cyberflix.elfhosted.com Open in urlscan Pro
2606:4700:20::681a:931 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cyberflix.elfhosted.com/
Effective URL:
https://cyberflix.elfhosted.com/
Submission: On July 15 via api (July 15th 2024, 7:20:45 am UTC) from AE — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::681a:931, located in United States and belongs to CLOUDFLARENET, US. The main domain is cyberflix.elfhosted.com. The Cisco Umbrella rank of the primary domain is 948730.
TLS certificate: Issued by GTS CA 1P5 on May 28th 2024. Valid for: 3 months.

This is the only time cyberflix.elfhosted.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:20:... 2606:4700:20::681a:931	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	172.67.173.89 172.67.173.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

13 2606:4700:20::681a:931 (United States)

ASN13335 (CLOUDFLARENET, US)

cyberflix.elfhosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.173.89 (United States)

ASN13335 (CLOUDFLARENET, US)

img.shields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	elfhosted.com cyberflix.elfhosted.com — Cisco Umbrella Rank: 948730	383 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
1	shields.io img.shields.io — Cisco Umbrella Rank: 59339	1 KB
18	3

	Domain	Requested by
13	cyberflix.elfhosted.com	cyberflix.elfhosted.com
2	fonts.gstatic.com	cyberflix.elfhosted.com
2	www.gstatic.com	cyberflix.elfhosted.com www.gstatic.com
1	img.shields.io	cyberflix.elfhosted.com
18	4

This site contains no links.

Subject Issuer	Validity	Valid
elfhosted.com GTS CA 1P5	`2024-05-28` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
shields.io WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cyberflix.elfhosted.com/
Frame ID: B9324A106EA1F4BFE79A7BFC9C7A97D7
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CyberFlix Configuration

Page URL History Show full URLs

http://cyberflix.elfhosted.com/ HTTP 307
https://cyberflix.elfhosted.com/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

2549 kB
Transfer

9915 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cyberflix.elfhosted.com/ HTTP 307
https://cyberflix.elfhosted.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cyberflix.elfhosted.com/
Redirect Chain

http://cyberflix.elfhosted.com/
https://cyberflix.elfhosted.com/

2 KB
1 KB

489ms
109ms

Document
text/html

2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a85cc2659df402db6fe85558ada27d51e9c8b03159f2dc13d43bc76855b6b2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=7200, stale-while-revalidate=7200, stale-if-error=7200, public
cf-cache-status: DYNAMIC
cf-ray: 8a37fdc10a302bca-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 15 Jul 2024 07:20:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7OFRVBo9AYBnlO4hvnM%2BlwYkbuAGojoqtLdqSgyzXIYR2Fisxza8zs7V8B5NCsE%2BZiHf2rFi0UsxQhPjFbYr99PoSN229mL4GE8vp7RHe%2FR2itAz7jSyQwbrhrnJT4Nx4rjCk3e82fT10ppzcpoLXJQj%2BK%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://cyberflix.elfhosted.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 flutter.js Show response
cyberflix.elfhosted.com/static/ 4 KB
2 KB 70ms
70ms Script
text/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/flutter.js
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abb5c407db14908c2af56263bff34c683be228a5e22c384d7a6b852e731f466a

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c3105554c1ad5b40aae114bcaccb565a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38Cxo0FYphZfS1hFyvUpoaFduEcCOZhT2oVw%2BV%2F1JvsQDu0HtOAZStfmnq0OXnZryU9Yre0rOed1hWrenNtWsa%2BXitgzYPC5yPWYX3MXRE7OGG2Gw5YjYB7lG1b5p32ceQ3zXuPs0rpiEqDs0%2FXSGmvWIRyb"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a37fdc1cae42bca-FRA

GET
H2 200 favicon.png
cyberflix.elfhosted.com/static/ 865 B
1 KB 27ms
27ms Other
image/png 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/favicon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a786f3cd40bdfe7cb7dd370191008e6fbc817a5af83beaa778637382ba25d6ba

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72255
cf-polished: origSize=976, status=webp_bigger
content-length: 865
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
server: cloudflare
etag: "d71a9ecdd69f92ecc41f6d291be789a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFedWNvtV9f3YWnfHh%2BvGMQWVu14VduGlEnt6Z5546pfxalz36QdeTL%2BlAk66kfzI3gxwarOE14p9LVQdGS%2Fr9dSLpj4%2BRmM2aLLQ0ivdMeTtKdYl07mw2qTzbEdkWIbmEq3spyGFGdm8l2F%2FVNhdxe7Xx31"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a37fdc24bbd2bca-FRA

GET
H2 200 main.dart.js Show response
cyberflix.elfhosted.com/static/ 3 MB
0 0ms
0ms Script
text/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/main.dart.js
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/flutter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3e59b0dc61ae2a24201b16e1833f3fcf2194d8d7c6276d30fb62746060f9a11

