com	1 KB
2	googleadservices.com www.googleadservices.com	17 KB
2	nflximg.net ae.nflximg.net	8 KB
1	facebook.com www.facebook.com	263 B
1	000webhost.com cdn.000webhost.com	2 KB
1	onetrust.com geolocation.onetrust.com	362 B
41	12

	Domain	Requested by
11	assets.nflxext.com	netflix-event.ml codex.nflxext.com
6	cdn.cookielaw.org	netflix-event.ml cdn.cookielaw.org
4	codex.nflxext.com	netflix-event.ml
4	netflix-event.ml	netflix-event.ml codex.nflxext.com
2	www.googleadservices.com	ae.nflximg.net www.googleadservices.com
2	4968236.fls.doubleclick.net	1 redirects netflix-event.ml
2	ichnaea-web.netflix.com	ae.nflximg.net
2	www.netflix.com	ae.nflximg.net
2	ae.nflximg.net	netflix-event.ml ae.nflximg.net
1	adservice.google.de	adservice.google.com
1	adservice.google.com	4968236.fls.doubleclick.net
1	www.google.de	ae.nflximg.net
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.facebook.com	ae.nflximg.net
1	cdn.000webhost.com	netflix-event.ml
1	geolocation.onetrust.com	netflix-event.ml
41	17

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
media.netflix.com
ir.netflix.com
jobs.netflix.com
fast.com
www.netflix.com
optout.aboutads.info
onetrust.com
www.000webhost.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-14` - `2022-03-13`	a year	crt.sh
*.1.nflxso.net DigiCert SHA2 Secure Server CA	`2021-03-01` - `2021-03-31`	a month	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.000webhost.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-14` - `2022-01-14`	a year	crt.sh
assets.nflxext.com DigiCert SHA2 Secure Server CA	`2020-02-19` - `2022-02-19`	2 years	crt.sh
www.netflix.com DigiCert SHA2 Secure Server CA	`2020-01-13` - `2022-01-13`	2 years	crt.sh
ichnaea-web.netflix.com DigiCert SHA2 Secure Server CA	`2020-02-09` - `2022-02-10`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://netflix-event.ml/
Frame ID: 4E8F2552450BCDD21F407DD24FBDD0FF
Requests: 28 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D
Frame ID: 74DA3DFF0F89362F7ECA4DA550E7990A
Requests: 2 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D
Frame ID: 2ABA70364A7D57EA0CAAD8DC63800D23
Requests: 6 HTTP requests in this frame

Frame: https://4968236.fls.doubleclick.net/activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854
Frame ID: 9155169322834FD5E22961E05F237992
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/
Frame ID: 780DDDB892E71899D66615F39C7955B7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/
Frame ID: DF0D7640A880FCCF7B3444BD8D50BE8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

41
Requests

98 %
HTTPS

82 %
IPv6

12
Domains

17
Subdomains

17
IPs

3
Countries

1852 kB
Transfer

3622 kB
Size

3
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://help.netflix.com/support/412
Title: FAQ

Search URL Search Domain Scan URL

URL: https://help.netflix.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://media.netflix.com/
Title: Media Center

Search URL Search Domain Scan URL

URL: https://ir.netflix.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://jobs.netflix.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/corpinfo
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://help.netflix.com/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://fast.com/
Title: Speed Test

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/notices
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.netflix.com/browse/genre/839338
Title: Netflix Originals

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy#cookies
Title: Çerezler ve İnternet Reklamcılığı

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/
Title: buraya

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

URL: https://www.000webhost.com/?utm_source=000webhostapp&utm_campaign=000_logo&utm_medium=website&utm_content=footer_img

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://4968236.fls.doubleclick.net/activityi;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854 HTTP 302
https://4968236.fls.doubleclick.net/activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854

