www.netflix.volkanoo.club Open in urlscan Pro
199.188.201.148 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.netflix.volkanoo.club/
Submission: On November 17 via automatic, source certstream-suspicious (November 17th 2020, 6:20:54 pm UTC)

Summary HTTP 22 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 199.188.201.148, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is www.netflix.volkanoo.club.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2020. Valid for: a year.

This is the only time www.netflix.volkanoo.club was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	199.188.201.148 199.188.201.148	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700:303... 2606:4700:3033::ac43:d079	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:9200:3:b5aa:ad80:21	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2600:9000:214... 2600:9000:214f:5a00:1a:60a5:c0c0:21	16509 (AMAZON-02) (AMAZON-02)
22	8

9 199.188.201.148 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server291-5.web-hosting.com

www.netflix.volkanoo.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::ac43:d079 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

geoip.nekudo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:9200:3:b5aa:ad80:21 (United States)

ASN16509 (AMAZON-02, US)

d13nu0oomnx5ti.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

drive.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

doc-0o-98-docs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:5a00:1a:60a5:c0c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1xkyo9j4r7vnn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	volkanoo.club www.netflix.volkanoo.club	111 KB
6	cloudfront.net d13nu0oomnx5ti.cloudfront.net d1xkyo9j4r7vnn.cloudfront.net	49 KB
4	nekudo.com 2 redirects geoip.nekudo.com	763 B
2	gstatic.com fonts.gstatic.com	18 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	76 KB
1	googleusercontent.com doc-0o-98-docs.googleusercontent.com	74 KB
1	google.com 1 redirects drive.google.com	958 B
1	googleapis.com fonts.googleapis.com	468 B
22	8

	Domain	Requested by
9	www.netflix.volkanoo.club	www.netflix.volkanoo.club
5	d1xkyo9j4r7vnn.cloudfront.net	d13nu0oomnx5ti.cloudfront.net
4	geoip.nekudo.com	2 redirects www.netflix.volkanoo.club
2	fonts.gstatic.com	fonts.googleapis.com
1	maxcdn.bootstrapcdn.com	www.netflix.volkanoo.club
1	doc-0o-98-docs.googleusercontent.com	www.netflix.volkanoo.club
1	drive.google.com	1 redirects
1	d13nu0oomnx5ti.cloudfront.net	www.netflix.volkanoo.club
1	fonts.googleapis.com	www.netflix.volkanoo.club
22	9

This site contains links to these domains. Also see Links.

Domain
free-netflix.site

Subject Issuer	Validity	Valid
netflix.volkanoo.club Sectigo RSA Domain Validation Secure Server CA	`2020-11-17` - `2021-11-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.netflix.volkanoo.club/
Frame ID: C18816220C0E1FA1B57A1A915EDA91D1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

22
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

328 kB
Transfer

621 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://free-netflix.site/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://geoip.nekudo.com/api?callback=geo HTTP 301
https://geoip.nekudo.com/shutdown

Request Chain 10

https://geoip.nekudo.com/api?callback=geo HTTP 301
https://geoip.nekudo.com/shutdown

Request Chain 11

https://drive.google.com/uc?id=1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ HTTP 302
https://doc-0o-98-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fnqi541q2pumco445pqomq34csi4lngb/1605637200000/14167946795487961995/*/1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.netflix.volkanoo.club/ 6 KB
2 KB 517ms
173ms Document
text/html 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: 2eeb7cafad9561a494830b9eed8586027817c5ae3cacdae21b42ae293afd426b

Request headers

:method: GET
:authority: www.netflix.volkanoo.club
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 17 Nov 2020 18:20:36 GMT
server: Apache
last-modified: Tue, 17 Nov 2020 18:20:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2389
content-type: text/html

GET
H2 200 _bower.css
www.netflix.volkanoo.club/css/ 114 KB
19 KB 339ms
336ms Stylesheet
text/css 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/css/_bower.css
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: 06afaf9777dfd02addafdee0800c9cd992e5d1f20b9da2234935b42ccbc2ed07

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 09:23:00 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 19713

GET
H2 200 font-awesome.min.css
www.netflix.volkanoo.club/css/maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 31 KB
7 KB 342ms
339ms Stylesheet
text/css 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/css/maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: 0153350ce5ace94708d5b44dc2361ae8b0c6e8abe391723cef8f62985b2db419

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 11:32:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 7080

GET
H2 200 style.css
www.netflix.volkanoo.club/css/ 10 KB
3 KB 189ms
186ms Stylesheet
text/css 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/css/style.css
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: 189083154f91ef6cffba4abe2bd4c741c59eb3cb59ec28831afb6c2e1dacd105

