ic-cite.ulm.ac.id Open in urlscan Pro
103.195.91.180 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ic-cite.ulm.ac.id/neflix64r45899484890-check
Effective URL:
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en
Submission: On September 16 via manual (September 16th 2021, 10:12:23 pm UTC) from GB — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 103.195.91.180, located in Indonesia and belongs to QWORDS-AS-ID PT Qwords Company International, ID. The main domain is ic-cite.ulm.ac.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 10th 2021. Valid for: 3 months.

This is the only time ic-cite.ulm.ac.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address		AS Autonomous System
5 19	103.195.91.180 103.195.91.180		58404 (QWORDS-AS...) (QWORDS-AS-ID PT Qwords Company International)
6	45.57.91.1 45.57.91.1		40027 (NETFLIX-ASN) (NETFLIX-ASN)
21	3

19 103.195.91.180 (Indonesia) 5 redirects

ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID)
PTR: server.ulm.ac.id

ic-cite.ulm.ac.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.57.91.1 (United States)

ASN40027 (NETFLIX-ASN, US)
PTR: occ.a.nflxso.net

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ulm.ac.id 5 redirects ic-cite.ulm.ac.id	225 KB
6	nflxext.com assets.nflxext.com	74 KB
0	liluzi.cf Failed liluzi.cf Failed
21	3

	Domain	Requested by
19	ic-cite.ulm.ac.id	5 redirects ic-cite.ulm.ac.id
6	assets.nflxext.com	ic-cite.ulm.ac.id
0	liluzi.cf Failed	ic-cite.ulm.ac.id
21	3

This site contains no links.

Subject Issuer	Validity	Valid
ic-cite.ulm.ac.id cPanel, Inc. Certification Authority	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.1.nflxso.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-05` - `2021-10-07`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en
Frame ID: 1CF5CCC287DF4C36F25C6B3EEB715D2D
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Page URL History Show full URLs

http://ic-cite.ulm.ac.id/neflix64r45899484890-check HTTP 301
https://ic-cite.ulm.ac.id/neflix64r45899484890-check HTTP 301
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/ HTTP 302
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00 HTTP 301
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/ HTTP 302
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?c... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