Request Chain 37

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522US%2522%252C%2522region_code%2522%253A%2522LA%2522%252C%2522fbaId%2522%253A%2522625a1c8c-056a-4b31-a3d5-5267ebf09dcf%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0003%252CC0005%2522%257D&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=k8JNYKSqAojl-gaS3YO4Dw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522US%2522%252C%2522region_code%2522%253A%2522LA%2522%252C%2522fbaId%2522%253A%2522625a1c8c-056a-4b31-a3d5-5267ebf09dcf%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0003%252CC0005%2522%257D&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k8JNYKSqAojl-gaS3YO4Dw&cid=CAQSKQCNIrLM9n4A4XGb_7PwoxrUfFcvXplroDoi5ImoSuDbjv1ag5a5C9Fj&random=1634851228&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522US%2522%252C%2522region_code%2522%253A%2522LA%2522%252C%2522fbaId%2522%253A%2522625a1c8c-056a-4b31-a3d5-5267ebf09dcf%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0003%252CC0005%2522%257D&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k8JNYKSqAojl-gaS3YO4Dw&cid=CAQSKQCNIrLM9n4A4XGb_7PwoxrUfFcvXplroDoi5ImoSuDbjv1ag5a5C9Fj&random=1634851228&resp=GooglemKTybQhCsO&ipr=y

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
netflix-event.ml/ 422 KB
59 KB 381ms
326ms Document
text/html 2606:4700:3031::ac43:b96d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b96d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94bc3e00ce3dafedf740db1cf3e7615002692ce0a6f1bcbedc82eb3583970679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: netflix-event.ml
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:17 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1a54667cc5ef0d900bbb3270c1e374d41615708817; expires=Tue, 13-Apr-21 08:00:17 GMT; path=/; domain=.netflix-event.ml; HttpOnly; SameSite=Lax; Secure
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 7c9f690a3859a6f3b9857eb41c55de29
cf-cache-status: DYNAMIC
cf-request-id: 08d1591fbb00004a92a720b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YD8vZovTirhrGL8WbuLia3ZP2stZfp1vm4M5LcGd4roGj6WgfAKVXe9S6Opn2UtWbQpk2rr1hSlMSz%2BxnWAON3MOS2hi4X6k%2BzeF4vBQIgefJS52WNrObE2PwqYD"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 62fbf7ac5b094a92-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9b1ea731/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b4K034j4a4l4x06464q4J080o004L4o4F4g4s4m4E4c4r4u4e4d0a024G14/bck/true/ 9 KB
4 KB 30ms
9ms Script
application/javascript 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9b1ea731/js/js/bootstrap.js,common%7Cbootstrap.js/2/0b4K034j4a4l4x06464q4J080o004L4o4F4g4s4m4E4c4r4u4e4d0a024G14/bck/true/none

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

4e1e0c504f5aadfeef810e719b024940d2d842ee892e96a20f8ff047bbf0ae0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: 51fbd01d-45fe-4725-a45b-8cd52edca629
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 3624
Expires: Thu, 16 Sep 2021 04:49:17 GMT

GET
H/1.1 200
OK none Show response
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9b1ea731/js/js/signup%7Chome%7CourStory%7Cfuji%7CfujiFrameworkClient.js/2/0b4K034j4a4l4x06464q4J080o004L4o4F4g4s4m4E4c4r4u4e4d0a024G14... 1 MB
359 KB 34ms
6ms Script
application/javascript 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9b1ea731/js/js/signup%7Chome%7CourStory%7Cfuji%7CfujiFrameworkClient.js/2/0b4K034j4a4l4x06464q4J080o004L4o4F4g4s4m4E4c4r4u4e4d0a024G14/l/true/none

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

03577612a9a08427965d70f44a28a60192f5f5e4c1fc4171b6be77cbcb345dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: 70208ab3-7814-400e-8927-cc97f0039f61
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 366916
Expires: Thu, 16 Sep 2021 04:49:17 GMT

GET WebsiteDetect
netflix-event.ml/personalization/cl2/freeform/ 0
0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 16 KB
6 KB 13ms
11ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://netflix-event.ml
Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Mar 2021 08:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8g79L9PKY/vudZazgfW0YA==
age: 5001
vary: Accept-Encoding
content-length: 5578
cf-request-id: 08d159210b00002c2690add000000001
x-ms-lease-status: unlocked
last-modified: Tue, 09 Mar 2021 13:15:40 GMT
server: cloudflare
etag: 0x8D8E2FD6FDFFD2E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 80b7e416-e01e-017a-40ef-14f4fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62fbf7ae79802c26-FRA

