www.netflixaccess.xyz Open in urlscan Pro
148.66.138.117 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.netflixaccess.xyz/
Effective URL:
https://www.netflixaccess.xyz/
Submission Tags: phishing spamreports malicious Search All
Submission: On December 22 via api (December 22nd 2020, 7:25:50 pm UTC) from BG

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 23 HTTP transactions. The main IP is 148.66.138.117, located in Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.netflixaccess.xyz.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 22nd 2020. Valid for: 3 months.

This is the only time www.netflixaccess.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	148.66.138.117 148.66.138.117	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2a02:6ea0:c70... 2a02:6ea0:c700::3	60068 (CDN77) (CDN77)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::681b:8f33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
7	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
23	8

5 148.66.138.117 (Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

www.netflixaccess.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::3 (Germany)

ASN60068 (CDN77, GB)

maxst.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::681b:8f33 (United States)

ASN13335 (CLOUDFLARENET, US)

www.searchpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:86c0:2090::1 (United Kingdom)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	101 KB
5	netflixaccess.xyz 1 redirects www.netflixaccess.xyz	19 KB
4	nflxext.com assets.nflxext.com	526 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	icons8.com maxst.icons8.com	110 KB
1	gstatic.com fonts.gstatic.com	11 KB
1	searchpng.com www.searchpng.com	5 KB
23	7

	Domain	Requested by
7	ka-f.fontawesome.com	kit.fontawesome.com www.netflixaccess.xyz
5	www.netflixaccess.xyz	1 redirects www.netflixaccess.xyz
4	assets.nflxext.com	www.netflixaccess.xyz
3	fonts.googleapis.com	www.netflixaccess.xyz
2	maxst.icons8.com	www.netflixaccess.xyz maxst.icons8.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.searchpng.com	www.netflixaccess.xyz
1	kit.fontawesome.com	www.netflixaccess.xyz
23	8

This site contains no links.

Subject Issuer	Validity	Valid
netflixaccess.xyz ZeroSSL RSA Domain Secure Site CA	`2020-12-22` - `2021-03-22`	3 months	crt.sh
*.icons8.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-13` - `2022-05-13`	2 years	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-24` - `2021-09-24`	a year	crt.sh
*.1.nflxso.net DigiCert SHA2 Secure Server CA	`2020-12-16` - `2021-01-17`	a month	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.netflixaccess.xyz/
Frame ID: 02E02E00D8677A0641304123378BE5E9
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.netflixaccess.xyz/ HTTP 302
https://www.netflixaccess.xyz/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

774 kB
Transfer

932 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.netflixaccess.xyz/ HTTP 302
https://www.netflixaccess.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.netflixaccess.xyz/
Redirect Chain

http://www.netflixaccess.xyz/
https://www.netflixaccess.xyz/

14 KB
3 KB

1061ms
198ms

Document
text/html

148.66.138.117
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.117 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: e6bc3fecc8d997c9d95ad78a5148b599969d2780885d7699dfb025f8199e3634

Request headers

:method: GET
:authority: www.netflixaccess.xyz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
server: Apache
last-modified: Tue, 22 Dec 2020 19:25:33 GMT
etag: W/"902000a-372d-5b71c0c20d980-gzip"
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3194
content-type: text/html

Redirect headers

Date: Tue, 22 Dec 2020 19:25:32 GMT
Server: Apache
Location: https://www.netflixaccess.xyz/
Content-Length: 214
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 404 style.css
www.netflixaccess.xyz/ 0
0 190ms
188ms Stylesheet
text/html 148.66.138.117
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflixaccess.xyz/style.css
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.117 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 404 mediaquery.css
www.netflixaccess.xyz/ 0
0 190ms
189ms Stylesheet
text/html 148.66.138.117
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflixaccess.xyz/mediaquery.css
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.117 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 line-awesome.min.css
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/ 88 KB
15 KB 126ms
32ms Stylesheet
text/css 2a02:6ea0:c700::3
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: 3fzppeVMW+A=
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 2015689
x-77-nzt: AcO1rzJcQkLvycEeAA==
last-modified: Wed, 25 Nov 2020 07:41:34 GMT
server: CDN77-Turbo
etag: W/"15e81-175fe59b7b0"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-edge-ip: 195.181.175.50
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 29 Dec 2020 11:30:44 GMT

GET
H2 200 bc3a1796c2.js Show response
kit.fontawesome.com/ 10 KB
4 KB 73ms
43ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/bc3a1796c2.js

