urlscan.io logo urlscan.io
SecurityTrails logo

www-netflix.paperform.co Open in urlscan Pro
54.80.77.132  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.idealflatmate.co.uk/c/eJwVjcsOwiAQAL-m3CQsr5YDB5Pa_1hliUQKTV1TP9-azG2SmRQhTGoCUaJWMCkHCox21spxnu0tLDaMfjYBYLCqJMKaK_...
Effective URL: https://www-netflix.paperform.co/
Submission: On May 10 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 19 HTTP transactions. The main IP is 54.80.77.132, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www-netflix.paperform.co.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 24th 2018. Valid for: 2 years.
This is the only time www-netflix.paperform.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 54.200.184.29 16509 (AMAZON-02)
3 54.80.77.132 14618 (AMAZON-AES)
2 52.85.177.150 16509 (AMAZON-02)
2 172.217.18.170 15169 (GOOGLE)
1 52.95.131.9 16509 (AMAZON-02)
4 172.217.23.131 15169 (GOOGLE)
3 2.21.160.88 16625 (AKAMAI-AS)
2 172.217.21.238 15169 (GOOGLE)
1 151.101.14.110 54113 (FASTLY)
1 162.247.242.19 23467 (NEWRELIC-...)
19 9
1    54.200.184.29 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-184-29.us-west-2.compute.amazonaws.com
email.idealflatmate.co.uk
3    54.80.77.132 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-80-77-132.compute-1.amazonaws.com
www-netflix.paperform.co
2    52.85.177.150 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-177-150.fra6.r.cloudfront.net
duube1y6ojsji.cloudfront.net
2    172.217.18.170 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f10.1e100.net
fonts.googleapis.com
1    52.95.131.9 (Sydney, Australia)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
4    172.217.23.131 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f3.1e100.net
fonts.gstatic.com
3    2.21.160.88 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
res.cloudinary.com
2    172.217.21.238 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f238.1e100.net
www.google-analytics.com
1    151.101.14.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
Domain Requested by
4 fonts.gstatic.com duube1y6ojsji.cloudfront.net
3 res.cloudinary.com www-netflix.paperform.co
3 www-netflix.paperform.co www-netflix.paperform.co
duube1y6ojsji.cloudfront.net
2 www.google-analytics.com www-netflix.paperform.co
2 fonts.googleapis.com www-netflix.paperform.co
duube1y6ojsji.cloudfront.net
2 duube1y6ojsji.cloudfront.net www-netflix.paperform.co
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www-netflix.paperform.co
1 s3-ap-southeast-2.amazonaws.com duube1y6ojsji.cloudfront.net
1 email.idealflatmate.co.uk 1 redirects
19 10

This site contains links to these domains. Also see Links.

Domain
paperform.co
Subject Issuer Validity Valid
*.paperform.co
COMODO RSA Domain Validation Secure Server CA		 2018-04-24 -
2020-04-23		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www-netflix.paperform.co/
Frame ID: C8D4C7704928DB6B10A5C2708E36EE71
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://email.idealflatmate.co.uk/c/eJwVjcsOwiAQAL-m3CQsr5YDB5Pa_1hliUQKTV1TP9-azG2SmRQhTGoCUaJWMCkHCox21spxnu... HTTP 302
    https://www-netflix.paperform.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
  • env /^React$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i
Overall confidence: 100%
Detected patterns
  • env /^analytics$/i

Page Statistics

19
Requests

16 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

549 kB
Transfer

1493 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.idealflatmate.co.uk/c/eJwVjcsOwiAQAL-m3CQsr5YDB5Pa_1hliUQKTV1TP9-azG2SmRQhTGoCUaJWMCkHCox21spxnu0tLDaMfjYBYLCqJMKaK_KKTPLR5eclnjGbkdAnQK3vKSP6HHQCb8hZD8YFUeOTeXsP5jro5eQ4jksjzrV85YYb7bnv65k7ldhjabn_X40qrdS4y8I_AlkyGQ HTTP 302
    https://www-netflix.paperform.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www-netflix.paperform.co/
Redirect Chain
  • http://email.idealflatmate.co.uk/c/eJwVjcsOwiAQAL-m3CQsr5YDB5Pa_1hliUQKTV1TP9-azG2SmRQhTGoCUaJWMCkHCox21spxnu0tLDaMfjYBYLCqJMKaK_KKTPLR5eclnjGbkdAnQK3vKSP6HHQCb8hZD8YFUeOTeXsP5jro5eQ4jksjzrV85YYb7b...
  • https://www-netflix.paperform.co/
22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-netflix.paperform.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.80.77.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-80-77-132.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
105da7e72516e1c54ed58a936a9ad0c439125852e32fa1ca644f764e0febe67a

Request headers

Host
www-netflix.paperform.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C8D4C7704928DB6B10A5C2708E36EE71