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 00:48:08 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2525

GET
H2 200 css2
fonts.googleapis.com/ 721 B
468 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@700&display=swap

Requested by

Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91a314f0a24da224575549925e82f9a4055357d5d7c2d1159b0e6af99a534384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 17 Nov 2020 18:20:36 GMT
server: ESF
date: Tue, 17 Nov 2020 18:20:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Nov 2020 18:20:36 GMT

GET
H2

404

shutdown
geoip.nekudo.com/
Redirect Chain

https://geoip.nekudo.com/api?callback=geo
https://geoip.nekudo.com/shutdown

0
0

13ms
13ms

Script
application/json

2606:4700:3033::ac43:d079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.nekudo.com/shutdown
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 17 Nov 2020 18:20:36 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0ATSjc6P940Apl6O%2FcqLhFQGofeICGo9LuPH884wFJX%2Bqxi2HqaIbg1AMN3bh32N4vS02HJFYevZcSmaAPs4GltcdpgAo%2F9kff98ywoxnicuNaZ6FOMtYwv9KFOO"}],"group":"cf-nel","max_age":604800}
location: https://geoip.nekudo.com/shutdown
cache-control: max-age=3600
cf-ray: 5f3b77782e372c4a-FRA
cf-request-id: 067908ff1400002c4af3393000000001
expires: Tue, 17 Nov 2020 19:20:36 GMT

GET
H2 200 top-logo.html
www.netflix.volkanoo.club/img/ 315 B
315 B 445ms
444ms Image
text/html 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netflix.volkanoo.club/img/top-logo.html
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Tue, 17 Nov 2020 18:20:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
status: 200
accept-ranges: bytes
content-length: 238

GET
H2 200 210fd2a.js Show response
d13nu0oomnx5ti.cloudfront.net/ 23 KB
23 KB 382ms
350ms Script
application/javascript 2600:9000:2127:9200:3:b5aa:ad80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d13nu0oomnx5ti.cloudfront.net/210fd2a.js
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9200:3:b5aa:ad80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae1df32f028cc1ab83471711b69773c079ad4fe2bb80cc510e5a1c7d15de5831

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 09:01:58 GMT
via: 1.1 a198ea04052d45eb515f27260bc6c05d.cloudfront.net (CloudFront)
last-modified: Sun, 25 Oct 2020 08:49:21 GMT
server: AmazonS3
age: 88759
etag: "4a024ce4e4ffe91521f5d82d02dd2588"
x-cache: Error from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: PRG50-C1
content-length: 23439
x-amz-cf-id: CHtLVQwnehsoLQJbXR6iteDi6tyq_zMhmi9CnSE1GxDY7hBOXgvogw==

GET
H2 200 _bower.js Show response
www.netflix.volkanoo.club/js/ 128 KB
41 KB 185ms
185ms Script
application/javascript 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/js/_bower.js
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: a592900a843de403fe737d53c67a186eef5b025677f64a389d16c1c6dd5068f6

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 11:33:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 41988

GET
H2 200 chance.min.js Show response
www.netflix.volkanoo.club/css/cdnjs.cloudflare.com/ajax/libs/chance/1.0.4/ 117 KB
37 KB 445ms
445ms Script
application/javascript 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/css/cdnjs.cloudflare.com/ajax/libs/chance/1.0.4/chance.min.js
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: 4f9ab988aca3e1f77328c2848a1b42efc98e05a9a69102e0232ccf66f7eb80ed

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 11:32:56 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 37373

GET
H2 200 scripts.js Show response
www.netflix.volkanoo.club/js/ 667 B
563 B 444ms
444ms Script
application/javascript 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.netflix.volkanoo.club/js/scripts.js
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: cd3aa49662ad918796d633b400c4251fcce47a232a584cf06f3bec1a2502fd16

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 11:33:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 406

GET
H2

404

shutdown
geoip.nekudo.com/
Redirect Chain

https://geoip.nekudo.com/api?callback=geo
https://geoip.nekudo.com/shutdown

0
0

14ms
13ms

Script
application/json

2606:4700:3033::ac43:d079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.nekudo.com/shutdown
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:d079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 17 Nov 2020 18:20:36 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xH2FZCixNnoLZqr2sX9bepCf0%2F%2BGDUvDZqxxAYrC%2BWj%2FIK2adMkcuhAxW91EdMAiXB66%2F6KOM%2BNI37CodlmHQjRMELZFOa6BsvysNdQD2TI1iFiHFDvuA36XvBpV"}],"group":"cf-nel","max_age":604800}
location: https://geoip.nekudo.com/shutdown
cache-control: max-age=3600
cf-ray: 5f3b777a3c3d2c4a-FRA
cf-request-id: 067909006200002c4a310d5000000001
expires: Tue, 17 Nov 2020 19:20:36 GMT