GET
H/1.1 200
OK none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Ccore%7Cerror-page.less/1/vDxK4ItwG9CHJ/none/true/ 11 KB
3 KB 24ms
5ms Stylesheet
text/css 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Ccore%7Cerror-page.less/1/vDxK4ItwG9CHJ/none/true/none

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: 558e3acd-76c8-49a1-aea6-43d60809c408
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 2592
Expires: Thu, 16 Sep 2021 04:50:11 GMT

GET
H/1.1 200
OK none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Cpages%7Chome%7CourStory%7Cfuji%7Cfuji.less/1/vDxK4ItwG9CHJ/none/true/ 104 KB
16 KB 24ms
6ms Stylesheet
text/css 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Cpages%7Chome%7CourStory%7Cfuji%7Cfuji.less/1/vDxK4ItwG9CHJ/none/true/none

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

f176b2bd81b3667b8924eed348ddcef125c005a14a037ad6421aa58aea5f943e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=16070400
req_id: 7d5cc852-8ad0-4601-95a6-e308774e6d26
Connection: keep-alive
Timing-Allow-Origin: https://www.netflix.com
Content-Length: 16373
Expires: Thu, 16 Sep 2021 04:50:11 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
362 B 14ms
13ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:17 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 62fbf7af4aee4a56-FRA
cf-request-id: 08d159218900004a567d91e000000001

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.6.0/ 338 KB
72 KB 12ms
12ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://netflix-event.ml
Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Mar 2021 08:00:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
age: 11463
vary: Accept-Encoding
content-length: 73082
cf-request-id: 08d15921a000002c2650843000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
server: cloudflare
etag: 0x8D85529F2EBAD26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 92276443-701e-001d-6a8d-18010c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62fbf7af6a9c2c26-FRA
expires: Mon, 22 Mar 2021 08:00:17 GMT

GET
H/1.1 200
OK US-en-20210301-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/70deccb9-9b6c-4be1-b781-18dd1bcd9264/6e69ee62-e75f-4c5a-a56b-2d222564f8f4/ 319 KB
319 KB 856ms
385ms Image
image/jpeg 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/70deccb9-9b6c-4be1-b781-18dd1bcd9264/6e69ee62-e75f-4c5a-a56b-2d222564f8f4/US-en-20210301-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ce3af1edf8df6904ab3386dbfc0528bc2536a6eee5282248487d8ae9059eff7c

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Wed, 03 Mar 2021 14:57:42 GMT
Server: nginx
Content-MD5: kBnJl07F66/xggvYU1vrKw==
Content-Type: image/jpeg
Cache-Control: public, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 326590
Expires: Sun, 21 Mar 2021 08:00:18 GMT

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 375ms
5ms Image
image/png 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: public, max-age=1700
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Thu, 03 Sep 2020 01:50:13 GMT

GET
H/1.1 200
OK mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 48 KB
49 KB 8ms
5ms Image
image/jpeg 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Wed, 14 Aug 2019 17:59:05 GMT
Server: nginx
Content-MD5: pIMz1DwZYS7WGYf6Xb/zxQ==
Content-Type: image/jpeg
Cache-Control: public, max-age=13779
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49614
Expires: Fri, 28 Aug 2020 05:33:31 GMT

GET
H/1.1 200
OK boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 20 KB
20 KB 19ms
5ms Image
image/png 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/boxshot.png
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Wed, 14 Nov 2018 18:48:14 GMT
Server: nginx
Content-MD5: WH4EDyAll5IJSQHKlzlmng==
Content-Type: image/png
Cache-Control: public, max-age=8061
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20506
Expires: Wed, 26 Aug 2020 06:46:13 GMT

GET
H/1.1 200
OK device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 19ms
5ms Image
image/png 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: public, max-age=12076
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Fri, 04 Sep 2020 06:43:21 GMT

GET
H2 200 footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 2 KB
2 KB 43ms
18ms Image
image/webp 2606:4700::6812:6b08
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6b08 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:18 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3373
cf-polished: origFmt=png, origSize=2046
content-disposition: inline; filename="footer-powered-by-000webhost-white2.webp"
cf-bgj: imgq:100,h2pri
x-hostinger-datacenter: srv
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1696
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Mar 2021 06:34:17 GMT
server: cloudflare
x-frame-options: sameorigin
etag: "60486869-7fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
content-type: image/webp
vary: Accept
cache-control: public, max-age=14400
x-hostinger-node: nl-srv-cdn2
cf-request-id: 08d15923e500004ec87e36a000000001
accept-ranges: bytes
cf-ray: 62fbf7b30a1a4ec8-FRA
expires: Sun, 14 Mar 2021 12:00:18 GMT