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"205d7bdfd3f43cae88472bfcf3488bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gHB2YF3QFppj8XE0hNUD5%2FLDwWyx7q2LqJUXQRcl3f6yum%2Bgdw9819IzwDTSvgiDzBvOTHkf0v9B2u9K71HRelsqSqULDMjYCaufWtvnQ7nuJzWNkAsCdeCnVR%2FUf0J%2BJiDUdg8U7JPD8Zl78J%2Fk3nuHYQU"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a37fdc2fd1a2bca-FRA

GET
H2 200 canvaskit.js Show response
www.gstatic.com/flutter-canvaskit/c4cd48e186460b32d44585ce3c103271ab676355/chromium/ 91 KB
26 KB 198ms
83ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/c4cd48e186460b32d44585ce3c103271ab676355/chromium/canvaskit.js

Requested by

Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed7899cf1ba7169981ba66817b913f303bd7f8cfa8f99c9997ba98b4e404a00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 09:48:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 509550
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26009
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 18:19:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Jul 2025 09:48:11 GMT

GET
H2 200 FontManifest.json Show response
cyberflix.elfhosted.com/static/assets/ 209 B
0 0ms
0ms Fetch
application/json 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/FontManifest.json
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d4a1ad4601d893f2aa596be55eeda7907d1f82c88b69c4572637d26c9d41e5

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a42184a52df08cd539a43fe345100517"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9IzFIOPFZxu9wy%2Bh9QHupbRMJorXSGmjRri79Kxh65Wfitd170Ewea%2BVJprf%2Fr8w2Gqa3Ybc9re%2BUPC%2BBf0L4bStHr7e43c%2B0fFKTczLYMryj%2FcTdgxjo1Q0NU42hI5fwgSUuWR3nwApCI0OgMTmqWwZOQ5"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=14400
cf-ray: 8a37fdc39e302bca-FRA

GET
H2 200 MaterialIcons-Regular.otf Show response
cyberflix.elfhosted.com/static/assets/fonts/ 10 KB
5 KB 100ms
99ms Fetch
font/otf 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/fonts/MaterialIcons-Regular.otf
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 033ef573b9df101e7d5c6e6fe407389c614157d1b89fb0390b7b29455a69a5b7

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2046634a83d9d97ad9d48ac7c5cb7837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1F6a%2F8S4U50gdjIfCZl3Y3Le3%2F6NWIzQXYtIsnUnV4PeIaLyzTYrOelrxFEhqzPXnyBfIvVUHAWm%2FHP6nplBABDjUXJRk99Gvpk8Nd6nOeVOnLdoSkG1ny9GQY9%2FHfdrUzkbRURT9f18yhiSg1FPjN6MJYVc"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
cache-control: max-age=14400
cf-ray: 8a37fdcaf84c2bca-FRA

GET
H2 200 CupertinoIcons.ttf Show response
cyberflix.elfhosted.com/static/assets/packages/cupertino_icons/assets/ 2 KB
2 KB 206ms
205ms Fetch
font/ttf 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa5be1a333978d379d27f9897616419577dbf3fce39742237656a16230fbb38e

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:41 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"230a096d951fe989fcfc8c6e06746f56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A04BRx0K%2BomKof5QIMqYAclAkrBZsyNmXeHHcPkuVNUsvkLJEtmR782S93ILv1H0Gnw7KTJq3TJaUxZeaK%2FHHdR%2Bkv5i1hb9DqK4tZabPkrdsMzBUYev0652StDX9hjKpv%2Fyhs%2FgpO6l%2F8hY8OONM35hDS0H"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 8a37fdcaf8502bca-FRA

GET
H2 200 KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response
fonts.gstatic.com/s/roboto/v20/ 167 KB
90 KB 208ms
88ms Fetch
font/ttf 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

Requested by

Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 04:28:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91230
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Jul 2025 04:28:33 GMT

GET
H3 200 canvaskit.wasm Show response
www.gstatic.com/flutter-canvaskit/c4cd48e186460b32d44585ce3c103271ab676355/chromium/ 5 MB
1 MB 106ms
81ms Fetch
application/wasm 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/c4cd48e186460b32d44585ce3c103271ab676355/chromium/canvaskit.wasm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/c4cd48e186460b32d44585ce3c103271ab676355/chromium/canvaskit.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f3.1e100.net

Software

sffe /

Resource Hash

f48a5148fbb35eea35ccbdbaa4cbf2f3bcffd1fa87cf6c21ac134e4a203914a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 14:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1519369
x-xss-protection: 0
last-modified: Wed, 17 Apr 2024 18:19:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: application/wasm
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Jul 2025 14:45:24 GMT