Response headers

Server
nginx/1.10.3 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache
Date
Thu, 10 May 2018 13:25:26 GMT
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlpzRXRvcXRwRzM1dmtcL2F6elJPMGdRPT0iLCJ2YWx1ZSI6InI5QTMwVkRlazBUTUlBZGFneTM5KzJjd3c3ZGl6QlhmWTdacDNhWXBBTGlwUmdycGVQQ3NvQXY0RDFPUDFueWtmQ1lWZXZRXC8zWExxUjJ6amdLNlwvV1E9PSIsIm1hYyI6Ijc3OTQxODQ1MjNkODkyY2QwNDYyZGI3MDRjYmEzMmFmNzAzODdkZTViYTAxZjgxNTY3ZWU3MDJkZmQ2MTAxY2IifQ%3D%3D; expires=Thu, 17-May-2018 13:25:26 GMT; Max-Age=604800; path=/ laravel_session=eyJpdiI6IkNlREZuQ2hHTFBDU2lIcG9qVzJXK3c9PSIsInZhbHVlIjoiSmpOZTZvcFQ0ZlJIeFBaSktISmNhU1NEbkN4dHBqRHh3cDJ5aUFJZW1DRVVFdXJhU1Z2Y1dtWEdQVUlmcDhGQVwva3AyeG5jT2tvdmpNWTdXRWd4SmtnPT0iLCJtYWMiOiI4MTQxMjRjODU1NTUxNTZlNzZlOGVhZWE3ZWFkN2E2MjU0N2UyYTc3YTk0M2YwOWQxZWI5OTExNTkzNjRhODRiIn0%3D; expires=Thu, 17-May-2018 13:25:26 GMT; Max-Age=604800; path=/; HttpOnly
Content-Encoding
gzip

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 10 May 2018 13:25:26 GMT
Location
https://www-netflix.paperform.co/
Server
nginx
Content-Length
273
Connection
keep-alive
a17c483b615a562b764d.styles.css
duube1y6ojsji.cloudfront.net/ 		90 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.styles.css
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
52.85.177.150 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-150.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc0246910074465489dbcb9bfa93e5ae091b8953e457b8f001ef316b02c405ed

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 09 May 2018 02:36:41 GMT
content-encoding
gzip
last-modified
Wed, 09 May 2018 02:26:21 GMT
server
AmazonS3
age
125327
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=31536000, immutable
x-amz-cf-id
NpNRDJ3g_DAkIlGYKhYPDjFqukl89aCgUU6ppcRfvFKZlslrsfHSUQ==
via
1.1 fc8079312db6046d812ded83f2668ac6.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		1 KB
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700|Material+Icons
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
172.217.18.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f10.1e100.net
Software
ESF /
Resource Hash
5245fea10b68ff373b129817bdb75b71c8ae45adbf74711415f949970f31722c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:25:27 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 10 May 2018 13:25:27 GMT
Cookie set 2018-05-10-121418
www-netflix.paperform.co/css/form/183csz2g/ 		0
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-netflix.paperform.co/css/form/183csz2g/2018-05-10-121418
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.80.77.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-80-77-132.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www-netflix.paperform.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www-netflix.paperform.co/
Cookie
XSRF-TOKEN=eyJpdiI6IlpzRXRvcXRwRzM1dmtcL2F6elJPMGdRPT0iLCJ2YWx1ZSI6InI5QTMwVkRlazBUTUlBZGFneTM5KzJjd3c3ZGl6QlhmWTdacDNhWXBBTGlwUmdycGVQQ3NvQXY0RDFPUDFueWtmQ1lWZXZRXC8zWExxUjJ6amdLNlwvV1E9PSIsIm1hYyI6Ijc3OTQxODQ1MjNkODkyY2QwNDYyZGI3MDRjYmEzMmFmNzAzODdkZTViYTAxZjgxNTY3ZWU3MDJkZmQ2MTAxY2IifQ%3D%3D; laravel_session=eyJpdiI6IkNlREZuQ2hHTFBDU2lIcG9qVzJXK3c9PSIsInZhbHVlIjoiSmpOZTZvcFQ0ZlJIeFBaSktISmNhU1NEbkN4dHBqRHh3cDJ5aUFJZW1DRVVFdXJhU1Z2Y1dtWEdQVUlmcDhGQVwva3AyeG5jT2tvdmpNWTdXRWd4SmtnPT0iLCJtYWMiOiI4MTQxMjRjODU1NTUxNTZlNzZlOGVhZWE3ZWFkN2E2MjU0N2UyYTc3YTk0M2YwOWQxZWI5OTExNTkzNjRhODRiIn0%3D
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 13:25:27 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlF1Vm1oOFRYblIyZzdzeGNKQVZ2bFE9PSIsInZhbHVlIjoiRVJ2eFV2NENmdTJQQ2ZSTkpUUUV5MXNtU2VKYkhyZ3FLXC9kdFlhdjg4Q3hFWnR6VE5TNVJOd1dJSTNMT3JlOURTbXRlTzF3cFVQYmp3eTRISEhiTjFBPT0iLCJtYWMiOiJjMDIyZWNlY2IyOTkxYmFkNjhmYzlmZmY5NWJjOGRjMDI4OTI3MTk0NTA5ZjUxZTZkYjRlMGM3YWI3NWE0NmQ2In0%3D; expires=Thu, 17-May-2018 13:25:27 GMT; Max-Age=604800; path=/ laravel_session=eyJpdiI6Ikt0YzlnRG9GZkNGbFU0ZmdiYVNTK2c9PSIsInZhbHVlIjoiMDdxVzNYNHdnZG1EWW1ZaGNrdzNWd1B3TWhhbEJhdEc4eE5yU2tZVW5zNTBmNWJSKzMrXC9yM1VYMVJQemZxc1NpM1JBb1pYMWJNTzFQMDBWWGtmRTBBPT0iLCJtYWMiOiJjNjk0OTcwNzhkYjU3NzI0MTk2M2Y5MmYzM2VhNzgxZTVjMmIyMTBkM2Q2NzU4OGZhM2JiNDdjMTQxMzU2YzM5In0%3D; expires=Thu, 17-May-2018 13:25:27 GMT; Max-Age=604800; path=/; HttpOnly
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
a17c483b615a562b764d.form.min.js
duube1y6ojsji.cloudfront.net/ 		916 KB
248 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
52.85.177.150 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-177-150.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbae987bd01a7a668eb54696f784b4ac781dfb7fb1578e98aafb7cda1dbb7513