299 kB
Transfer

709 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ic-cite.ulm.ac.id/neflix64r45899484890-check HTTP 301
https://ic-cite.ulm.ac.id/neflix64r45899484890-check HTTP 301
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/ HTTP 302
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00 HTTP 301
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/ HTTP 302
https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request AccBilling.php Show response ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/ Redirect Chain http://ic-cite.ulm.ac.id/neflix64r45899484890-check https://ic-cite.ulm.ac.id/neflix64r45899484890-check https://ic-cite.ulm.ac.id/neflix64r45899484890-check/ https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00 https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/ https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en	16 KB 3 KB	230ms 230ms	Document text/html	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `ab27b76ccf8e5e3438cdf1c8f60f5bd2909ab8036ebb2420fe7bcae6694ee677` Request headers :method GET :authority ic-cite.ulm.ac.id :scheme https :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 16 Sep 2021 22:12:16 GMT server Apache expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-encoding gzip vary Accept-Encoding content-type text/html; charset=UTF-8 Redirect headers date Thu, 16 Sep 2021 22:12:15 GMT server Apache expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-encoding gzip vary Accept-Encoding set-cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5; path=/ location AccBilling.php?country=-&lang=en content-length 20 content-type text/html; charset=UTF-8
GET H2	200	bootstrap.min.css ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	147 KB 18 KB	250ms 249ms	Stylesheet text/css	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/bootstrap.min.css Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/bootstrap.min.css pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:13 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 18098
GET H2	200	font-awesome.min.css ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	30 KB 7 KB	643ms 641ms	Stylesheet text/css	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `7d3ed5e7e4c4aafe8c1f5d004e7eee33b5887117d2125848352a2cda86dd7ed0` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 6652
GET H2	200	warning.css ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	107 KB 17 KB	447ms 445ms	Stylesheet text/css	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/warning.css Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `ff1e4ce80d4ae75efd878dc003aeb0ca3cc32a5f45e5c92b2c73a7538c05ce83` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/warning.css pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 17586
GET H2	200	animate.css ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	23 KB 3 KB	644ms 642ms	Stylesheet text/css	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/animate.css Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/animate.css pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2770
GET H2	200	set1.css ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	19 KB 3 KB	644ms 643ms	Stylesheet text/css	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `7428226116458939688f6ddde1465ee479600dca4066272a28272d2501f35860` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2875
GET H2	200	jquery-3.1.1.slim.min.js Show response ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	95 KB 33 KB	644ms 643ms	Script application/javascript	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/jquery-3.1.1.slim.min.js Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `28cb3cf3a0253d7f0aecf2f52159dfc6cb9bca679a5011ff19cb30b9c52cbcfa` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/jquery-3.1.1.slim.min.js pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 33134
GET H2	200	tether.min.js Show response ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	24 KB 7 KB	643ms 642ms	Script application/javascript	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/tether.min.js Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/tether.min.js pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 7210
GET H2	200	bootstrap.min.js Show response ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	46 KB 11 KB	643ms 642ms	Script application/javascript	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/bootstrap.min.js Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/bootstrap.min.js pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 11485
GET H2	200	classie.js Show response ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	2 KB 679 B	643ms 642ms	Script application/javascript	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/classie.js Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `c4ea9310d72e37fe799d48ae3fc43dcb53e3db7c4ae13763d4c5b893f6ceb64b` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/classie.js pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 630
GET H2	200	jquery.CardValidator.js Show response ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	6 KB 2 KB	643ms 642ms	Script application/javascript	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/jquery.CardValidator.js Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `8802adf5641c1056fcf4feeeabb83be1b1e3724d9b460cecc791dfdd6422bc3b` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/jquery.CardValidator.js pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:16 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:13 GMT server Apache vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1949
GET H/1.1	200 OK	12_11_2014_icon_visa_37x25.png assets.nflxext.com/ffe/siteui/acquisition/payment/	859 B 1 KB	36ms 7ms	Image image/png	45.57.91.1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/payment/12_11_2014_icon_visa_37x25.png Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS occ.a.nflxso.net Software nginx / Resource Hash `7ed65da4bcdc5f0f68d20f2b489f2f1e4df6d5b1235ece01afd24624126be504` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 16 Sep 2021 22:12:19 GMT Last-Modified Wed, 10 Jul 2019 23:52:28 GMT Server nginx Content-MD5 InDyhjoqaXrupmtM5xGKHA== Content-Type image/png Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 859 Expires Thu, 23 Sep 2021 22:12:20 GMT
GET H/1.1	200 OK	10_18_2014_icon_master_37x25.png assets.nflxext.com/ffe/siteui/acquisition/payment/	833 B 1 KB	35ms 6ms	Image image/png	45.57.91.1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/payment/10_18_2014_icon_master_37x25.png Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS occ.a.nflxso.net Software nginx / Resource Hash `4958e4d47607004834b13d3c29d91f8c15b2ab2c488a15d9745a039e970f0bf3` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 16 Sep 2021 22:12:19 GMT Last-Modified Wed, 10 Jul 2019 23:52:28 GMT Server nginx Content-MD5 xwSU1ALetVNBhYpdQPEPWw== Content-Type image/png Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 833 Expires Thu, 23 Sep 2021 22:12:20 GMT
GET H/1.1	200 OK	10_18_2014_icon_amex_37x25.png assets.nflxext.com/ffe/siteui/acquisition/payment/	525 B 844 B	44ms 9ms	Image image/png	45.57.91.1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/payment/10_18_2014_icon_amex_37x25.png Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS occ.a.nflxso.net Software nginx / Resource Hash `cc5859d74f8cde62e1cdeeea341f85f9725d4f4398f58203aa1e5080faf1685a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 16 Sep 2021 22:12:19 GMT Last-Modified Wed, 10 Jul 2019 23:52:28 GMT Server nginx Content-MD5 XUIHbO4+/oKKw/K3EvF4SA== Content-Type image/png Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 525 Expires Thu, 23 Sep 2021 22:12:20 GMT
GET H/1.1	200 OK	10_18_2014_icon_discovery_37x25.png assets.nflxext.com/ffe/siteui/acquisition/payment/	886 B 1 KB	132ms 97ms	Image image/png	45.57.91.1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/payment/10_18_2014_icon_discovery_37x25.png Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS occ.a.nflxso.net Software nginx / Resource Hash `694668a605f294bff15137923aadc4576ef0fbc158f035e1bcedf521a6cf1fd8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 16 Sep 2021 22:12:20 GMT Last-Modified Wed, 10 Jul 2019 23:52:28 GMT Server nginx Content-MD5 ZQtXvGUVzsBCsNsR/RE3lA== Content-Type image/png Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 886 Expires Thu, 23 Sep 2021 22:12:21 GMT
GET H/1.1	200 OK	icon_DinersClub_37x25.png assets.nflxext.com/ffe/siteui/acquisition/payment/	843 B 1 KB	128ms 92ms	Image image/png	45.57.91.1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/payment/icon_DinersClub_37x25.png Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/set1.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS occ.a.nflxso.net Software nginx / Resource Hash `813476b0d963b74f5992b3feae7710e3be15826156c10eff208194612a839199` Request headers Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 16 Sep 2021 22:12:20 GMT Last-Modified Wed, 10 Jul 2019 23:52:28 GMT Server nginx Content-MD5 8EO5c748GLMeTdeKaWvukA== Content-Type image/png Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 843 Expires Thu, 23 Sep 2021 22:12:21 GMT
GET H2	200	sprites_cc_logos.png ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	24 KB 24 KB	207ms 206ms	Image image/png	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Show image Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/sprites_cc_logos.png Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a` Request headers :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/sprites_cc_logos.png pragma no-cache cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:17 GMT last-modified Thu, 16 Sep 2021 22:12:13 GMT server Apache accept-ranges bytes content-length 24180 content-type image/png
GET H/1.1	200 OK	nf-icon-v1-88.woff assets.nflxext.com/ffe/siteui/fonts/	69 KB 69 KB	34ms 7ms	Font font/woff	45.57.91.1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-88.woff Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/warning.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS occ.a.nflxso.net Software nginx / Resource Hash `ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a` Request headers Referer https://ic-cite.ulm.ac.id/ Origin https://ic-cite.ulm.ac.id Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 16 Sep 2021 22:12:19 GMT Last-Modified Fri, 27 Jan 2017 22:53:52 GMT Server nginx Content-MD5 ezBCotj2o1GiKPEVK1YDAg== Content-Type font/woff Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 70204 Expires Thu, 23 Sep 2021 22:12:20 GMT
GET H2	404	fontawesome-webfont.woff2 ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	0 0	430ms 430ms	Font text/html	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash Request headers sec-fetch-mode cors origin https://ic-cite.ulm.ac.id accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/fontawesome-webfont.woff2?v=4.7.0 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept / cache-control no-cache :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css :scheme https sec-fetch-site same-origin :method GET Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css Origin https://ic-cite.ulm.ac.id Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:17 GMT content-encoding gzip server Apache vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://ic-cite.ulm.ac.id/wp-json/>; rel="https://api.w.org/" expires Wed, 11 Jan 1984 05:00:00 GMT
GET		n1.png liluzi.cf/i/yts/	0 0