GET
H2 200 no_sleep.js Show response
cyberflix.elfhosted.com/static/assets/packages/wakelock_plus/assets/ 13 KB
5 KB 62ms
61ms Script
text/javascript 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/packages/wakelock_plus/assets/no_sleep.js
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce4eef0b197b640ad6aaab2228ee1ee7dccf8bd6d6b5de5484dd1bd16430a78

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9ea1ae20326c1846302c6847bac4cdea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PKubo%2Fd%2BN5Mhv8mbZ1ARoNzfsix%2F4RF6ADXVRzxEGaPLp%2FN3xgAbIjUPbUwjiAUq0o0THbyO7feZD79y0%2BJ16pJCGobTC2GB83B4f8k1i1Oo4QUM8aC7gEXFSexKdkOTGn0zGOVSd1f34LWLHyD%2FcVe1D1Q4"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8a37fdcefddd2bca-FRA

GET
H2 200 AssetManifest.bin.json Show response
cyberflix.elfhosted.com/static/assets/ 619 B
0 0ms
0ms Fetch
application/json 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/AssetManifest.bin.json
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b03a9aa0b7773a0d0d3aa6e09f1618b611b9920ab1554ec07c123bedb5e7e33

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a5867a7585535e9c28d85032649c708"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gnm9x7CM4m3w%2FN%2FXZf6i4FSn4vEBdyCfnlhlZE9BJzH2Wgd%2FX%2FfQJgOtd%2Fef0gL4rbCQ%2BA%2FagqZWFCImRHjmC%2B0Xv6gsQlDu%2BeaoX0aKHZ4gp4iDJoBcW1bF3jQO1vqaqulrLWOedsYMWau9ENVWA4QDxYXZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=14400
cf-ray: 8a37fdc2fd1e2bca-FRA

GET
H2 200 web_config.json Show response
cyberflix.elfhosted.com/ 13 KB
2 KB 31ms
30ms XHR
application/json 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/web_config.json
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e87efcc84e7565c2f970b9a14f3d855bf781b7bdf16fbe614eb077f2981b73a9

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJZKgSnzf%2FO742gEt3BR%2BIH0iomfsQO%2BcXeUuQTPHKLhwchvr4JPF0LP98UeIkEb8GRHRxFTE%2BGhlcyNXGdrC0nShU8KrFUaIWNqVoM6dCkrQ3%2BEjD3O0I1FxIctdRPrHUgQ5A2lezImkVD3pdgc%2FZixIWXh"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 8a37fdcf8ee22bca-FRA
access-control-allow-headers: *

GET
H3 200 endpoint Show response
img.shields.io/ 1 KB
1 KB 142ms
117ms XHR
image/svg+xml 172.67.173.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Felfhosted%2Fstatus.elfhosted.com%2Fmaster%2Fapi%2Fstremio-cyber-flix-addon%2Fuptime.json
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5fcbc9b4069f1120697fa9edf88dae91bc7c55f3a2d7be1bc2ba152cb6b1fee

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:42 GMT
via: 2 fly.io
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
fly-request-id: 01J2TM7QV3KGYAW0YBR9ZY2RGJ-fra
last-modified: Mon, 15 Jul 2024 07:08:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NYb9NeQpWqkgV9C9Wczh3J2re61k4xyUlueQgVsKlc2DrBvoDGQjzIQ1CwBo0bCxvvQjxQJy6M65ho3eeV0Sw%2BMB6WQEazGyaHbqrhIHKdcDhESvcR5D%2FME0Q5yd%2BvDo0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300, s-maxage=300
cf-ray: 8a37fdd22a485c50-FRA
expires: Mon, 15 Jul 2024 07:25:42 GMT

GET
H2 200 kofi.png Show response
cyberflix.elfhosted.com/static/assets/assets/ 1 KB
2 KB 156ms
156ms Fetch
image/png 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/assets/kofi.png
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88a9f83a2c9c60bc7f704b3d86769bd294ac7e4937ef5ad0859e42e37c24ddd

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:42 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2424
etag: "93f74a9172a53f1da27f0ea6292958a7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBZY7AU4PMxQvoGuoC%2Bw0iDeLdtTWACmsGbjbclUKpEmdC2gk1pJ1oGN94P6hFFMeUFtT7sCaocecLSfsTAuwoJpsYEeQsbf%2BnG9T45wTNQDPraZ2B13Lvcp4vQh%2BPkYCVMlqaIil2vOZhduc78GMMbwTMcP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a37fdd2ac092bca-FRA
content-length: 1379

GET
H2 200 bg_image.jpeg Show response
cyberflix.elfhosted.com/static/assets/assets/ 331 KB
331 KB 35ms
35ms Fetch
image/jpeg 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/assets/bg_image.jpeg
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8feac2c840422816b3901d744e5cf4bc2a2d3e97c87b73027be55f341dca1e66