GET
H2

200

1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ
doc-0o-98-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fnqi541q2pumco445pqomq34csi4lngb/1605637200000/14167946795487961995/*/
Redirect Chain

https://drive.google.com/uc?id=1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ
https://doc-0o-98-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fnqi541q2pumco445pqomq34csi4lngb/1605637200000/14167946795487961995/*/1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ

72 KB
74 KB

401ms
380ms

Image
image/jpeg

2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doc-0o-98-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fnqi541q2pumco445pqomq34csi4lngb/1605637200000/14167946795487961995/*/1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c3991727c56bf16a5e42e4a66cf08a9cc93814115e592c54712543ab93d703cf

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:37 GMT
access-control-allow-methods: GET,OPTIONS
server: UploadServer
access-control-allow-headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, X-Goog-Api-Key, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities
status: 200
x-guploader-uploadid: ABg5-Ux6pPqLsDvUXyL2j1YvHWQbjCnaf_RD-DYExooWCFjbjW9BJ2yPZCLz-LCqvV5v1FdSSWJ4SJzPwXvVyonjheDY4mipUg
x-goog-hash: crc32c=pYkcbw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: false
content-disposition: inline;filename="Background5.jpg";filename*=UTF-8''Background5.jpg
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73625
expires: Tue, 17 Nov 2020 18:20:37 GMT

Redirect headers

date: Tue, 17 Nov 2020 18:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 302
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 305
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://doc-0o-98-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/fnqi541q2pumco445pqomq34csi4lngb/1605637200000/14167946795487961995/*/1AQrLEzYbJ5huhca08l0kigKh2XzQiMQQ
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-yj9yjg9EfrQ2DCHlqzQHVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/drive-explorer/
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrRpiZtK6GwN9w.woff2
fonts.gstatic.com/s/tajawal/v3/ 8 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrRpiZtK6GwN9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c31422dc22d89f10b886829058f1f77ddfc42e612b29724c8fbef5a3fbaf0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.netflix.volkanoo.club
Referer: https://fonts.googleapis.com/css2?family=Tajawal:wght@700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 13 Nov 2020 08:41:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:34:12 GMT
server: sffe
age: 380355
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8588
x-xss-protection: 0
expires: Sat, 13 Nov 2021 08:41:21 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 9ms
8ms Font
font/woff2 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/css/maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.netflix.volkanoo.club
Referer: https://www.netflix.volkanoo.club/css/maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
status: 200
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 77171

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrFpiZtK6Gw.woff2
fonts.gstatic.com/s/tajawal/v3/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiZtK6Gw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

787b7bce556b3b4b3155465e11a53dcbcea6d1545581538906df7618a2dac742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.netflix.volkanoo.club
Referer: https://fonts.googleapis.com/css2?family=Tajawal:wght@700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 11:24:18 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 03:34:09 GMT
server: sffe
age: 24978
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9952
x-xss-protection: 0
expires: Wed, 17 Nov 2021 11:24:18 GMT

GET
H2 200 html.1153240.64881.0.js Show response
d1xkyo9j4r7vnn.cloudfront.net/public/external/v2/ 17 KB
17 KB 189ms
164ms Script
application/javascript 2600:9000:214f:5a00:1a:60a5:c0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/external/v2/html.1153240.64881.0.js
Requested by: Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/210fd2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5a00:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.28
Resource Hash: 63078c40f079be8d70c0c2e57233ab095fe19f152fcf151c25846667eb2e9655

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:37 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: FRA53-C1
x-powered-by: PHP/7.2.28
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: RSn8moZ19alNPUF5c-aqAguX0ogIv_qIk0dNagOBflv6lkjSTEyE1w==

GET
H2 200 css_front.css
d1xkyo9j4r7vnn.cloudfront.net/public/external/ 6 KB
7 KB 184ms
159ms Stylesheet
text/css 2600:9000:214f:5a00:1a:60a5:c0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/external/css_front.css
Requested by: Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/210fd2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5a00:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:37 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 20:06:50 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: FRA53-C1
etag: "19c4-5a8c5e6567f21"
x-cache: Miss from cloudfront
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 6596
x-amz-cf-id: qtEg5Cl7-Kc_v4f2w4hvaAEMr9J5oKO7BYGvpi2B-d96dvZIdD4zhw==