GET H2	200	fontawesome-webfont.woff ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/	96 KB 96 KB	209ms 209ms	Font font/woff	103.195.91.180 QWORDS-AS-ID PT Q...
General Check archive.org Show headers Download Go to Full URL https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/fontawesome-webfont.woff?v=4.7.0 Requested by Host: ic-cite.ulm.ac.id URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.195.91.180 , Indonesia, ASN58404 (QWORDS-AS-ID PT Qwords Company International, ID), Reverse DNS server.ulm.ac.id Software Apache / Resource Hash `ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07` Request headers sec-fetch-mode cors origin https://ic-cite.ulm.ac.id accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=cl9vcmk1tqcrphhm20h7m968f5 :path /neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/fontawesome-webfont.woff?v=4.7.0 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept / cache-control no-cache :authority ic-cite.ulm.ac.id referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css :scheme https sec-fetch-site same-origin :method GET Referer https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/font-awesome.min.css Origin https://ic-cite.ulm.ac.id Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 16 Sep 2021 22:12:17 GMT content-encoding br last-modified Thu, 16 Sep 2021 22:12:14 GMT server Apache vary Accept-Encoding content-type font/woff accept-ranges bytes content-length 98029

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: liluzi.cf
URL: https://liluzi.cf/i/yts/n1.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| Tether object| jQuery112202703432906098384 object| classie

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ic-cite.ulm.ac.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: cl9vcmk1tqcrphhm20h7m968f5

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en Message: Mixed Content: The page at 'https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/AccBilling.php?country=-&lang=en' was loaded over HTTPS, but requested an insecure element 'http://liluzi.cf/i/yts/n1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://liluzi.cf/i/yts/n1.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ic-cite.ulm.ac.id/neflix64r45899484890-check/cd63a3eec3319fd9c84c942a08316e00/assets/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
ic-cite.ulm.ac.id
liluzi.cf
liluzi.cf
103.195.91.180
45.57.91.1
28cb3cf3a0253d7f0aecf2f52159dfc6cb9bca679a5011ff19cb30b9c52cbcfa
4958e4d47607004834b13d3c29d91f8c15b2ab2c488a15d9745a039e970f0bf3
694668a605f294bff15137923aadc4576ef0fbc158f035e1bcedf521a6cf1fd8
7428226116458939688f6ddde1465ee479600dca4066272a28272d2501f35860
7d3ed5e7e4c4aafe8c1f5d004e7eee33b5887117d2125848352a2cda86dd7ed0
7ed65da4bcdc5f0f68d20f2b489f2f1e4df6d5b1235ece01afd24624126be504
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
813476b0d963b74f5992b3feae7710e3be15826156c10eff208194612a839199
8802adf5641c1056fcf4feeeabb83be1b1e3724d9b460cecc791dfdd6422bc3b
a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a
ab27b76ccf8e5e3438cdf1c8f60f5bd2909ab8036ebb2420fe7bcae6694ee677
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba892f7903e737d06c952be4ed3266746ed5e1090377fbc5d2ac975626c4533a
c4ea9310d72e37fe799d48ae3fc43dcb53e3db7c4ae13763d4c5b893f6ceb64b
cc5859d74f8cde62e1cdeeea341f85f9725d4f4398f58203aa1e5080faf1685a
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
ff1e4ce80d4ae75efd878dc003aeb0ca3cc32a5f45e5c92b2c73a7538c05ce83