Requested by

Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2838b9288aadcf67249648110defafc78d4a9799eb83cacd9d7792e8d3be6374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://www.netflixaccess.xyz
Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
content-encoding: gzip
vary: origin, accept-encoding
cf-cache-status: MISS
strict-transport-security: max-age=31536000; preload
cf-request-id: 072d8308db0000c29534991000000001
x-request-id: FlMgamlRcHHnTRsFKhri
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
cf-ray: 605c3abafd33c295-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 css
fonts.googleapis.com/ 2 KB
657 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans&display=swap

Requested by

Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d16b66547b311d91229d2d1e0411d798cb89b2d8d581159272542e3c27f93af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 19:16:48 GMT
server: ESF
date: Tue, 22 Dec 2020 19:25:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Dec 2020 19:25:33 GMT

GET
H2 200 Netflix-Logo-PNG-image-200x200.png
www.searchpng.com/wp-content/uploads/2019/02/ 5 KB
5 KB 38ms
12ms Image
image/png 2606:4700:3030::681b:8f33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.searchpng.com/wp-content/uploads/2019/02/Netflix-Logo-PNG-image-200x200.png
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:8f33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb790dfa3ca69f7b33d3a2cc2ce484010c0fa14dc95e927c1bd225c8335da347

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
cf-cache-status: HIT
last-modified: Sat, 23 Feb 2019 15:52:06 GMT
server: cloudflare
age: 3855
etag: "1271-58291b076d580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UotNyzGLuzfaHVc52CA%2FgfLcIZ8Dtp1%2Bur%2BkBAxJG4ZEdU%2FyXKZroktXi6W1fralai6AyAoRpPiGAc37EzRJEKJoLwFtnP0d3wILDlMLPAd1sXImv885%2BoryeZMPXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
nel: {"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 605c3abc1e01325c-FRA
content-length: 4721
cf-request-id: 072d8309940000325cd3abe000000001

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 24ms
5ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 19:25:33 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: public, max-age=1700
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Thu, 03 Sep 2020 01:50:13 GMT

GET
H/1.1 200
OK mobile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 54 KB
54 KB 27ms
13ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile.png
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 24a2e51bf939ff378c486b2d65ad70f0dd67651de2a665bbcb05d70d896f714b

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 19:25:33 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: D/pOz1bs36sdCL8yFEB/IQ==
Content-Type: image/png
Cache-Control: public, max-age=4505
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55121
Expires: Tue, 22 Dec 2020 19:24:04 GMT

GET
H/1.1 200
OK device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 21ms
5ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 19:25:33 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: public, max-age=13984
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Mon, 24 Aug 2020 16:35:01 GMT

GET
H2 200 4.PNG
www.netflixaccess.xyz/img/ 15 KB
15 KB 188ms
187ms Image
image/png 148.66.138.117
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netflixaccess.xyz/img/4.PNG
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.66.138.117 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 61b46762a8da99533953f9adcfceeef6324ed24e292ab4494733514ff6d8fc7d

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
last-modified: Tue, 22 Dec 2020 19:25:33 GMT
server: Apache
accept-ranges: bytes
etag: W/"9020087-3d03-5b71bdf2fb900"
content-length: 15619
content-type: image/png

OPTIONS
H2 200 free.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 0
0 41ms
22ms Other 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://www.netflixaccess.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: M8g1Fo_hEYkI-sRD1S18UYyYbG-CONpZd4swfDebSVkSY1DUGhekMA==
age: 46100
cf-cache-status: DYNAMIC
cf-request-id: 072d8309900000dfbb61957000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qJKP4NX58lmy0ZK2PHjQsUs5GFjQiDvxp10PyNzrDw%2BKC7Q%2FDue8V8rPfS%2FabkkVuFgy6mPupfSEGwi9SEx%2BvbqOcg0ptLqu4n0qX9Fbor0qddHfapziXFJj%2BayGTOJwGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 605c3abc1d81dfbb-FRA

OPTIONS
H2 200 free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 0
0 42ms
23ms Other 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://www.netflixaccess.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: suudszw7vn5kcJAJhw978by7wsuSvFKo1GJfFIBf56jqmknlUEWRKw==
age: 57455
cf-cache-status: DYNAMIC
cf-request-id: 072d8309910000dfbb5aacc000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EIL2jAmLLezO57vfPcOHO74AHHih%2FVfw36XvJ09sZIPXKsbLZ3SnWvLC%2BAV59wCIPqPTURDUgDri3mf7d01HT%2FZv80yZ%2FcjEFH1nngFE1sMXX3ZKorjcNpILrcHmWiGRjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 605c3abc1d85dfbb-FRA