GET
H2 404 WebsiteDetect Show response
netflix-event.ml/personalization/cl2/freeform/ 18 KB
5 KB 115ms
114ms XHR
text/html 2606:4700:3031::ac43:b96d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-event.ml/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=nmLanding

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b96d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VpovVxIbCc%2F%2BTRY23E6AVA9F3EqebEC44NoKivl69OSnkLFm7SVI0hKo%2Ba8cniB%2F0%2FwiSgpYuJRX72qdHXkZ8%2FbzbABe2T7AFRz2GQrau246J45Lmgyouaqa1Mfd"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-request-id: 08d159225000004a92d38fa000000001
cf-ray: 62fbf7b088a74a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d014f4795633bd090a2cfaabe320537f

GET
H2 404 WebsiteScreen Show response
netflix-event.ml/personalization/cl2/freeform/ 18 KB
5 KB 332ms
332ms XHR
text/html 2606:4700:3031::ac43:b96d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-event.ml/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b96d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K8rH4EiPy1WWhmRPQoppa4lFxHZP9tng%2Fen2B7j0q4r1yJ%2B9ec2fWXs110rcb4IQ3V0WLNfl9w4Ezb17JW%2FuW0Sgc%2BvkqQG1ZL1yMkYLyp%2FeXlV%2F0GCCjXovXWfp"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-request-id: 08d159225000004a92b52be000000001
cf-ray: 62fbf7b088a84a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: efea6e6ad3d63c0a3b48446f5b6e4929

GET
H2 200 87b6a5c0-0104-4e96-a291-092c11350111.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ 4 KB
2 KB 11ms
11ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47e7d6a3c51589c263b2ca34435b8819a28c643649bbf63d90f8907aed0ee523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: O5UoXYfmq4rCXVTWtUr7hA==
age: 5655
vary: Accept-Encoding
content-length: 1482
cf-request-id: 08d15923c100002c26450c6000000001
x-ms-lease-status: unlocked
last-modified: Tue, 09 Feb 2021 19:49:43 GMT
server: cloudflare
etag: 0x8D8CD33D860C1F8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6af782bd-801e-0008-1c2c-04c395000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62fbf7b2ceb72c26-FRA

GET
H/1.1 200
OK NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 52 KB
52 KB 18ms
5ms Font
application/octet-stream 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Ccore%7Cerror-page.less/1/vDxK4ItwG9CHJ/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

Origin: https://netflix-event.ml
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Server: nginx
Content-MD5: C/MXfx/tbZUxeCIfukPH6A==
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=8292
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53342
Expires: Tue, 04 Aug 2020 00:41:05 GMT

GET
H/1.1 200
OK download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 22 KB
22 KB 6ms
6ms Image
image/gif 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/download-icon.gif
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Cpages%7Chome%7CourStory%7Cfuji%7Cfuji.less/1/vDxK4ItwG9CHJ/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6

Request headers

Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Mon, 12 Nov 2018 22:40:57 GMT
Server: nginx
Content-MD5: 3Ty3jbeMPgoTybd+4Z3u5g==
Content-Type: image/gif
Cache-Control: public, max-age=13344
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22171
Expires: Thu, 27 Aug 2020 09:08:15 GMT

GET
H/1.1 200
OK nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 72 KB
72 KB 17ms
5ms Font
application/octet-stream 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Cpages%7Chome%7CourStory%7Cfuji%7Cfuji.less/1/vDxK4ItwG9CHJ/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Origin: https://netflix-event.ml
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Server: nginx
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3140
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73566
Expires: Mon, 03 Aug 2020 23:15:13 GMT

GET
H/1.1 200
OK NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 53 KB
53 KB 17ms
5ms Font
application/octet-stream 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
Requested by: Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-v9b1ea731/css/css/less%7Ccore%7Cerror-page.less/1/vDxK4ItwG9CHJ/none/true/none
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