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:42 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
etag: "9b6918402572db590ad424b203e9551b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4E2FbqOFHS96dNuL9BAS%2B8KyeQ2%2FPW%2BWGjMk%2FSIOigsXJlwi9PvnxxBQv4XgK74jSd2FUcLVI8tY23hrCrPGDHrxv%2Bc2vpz0UdAlQ%2FNED2ok4x%2BGanvmrMPgDJ0v2rA5M2NiogE9mGh1Rb%2Fl4Zmmv5KU5Hcc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a37fdd2ac0d2bca-FRA
content-length: 338674

GET
H2 200 logo.png Show response
cyberflix.elfhosted.com/static/assets/assets/ 31 KB
31 KB 113ms
113ms Fetch
image/png 2606:4700:20::681a:931
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberflix.elfhosted.com/static/assets/assets/logo.png
Requested by: Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:931 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9909f7e02d469e6debc19ae03f744a9d902facc51d3e8e1a55fdd0e6d161273d

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 07:20:42 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 15:33:53 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=39793
etag: "bb20470a6cb56ca3c44ea225366e9522"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=my8Ut0OeyXSGUVD5bED65Yx6g2Gcjr%2FAYGiqvqcFj9PZb8TEmPkbvj4ynAMk1NQNxm%2FgcDkAcO56XYA7AjXjFFMm9TpNTbeutSNqfNCjdrI6aqJpK68s6ygBk2959dKFkqC9XYfc7XcrEkJQ2izvD4e%2BFLkO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a37fdd2ac0e2bca-FRA
content-length: 31313

GET
H2 200 bMrnmSyK7YY-MEu6aWjPDs-ar6uWaGWuob-r0jwvS-FGJCMY.ttf Show response
fonts.gstatic.com/s/notoemoji/v47/ 858 KB
565 KB 33ms
33ms Fetch
font/ttf 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoemoji/v47/bMrnmSyK7YY-MEu6aWjPDs-ar6uWaGWuob-r0jwvS-FGJCMY.ttf

Requested by

Host: cyberflix.elfhosted.com
URL: https://cyberflix.elfhosted.com/static/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65fc21f6ad86acbe43c29f89ffc0dd77621709a517a50edd1370aa80230cc8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberflix.elfhosted.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 14:59:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578148
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:44:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 14:59:16 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cyberflix.elfhosted.com
fonts.gstatic.com
img.shields.io
www.gstatic.com
172.217.16.195
172.67.173.89
2606:4700:20::681a:931
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2003
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
033ef573b9df101e7d5c6e6fe407389c614157d1b89fb0390b7b29455a69a5b7
10a85cc2659df402db6fe85558ada27d51e9c8b03159f2dc13d43bc76855b6b2
21d4a1ad4601d893f2aa596be55eeda7907d1f82c88b69c4572637d26c9d41e5
2b03a9aa0b7773a0d0d3aa6e09f1618b611b9920ab1554ec07c123bedb5e7e33
65fc21f6ad86acbe43c29f89ffc0dd77621709a517a50edd1370aa80230cc8fb
8feac2c840422816b3901d744e5cf4bc2a2d3e97c87b73027be55f341dca1e66
9909f7e02d469e6debc19ae03f744a9d902facc51d3e8e1a55fdd0e6d161273d
a786f3cd40bdfe7cb7dd370191008e6fbc817a5af83beaa778637382ba25d6ba
aa5be1a333978d379d27f9897616419577dbf3fce39742237656a16230fbb38e
abb5c407db14908c2af56263bff34c683be228a5e22c384d7a6b852e731f466a
dce4eef0b197b640ad6aaab2228ee1ee7dccf8bd6d6b5de5484dd1bd16430a78
e5fcbc9b4069f1120697fa9edf88dae91bc7c55f3a2d7be1bc2ba152cb6b1fee
e87efcc84e7565c2f970b9a14f3d855bf781b7bdf16fbe614eb077f2981b73a9
e88a9f83a2c9c60bc7f704b3d86769bd294ac7e4937ef5ad0859e42e37c24ddd
ed7899cf1ba7169981ba66817b913f303bd7f8cfa8f99c9997ba98b4e404a00f
f3e59b0dc61ae2a24201b16e1833f3fcf2194d8d7c6276d30fb62746060f9a11
f48a5148fbb35eea35ccbdbaa4cbf2f3bcffd1fa87cf6c21ac134e4a203914a1

cyberflix.elfhosted.com Open in urlscan Pro 2606:4700:20::681a:931 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

60 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

2549 kBTransfer

9915 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

0 Cookies

Indicators

cyberflix.elfhosted.com Open in urlscan Pro
2606:4700:20::681a:931 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

2549 kB
Transfer

9915 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!