OPTIONS
H2 200 free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.1/css/ 0
0 34ms
16ms Other 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Protocol: H2
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: fa-kit-token
Origin: https://www.netflixaccess.xyz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
x-cache: Hit from cloudfront
via: 1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Qk6dYbaOthJkP_rj-Dm3Y0VWun-4e9ecXepnadMWu7PhtoG4t1rOjg==
age: 64821
cf-cache-status: DYNAMIC
cf-request-id: 072d8309910000dfbb98b99000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pBQ%2FEFCI%2B2simUOIjR8Y2v2LYwDF8FCwkzx3fX%2Fx%2BXfDJeFb%2FHIPgLKu3CO2pmlSD68ImDBdRvm%2FgWJXUCs089zt4l%2Bk%2Fda7zMujIUzM52sfKVgRxPsK2FpURMNeQgKObw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 605c3abc1d88dfbb-FRA

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 59 KB
13 KB 19ms
19ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bc3a1796c2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: bc3a1796c2

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3856
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 072d8309a70000dfbb7d1be000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"319d424ba89a84bbd230a3b5f7024193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g7YtMdkVQtX2X9mQJTjtJtKf%2FlQQJ6Sx5w%2Fss7siheDroyG4WgqUnyK%2Bwk7sH8jisKNr55wkXffWs2gOqPfH8Fd%2FR70Ygyik%2BUkwR0uaHYtypgqbKfbG1Ft7RwTZ2MLPLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C1
cf-ray: 605c3abc3db9dfbb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Jm9p8iIR-tUwtaT3fFPLWB1NoI1BN7NmKb7hSAVKn_Y_ENO0-In5DQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 26 KB
4 KB 17ms
17ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-shims.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bc3a1796c2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: bc3a1796c2

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3856
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 072d8309a90000dfbb23830000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"2e4c3da4eae1c876a281d6ca5a7a5b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vwDeGQb0%2BAI5ooU%2BNqyVK5fkhnnJStKJbZCWYK1mBWOrWF2M61p3TzC1WWwFbqTKvro4K3sTHSWFKMintzz3eGsEab8xpRDYIAzQc1NWJktG5haXvhPsp4jFwyA73viPYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 605c3abc4dc1dfbb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Fqvz5D599mm0qnn1caoPlygX4eb_CX9z0JF3IjCYtAwl8yfa8DexPg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.1/css/ 3 KB
1 KB 13ms
13ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/css/free-v4-font-face.min.css
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/bc3a1796c2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
fa-kit-token: bc3a1796c2

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3856
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
cf-request-id: 072d8309a10000dfbb61958000000001
last-modified: Wed, 14 Oct 2020 21:18:07 GMT
server: cloudflare
etag: W/"a59d3f1e8fae455f68a6cafb35ac4838"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JYpnC9AFQMixz7FQwJEcFINyfucJP6Wiw8owomvJ%2FRitVVM%2Bdea27SWr%2Fg5uDaIrlQQC9zh0gajFX5ETPKxzEcOr9WkMV%2FpCk7QsivtppnzHXzTxH81y1qtksdBIP3DvcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C1
cf-ray: 605c3abc3daddfbb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sMZVk6I3bu2LY0YbMmDZMzfX6DI4U4ObT7LO00tmz2JI825jPgveQw==

GET
H3-Q050 200 css
fonts.googleapis.com/ 1 KB
521 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Martel+Sans&display=swap

Requested by

Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f232b48d30cb2c25991da7d9e7aaee63ad1d885e8e50dd653cd344220833330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 19:25:33 GMT
server: ESF
date: Tue, 22 Dec 2020 19:25:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Dec 2020 19:25:33 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
576 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Dec 2020 19:18:29 GMT
server: ESF
date: Tue, 22 Dec 2020 19:25:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Dec 2020 19:25:33 GMT

GET
H/1.1 200
OK RS-en-20191230-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/a1dc92ca-091d-4ca9-a05b-8cd44bbfce6a/f9368347-e982-4856-a5a4-396796381f28/ 326 KB
326 KB 161ms
147ms Image
image/jpeg 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/a1dc92ca-091d-4ca9-a05b-8cd44bbfce6a/f9368347-e982-4856-a5a4-396796381f28/RS-en-20191230-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United Kingdom, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: caa7e6ee76a0b513ee74be2a611a5a6492a8d089e872e0b01b65104e5ed91255