Request headers

Origin: https://netflix-event.ml
Referer: https://codex.nflxext.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Server: nginx
Content-MD5: 6naZIbDPpPxtTRouCx+l/w==
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3611
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53978
Expires: Mon, 03 Aug 2020 23:23:08 GMT

GET
H/1.1 206
Partial Content video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 264 KB
264 KB 9ms
9ms Media
video/x-m4v 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049

Request headers

Referer: https://netflix-event.ml/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: PLEtt8Zyszc1AGSApFXscg==
Content-Type: video/x-m4v
Content-Range: bytes 0-270045/270046
Cache-Control: public, max-age=13007
Connection: keep-alive
Content-Length: 270046
Expires: Tue, 25 Aug 2020 10:00:02 GMT

GET
H/1.1 206
Partial Content video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 260 KB
260 KB 6ms
6ms Media
video/x-m4v 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71

Request headers

Referer: https://netflix-event.ml/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 14 Mar 2021 08:00:18 GMT
Last-Modified: Wed, 09 Jan 2019 20:47:49 GMT
Server: nginx
Content-MD5: PlXFYgWonIWf7QBa4XKfqg==
Content-Type: video/x-m4v
Content-Range: bytes 0-266159/266160
Cache-Control: public, max-age=4415
Connection: keep-alive
Content-Length: 266160
Expires: Mon, 31 Aug 2020 21:36:29 GMT

GET
H/1.1 200
OK adtech_iframe_target_05.html Show response
ae.nflximg.net/monet/scripts/ Frame 74DA 3 KB
2 KB 39ms
9ms Document
text/html 2a02:26f0:2100:190::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D
Requested by: Host: netflix-event.ml
URL: https://netflix-event.ml/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:2100:190::33c4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 33453d6e2431ccd0b867d3b7ac3da2b6012f1b232a6d01e8bc66bb49c04dae5a

Request headers

Host: ae.nflximg.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://netflix-event.ml/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://netflix-event.ml/

Response headers

Accept-Ranges: bytes
Content-MD5: 2tiC8L4hXEQfExrWl5WOaw==
Content-Type: text/html
ETag: "dad882f0be215c441f131ad697958e6b:1572563658.405897"
Last-Modified: Thu, 31 Oct 2019 23:14:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 14 Mar 2021 08:00:18 GMT
Content-Length: 1283
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

POST
H2 404 log Show response
netflix-event.ml/personalization/ 18 KB
5 KB 330ms
330ms XHR
text/html 2606:4700:3031::ac43:b96d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-event.ml/personalization/log

Requested by

Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-v9b1ea731/js/js/signup%7Chome%7CourStory%7Cfuji%7CfujiFrameworkClient.js/2/0b4K034j4a4l4x06464q4J080o004L4o4F4g4s4m4E4c4r4u4e4d0a024G14/l/true/none

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:b96d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://netflix-event.ml/
X-Netflix.ichnaea.request.type: UiRequest
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Mar 2021 08:00:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XPEaV3x1thDfzmtWlBxbypl%2FaJ9Z8oHFibkLa8kSQHlhOytMV%2FP8KtDhAeXBPYpnQf3HOTcUJ7pUBi5ZPtYk2W2loZVI4bhlu5GL5cBYkZ3735%2B6643jllz1bFq9"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-request-id: 08d159251d00004a92d2995000000001
cf-ray: 62fbf7b4f80f4a92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a99ef3124f85b7bc89a029d5e95edd25

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/d8b56389-964b-4a1f-aa83-3a9db8f1b6a4/ 34 KB
11 KB 14ms
14ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/d8b56389-964b-4a1f-aa83-3a9db8f1b6a4/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a05c707817f498095ee9a5bba3a216bac7f1fa8496c10c074ff738a31fd5686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: v0hQWZSp06YC7AApL02WAQ==
age: 5564
vary: Accept-Encoding
content-length: 10990
cf-request-id: 08d159252600002c268e01b000000001
x-ms-lease-status: unlocked
last-modified: Tue, 09 Feb 2021 19:49:48 GMT
server: cloudflare
etag: 0x8D8CD33DBE9A163
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d2f57da1-001e-00b8-7139-ff3a15000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62fbf7b509aa2c26-FRA