GET
H2 200 css.css
d1xkyo9j4r7vnn.cloudfront.net/public/clockers/PrimeApps/ 1010 B
1 KB 159ms
159ms Stylesheet
text/css 2600:9000:214f:5a00:1a:60a5:c0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/clockers/PrimeApps/css.css
Requested by: Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/210fd2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5a00:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:37 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: FRA53-C1
etag: "3f2-5a2f7428ae907"
x-cache: Miss from cloudfront
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 1010
x-amz-cf-id: g5BYRKLeU8pWLy5jhmuMJCnF_cG0yHkDpiiajc3oazksBoZhTwNLEw==

GET
H2 404 background.jpg
www.netflix.volkanoo.club/img/ 315 B
315 B 170ms
170ms Image
text/html 199.188.201.148
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.netflix.volkanoo.club/img/background.jpg
Requested by: Host: www.netflix.volkanoo.club
URL: https://www.netflix.volkanoo.club/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.201.148 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server291-5.web-hosting.com
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 404
date: Tue, 17 Nov 2020 18:20:37 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 guid Show response
d1xkyo9j4r7vnn.cloudfront.net/public/ 0
278 B 163ms
163ms Script
text/html 2600:9000:214f:5a00:1a:60a5:c0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/guid?cpguid=8e8gq87gw&e=ll&t=1605637238214
Requested by: Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/210fd2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5a00:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.41 () OpenSSL/1.0.2k-fips / PHP/7.2.28
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:38 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
server: Apache/2.4.41 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: FRA53-C1
x-powered-by: PHP/7.2.28
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
status: 200
content-length: 0
x-amz-cf-id: ee9BZXtnUa6jEF3aPl22UTEzrz60npIlnNO5kzS8cE7NsyCZRpp72A==

GET
H2 200 check.php Show response
d1xkyo9j4r7vnn.cloudfront.net/public/external/ 78 B
361 B 166ms
165ms Script
application/javascript 2600:9000:214f:5a00:1a:60a5:c0c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/external/check.php?it=1153240&time=1605637239408
Requested by: Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/210fd2a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:5a00:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips / PHP/7.2.28
Resource Hash: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

Referer: https://www.netflix.volkanoo.club/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 17 Nov 2020 18:20:39 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront)
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
x-amz-cf-pop: FRA53-C1
x-powered-by: PHP/7.2.28
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: QQKFK_5yjKUjW5xibsUuvYqwg-7n9df8hRweQMnVuhbJhyAVETGB4A==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.netflix.volkanoo.club/	1970-01-19 14:15:01	Name: _cpguid Value: 8e8gq87gw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d13nu0oomnx5ti.cloudfront.net
d1xkyo9j4r7vnn.cloudfront.net
doc-0o-98-docs.googleusercontent.com
drive.google.com
fonts.googleapis.com
fonts.gstatic.com
geoip.nekudo.com
maxcdn.bootstrapcdn.com
www.netflix.volkanoo.club
199.188.201.148
2001:4de0:ac19::1:b:3b
2600:9000:2127:9200:3:b5aa:ad80:21
2600:9000:214f:5a00:1a:60a5:c0c0:21
2606:4700:3033::ac43:d079
2a00:1450:4001:80b::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2001
0153350ce5ace94708d5b44dc2361ae8b0c6e8abe391723cef8f62985b2db419
06afaf9777dfd02addafdee0800c9cd992e5d1f20b9da2234935b42ccbc2ed07
189083154f91ef6cffba4abe2bd4c741c59eb3cb59ec28831afb6c2e1dacd105
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2eeb7cafad9561a494830b9eed8586027817c5ae3cacdae21b42ae293afd426b
4f9ab988aca3e1f77328c2848a1b42efc98e05a9a69102e0232ccf66f7eb80ed
63078c40f079be8d70c0c2e57233ab095fe19f152fcf151c25846667eb2e9655
787b7bce556b3b4b3155465e11a53dcbcea6d1545581538906df7618a2dac742
91a314f0a24da224575549925e82f9a4055357d5d7c2d1159b0e6af99a534384
9c31422dc22d89f10b886829058f1f77ddfc42e612b29724c8fbef5a3fbaf0e9
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a592900a843de403fe737d53c67a186eef5b025677f64a389d16c1c6dd5068f6
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ae1df32f028cc1ab83471711b69773c079ad4fe2bb80cc510e5a1c7d15de5831
c3991727c56bf16a5e42e4a66cf08a9cc93814115e592c54712543ab93d703cf
cd3aa49662ad918796d633b400c4251fcce47a232a584cf06f3bec1a2502fd16
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.netflix.volkanoo.club Open in urlscan Pro 199.188.201.148 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

89 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

328 kBTransfer

621 kBSize

1 Cookies

1 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

1 Cookies

Indicators

www.netflix.volkanoo.club Open in urlscan Pro
199.188.201.148 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

328 kB
Transfer

621 kB
Size

1
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!