Request headers

Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 19:25:33 GMT
Last-Modified: Wed, 01 Jan 2020 19:12:13 GMT
Server: nginx
Content-MD5: 1ifhwMyAMacJBVbqKjmstA==
Content-Type: image/jpeg
Cache-Control: public, max-age=9260
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 333416
Expires: Tue, 22 Dec 2020 21:59:53 GMT

GET
H2 200 la-solid-900.woff2
maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/ 94 KB
95 KB 98ms
31ms Font
font/woff2 2a02:6ea0:c700::3
CDN77

General

Check archive.org

Show headers Download Go to

Full URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/fonts/la-solid-900.woff2
Requested by: Host: maxst.icons8.com
URL: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb

Request headers

Origin: https://www.netflixaccess.xyz
Referer: https://maxst.icons8.com/vue-static/landings/line-awesome/line-awesome/1.3.0/css/line-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
x-77-nzt-ray: KoFqpL/cZL8=
x-edge-pop: frankfurtDE
x-cache: HIT
x-age: 2015687
content-length: 96752
x-77-nzt: AcO1rzKLjqvvx8EeAA==
last-modified: Wed, 25 Nov 2020 07:41:34 GMT
server: CDN77-Turbo
etag: W/"179f0-175fe59b7b0"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
x-edge-ip: 195.181.175.50
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 29 Dec 2020 11:30:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.netflixaccess.xyz
Referer: https://fonts.googleapis.com/css?family=Roboto&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 7508
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 22 Dec 2021 17:20:25 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.1/webfonts/ 78 KB
79 KB 24ms
24ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.netflixaccess.xyz
URL: https://www.netflixaccess.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d

Request headers

Origin: https://www.netflixaccess.xyz
Referer: https://www.netflixaccess.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:25:33 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3856
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
content-length: 80284
cf-request-id: 072d8309ec0000dfbbb13da000000001
last-modified: Wed, 14 Oct 2020 21:22:07 GMT
server: cloudflare
etag: "5bc7518675e40f7be7ce3704db73b1c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Utw5Seq%2BpGOvbI0E35U0vwtgMuOUal2UfwaWuhjUeNw%2F72pKf4HDUwcjrbF4z2IacJc6CMeh9pNakxsefeVCxopyJ7HpiLb0Zzvc0aCK12BIAZUOHAdP6l5AYQNyycq%2Bvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
cf-ray: 605c3abcae70dfbb-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: jX5hW6mZ4myfj6U0LgAr2RmzlHmx2BT0jNiQ_VAN0aXNeFTmMpxQag==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
maxst.icons8.com
www.netflixaccess.xyz
www.searchpng.com
148.66.138.117
2606:4700:3030::681b:8f33
2606:4700::6812:1634
2606:4700:e6::ac40:cb1c
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a00:86c0:2090::1
2a02:6ea0:c700::3
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
1d16b66547b311d91229d2d1e0411d798cb89b2d8d581159272542e3c27f93af
24a2e51bf939ff378c486b2d65ad70f0dd67651de2a665bbcb05d70d896f714b
2838b9288aadcf67249648110defafc78d4a9799eb83cacd9d7792e8d3be6374
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590
4f232b48d30cb2c25991da7d9e7aaee63ad1d885e8e50dd653cd344220833330
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
61b46762a8da99533953f9adcfceeef6324ed24e292ab4494733514ff6d8fc7d
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
a430a3f10ce490ee3be6f3159a368b22de00eb7089b4f7980e7de5bf943ad1d4
b581327920e94c6db70647af17178ddca6ecf0c6c0a4e7ccf1b676c5a8a9163b
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
caa7e6ee76a0b513ee74be2a611a5a6492a8d089e872e0b01b65104e5ed91255
cb790dfa3ca69f7b33d3a2cc2ce484010c0fa14dc95e927c1bd225c8335da347
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
cfff9ea502195a7b96fe38deca9188a59b758deeecc2cd4e78aea7d911e638c6
e6bc3fecc8d997c9d95ad78a5148b599969d2780885d7699dfb025f8199e3634

www.netflixaccess.xyz Open in urlscan Pro 148.66.138.117 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

88 %IPv6

7 Domains

8 Subdomains

8 IPs

4 Countries

774 kBTransfer

932 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

www.netflixaccess.xyz Open in urlscan Pro
148.66.138.117 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

774 kB
Transfer

932 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!