OPTIONS
H2 200 log
www.netflix.com/ichnaea/ Frame 0
0 296ms
57ms Preflight 2a05:d018:76c:b685:e8ab:afd3:af51:3aed
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Protocol

Server

2a05:d018:76c:b685:e8ab:afd3:af51:3aed Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-0f708f7a596eb3ce4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Origin: https://ae.nflximg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://ae.nflximg.net
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
allow: GET, POST, OPTIONS
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
content-length: 0
date: Sun, 14 Mar 2021 08:00:18 GMT
via: 2 i-0e7914e0ca3883678 (eu-west-1)
server: clingest-secure i-0f708f7a596eb3ce4
x-xss-protection: 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-originating-url: http://www.netflix.com/ichnaea/log
x-netflix_nfstatus: 1_1
x-netflix_proxy_execution-time: 27

POST
H2 200 log Show response
www.netflix.com/ichnaea/ Frame 74DA 0
933 B 91ms
34ms XHR
text/plain 2a05:d018:76c:b685:e8ab:afd3:af51:3aed
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:76c:b685:e8ab:afd3:af51:3aed Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-07ae6564143c62745 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Mar 2021 08:00:18 GMT
via: 2 i-09e5316e71a7b97b8 (eu-west-1)
x-content-type-options: nosniff
x-netflix_proxy_execution-time: 5
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
allow: GET, POST, OPTIONS
server: clingest-secure i-07ae6564143c62745
x-frame-options: DENY
x-netflix_nfstatus: 1_1
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST, OPTIONS
x-originating-url: http://www.netflix.com/ichnaea/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-ichnaea: ~0=true~RL=0
access-control-allow-headers: Accept,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

GET
H/1.1 200
OK netflix_tag_05.html Show response
ae.nflximg.net/monet/scripts/ Frame 2ABA 50 KB
6 KB 11ms
10ms Document
text/html 2a02:26f0:2100:190::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D
Requested by: Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:2100:190::33c4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 76da5d1fc4006a7cb32fc909efd8a0777827bdc1cdd162c830b83346a56c597d

Request headers

Host: ae.nflximg.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-MD5: CifOxChBYnP7lzGEepVd8Q==
Content-Type: text/html
ETag: "0a27cec428416273fb9731847a955df1:1599844120.208572"
Last-Modified: Fri, 11 Sep 2020 17:08:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sun, 14 Mar 2021 08:00:18 GMT
Content-Length: 5688
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 12 KB
4 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: R7qOr1WClmhADOzbz5s+Bw==
age: 11463
vary: Accept-Encoding
content-length: 3248
cf-request-id: 08d159253e00002c269386d000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:24 GMT
server: cloudflare
etag: 0x8D85529EDFDCA3B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a49b6427-101e-00a7-4c8d-18e105000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62fbf7b529de2c26-FRA
expires: Mon, 22 Mar 2021 08:00:18 GMT

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 57 KB
14 KB 11ms
11ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-event.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mg7iJdVoxVGmqw/VwCobbQ==
age: 11463
vary: Accept-Encoding
content-length: 14112
cf-request-id: 08d159253e00002c2655bc4000000001
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:26 GMT
server: cloudflare
etag: 0x8D85529EEE93F94
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4e1fe527-201e-00c9-668d-18482c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 62fbf7b539e02c26-FRA
expires: Mon, 22 Mar 2021 08:00:18 GMT

OPTIONS
H/1.1 200
OK log
ichnaea-web.netflix.com/ Frame 0
0 281ms
38ms Preflight 2a01:578:3::34d5:c7f2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ichnaea-web.netflix.com/log
Protocol: HTTP/1.1
Server: 2a01:578:3::34d5:c7f2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: clingest-secure i-080c23c7be9daedaa /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Origin: https://ae.nflximg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://ae.nflximg.net
Allow: GET, POST, OPTIONS
Date: Sun, 14 Mar 2021 08:00:18 GMT
Server: clingest-secure i-080c23c7be9daedaa
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Via: 1.1 i-0fbaba62e4b14e0f9 (eu-west-1)
X-Netflix_nfstatus: 1_1
X-Netflix_proxy_execution-time: 6
X-Originating-URL: https://ichnaea-web.netflix.com/log
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK log Show response
ichnaea-web.netflix.com/ Frame 2ABA 0
1 KB 116ms
33ms XHR
text/plain 2a01:578:3::34d5:c7f2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22LA%22%2C%22fbaId%22%3A%22625a1c8c-056a-4b31-a3d5-5267ebf09dcf%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0005%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::34d5:c7f2 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

clingest-secure i-012c5c5d5a3ad339c /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 14 Mar 2021 08:00:19 GMT
Via: 1.1 i-0ccf61fbab313ec1c (eu-west-1)
X-Content-Type-Options: nosniff
X-Netflix_proxy_execution-time: 5
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: clingest-secure i-012c5c5d5a3ad339c
X-Frame-Options: DENY
X-Netflix_nfstatus: 1_1
Allow: GET, POST, OPTIONS
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Originating-URL: https://ichnaea-web.netflix.com/log
Access-Control-Allow-Origin: https://ae.nflximg.net
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
X-Ichnaea: ~0=true~RL=0
Access-Control-Allow-Headers: Accept,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
Expires: 0

GET
H3-Q050

200

activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854 Show response
4968236.fls.doubleclick.net/ Frame 9155
Redirect Chain

https://4968236.fls.doubleclick.net/activityi;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854?
https://4968236.fls.doubleclick.net/activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854?

444 B
956 B

75ms
40ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4968236.fls.doubleclick.net/activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854?

Requested by

Host: netflix-event.ml
URL: https://netflix-event.ml/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

33b3b061bdcabc517c465230a2b4fb99f77c238ba8ea03e1b3d16b4cc12d215c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4968236.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ae.nflximg.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ae.nflximg.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 14 Mar 2021 08:00:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 354
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 14-Mar-2021 08:15:19 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 14 Mar 2021 08:00:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4968236.fls.doubleclick.net/activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 2ABA 39 KB
15 KB 37ms
35ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

485efc05e46ebdafbd6a7f7ff0fd0fe17c065dc00a3ed6e22aa5f08d65fe23e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15351
x-xss-protection: 0
server: cafe
etag: 1106890923482458017
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 08:00:18 GMT

GET
H2 200 tr
www.facebook.com/ Frame 2ABA 44 B
263 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=829253787145710&ev=NM_landing&dl=Netflix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 08:00:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 14 Mar 2021 08:00:18 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/981179826/ Frame 2ABA 2 KB
2 KB 74ms
40ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981179826/?random=1615708818829&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522US%2522%252C%2522region_code%2522%253A%2522LA%2522%252C%2522fbaId%2522%253A%2522625a1c8c-056a-4b31-a3d5-5267ebf09dcf%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0003%252CC0005%2522%257D&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

edb2f4c4c055154e242ddc079c2ae8f34a7cb150c5c8b47a08ca2a827d480295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 08:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/981179826/ Frame 2ABA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_...
https://www.google.com/pagead/1p-conversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=...
https://www.google.de/pagead/1p-conversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...

42 B
108 B

22ms
22ms

Image
image/gif

2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522US%2522%252C%2522region_code%2522%253A%2522LA%2522%252C%2522fbaId%2522%253A%2522625a1c8c-056a-4b31-a3d5-5267ebf09dcf%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0003%252CC0005%2522%257D&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k8JNYKSqAojl-gaS3YO4Dw&cid=CAQSKQCNIrLM9n4A4XGb_7PwoxrUfFcvXplroDoi5ImoSuDbjv1ag5a5C9Fj&random=1634851228&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 08:00:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Mar 2021 08:00:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/981179826/?random=2144973691&cv=9&fst=1615708818829&num=1&label=40zWCLqP1XUQsrvu0wM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522US%2522%252C%2522region_code%2522%253A%2522LA%2522%252C%2522fbaId%2522%253A%2522625a1c8c-056a-4b31-a3d5-5267ebf09dcf%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0003%252CC0005%2522%257D&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=k8JNYKSqAojl-gaS3YO4Dw&cid=CAQSKQCNIrLM9n4A4XGb_7PwoxrUfFcvXplroDoi5ImoSuDbjv1ag5a5C9Fj&random=1634851228&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/ Frame 780D 443 B
419 B 44ms
43ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/

Requested by

Host: 4968236.fls.doubleclick.net
URL: https://4968236.fls.doubleclick.net/activityi;dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3500c2bc4fba1644a2689f40d1ba1a295865c943fbae0bb620da88747b14d63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4968236.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4968236.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 14 Mar 2021 08:00:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 349
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/ Frame DF0D 194 B
265 B 41ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CO6b0bGor-8CFUh-0wodCLcINg;src=4968236;type=naanz-nm;cat=dcmna0;u1=US;ord=3620219624599.9854;~oref=https://ae.nflximg.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 14 Mar 2021 08:00:19 GMT
expires: Sun, 14 Mar 2021 08:00:19 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: netflix-event.ml
URL: https://netflix-event.ml/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:10:04	Name: IDE Value: AHWqTUmXopOcNFptcnjkt7oQdOqsMexVjaThqkk3rK8de4T9-CEk5AQ5lopsLWU3
.netflix-event.ml/	1969-12-31 23:59:59	Name: cL Value: 1615708818589%7C161570881829593562%7C161570881817223644%7C%7C4%7CABH3O6PRRZBEBJ5VA3ANINTDB4
.netflix-event.ml/	1970-01-19 17:31:40	Name: __cfduid Value: d1a54667cc5ef0d900bbb3270c1e374d41615708817

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4968236.fls.doubleclick.net
adservice.google.com
adservice.google.de
ae.nflximg.net
assets.nflxext.com
cdn.000webhost.com
cdn.cookielaw.org
codex.nflxext.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ichnaea-web.netflix.com
netflix-event.ml
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.netflix.com
netflix-event.ml
142.250.186.34
142.250.74.198
172.217.16.130
2606:4700:10::6814:b844
2606:4700:3031::ac43:b96d
2606:4700::6810:9540
2606:4700::6812:6b08
2a00:1450:4001:802::2004
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:86c0:2090::1
2a00:86c0:2091::1
2a01:578:3::34d5:c7f2
2a02:26f0:2100:190::33c4
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:76c:b685:e8ab:afd3:af51:3aed
03577612a9a08427965d70f44a28a60192f5f5e4c1fc4171b6be77cbcb345dd0
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
33453d6e2431ccd0b867d3b7ac3da2b6012f1b232a6d01e8bc66bb49c04dae5a
33b3b061bdcabc517c465230a2b4fb99f77c238ba8ea03e1b3d16b4cc12d215c
3500c2bc4fba1644a2689f40d1ba1a295865c943fbae0bb620da88747b14d63f
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
47e7d6a3c51589c263b2ca34435b8819a28c643649bbf63d90f8907aed0ee523
485efc05e46ebdafbd6a7f7ff0fd0fe17c065dc00a3ed6e22aa5f08d65fe23e5
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049
4e1e0c504f5aadfeef810e719b024940d2d842ee892e96a20f8ff047bbf0ae0c
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
68f99278dfb6d0ec9cd0087d2e8f22bff0ccd2b02e3fca72d56f81438d70dc55
76da5d1fc4006a7cb32fc909efd8a0777827bdc1cdd162c830b83346a56c597d
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
8a05c707817f498095ee9a5bba3a216bac7f1fa8496c10c074ff738a31fd5686
94bc3e00ce3dafedf740db1cf3e7615002692ce0a6f1bcbedc82eb3583970679
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
9ea7f0a7844cada198d1e8a28343cc081d3631c716c9dd53d889e4b7feae04ac
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
ce3af1edf8df6904ab3386dbfc0528bc2536a6eee5282248487d8ae9059eff7c
d98430b79bd481c608eb50058778fc3a919b996494f209c1546d11280d7bc14f
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edb2f4c4c055154e242ddc079c2ae8f34a7cb150c5c8b47a08ca2a827d480295
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f176b2bd81b3667b8924eed348ddcef125c005a14a037ad6421aa58aea5f943e

netflix-event.ml Open in urlscan Pro 2606:4700:3031::ac43:b96d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

82 %IPv6

12 Domains

17 Subdomains

17 IPs

3 Countries

1852 kBTransfer

3622 kBSize

3 Cookies

16 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

netflix-event.ml Open in urlscan Pro
2606:4700:3031::ac43:b96d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

82 %
IPv6

12
Domains

17
Subdomains

17
IPs

3
Countries

1852 kB
Transfer

3622 kB
Size

3
Cookies

41 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!