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 09 May 2018 02:36:41 GMT
content-encoding
gzip
last-modified
Wed, 09 May 2018 02:26:42 GMT
server
AmazonS3
age
125327
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=31536000, immutable
x-amz-cf-id
ff1-HoWO1Q_2cti-iemjmvIrAhrW_mCyyyee4ai8h4EnD5982bI49w==
via
1.1 fc8079312db6046d812ded83f2668ac6.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ 		434 B
297 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular,bold
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
SPDY
Server
172.217.18.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f10.1e100.net
Software
ESF /
Resource Hash
8f78189e02d1bd2979934a1d40e9909f3af4ae16a67f11bc1164ed2fbdd07885
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:25:27 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 10 May 2018 13:25:27 GMT
login-the-crown_2-1500x1000.jpg
s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/6402o1m/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/6402o1m/login-the-crown_2-1500x1000.jpg
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
HTTP/1.1
Server
52.95.131.9 Sydney, Australia, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 13:25:29 GMT
Last-Modified
Thu, 10 May 2018 12:04:43 GMT
Server
AmazonS3
x-amz-request-id
D774D431F763EE62
ETag
"294bc0563f2a0776d957b6252e6cf364-1"
Content-Type
image/jpg
Accept-Ranges
bytes
Content-Length
86226
x-amz-id-2
cxSRxvg9cqov4T7buAmix3+QqSQeEtA+yEXYvvZ79o5oDMaPcYvPGJ7YBJG1wa3N8m4QoYo+bT4=
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v14/ 		59 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700|Material+Icons
Origin
https://www-netflix.paperform.co

Response headers

date
Wed, 09 May 2018 03:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120778
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
30035
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:16 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 03:52:29 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNZ.ttf
fonts.gstatic.com/s/materialicons/v37/ 		138 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v37/flUhRq6tzZclQEJ-Vdg-IuiaDsNZ.ttf
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
1e6fb0f0aad74d68d31ee31f473fd6e24ee4356f81a25f7c88bfbd220185fa74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700|Material+Icons
Origin
https://www-netflix.paperform.co

Response headers

date
Mon, 07 May 2018 23:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221769
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
67077
x-xss-protection
1; mode=block
last-modified
Mon, 07 May 2018 23:47:10 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 May 2019 23:49:18 GMT
S6u9w4BMUTPHh7USSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		62 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPHA.ttf
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
4977f8d8f865c43ee26dc31409cd4fe8945048d5800719133d79ab053527d859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700|Material+Icons
Origin
https://www-netflix.paperform.co

Response headers

date
Tue, 13 Feb 2018 15:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7422902
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
33428
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:04 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Feb 2019 15:30:25 GMT
Screenshot-2018-5-10%20Netflix.png
res.cloudinary.com/paperform/image/fetch/w_297,f_auto/https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/5z12o9g/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/paperform/image/fetch/w_297,f_auto/https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/5z12o9g/Screenshot-2018-5-10%20Netflix.png
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
2.21.160.88 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
cloudinary /
Resource Hash
c81394532444a49f38584b9b56683fd0404af0a8680e298c2c6030ae78507fc8

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:25:27 GMT
edge-cache-tag
310579602904351600801837954273805286815,156219891819139585459495837553658235334,9942e5215e50f10e1a1af0776fa97dca
status
200
content-disposition
inline; filename="Screenshot-2018-5-10 Netflix.webp"
content-length
2224
surrogate-key
310579602904351600801837954273805286815 156219891819139585459495837553658235334 9942e5215e50f10e1a1af0776fa97dca
last-modified
Thu, 10 May 2018 12:22:32 GMT
server
cloudinary
etag
"5a704ec9fdd1c97760f22a1e1d68fc89"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=601144
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 17 May 2018 12:24:31 GMT
Screenshot-2018-5-10%20Netflix.png
res.cloudinary.com/paperform/image/fetch/w_289,f_auto/https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/1422ocy/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/paperform/image/fetch/w_289,f_auto/https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/1422ocy/Screenshot-2018-5-10%20Netflix.png
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
2.21.160.88 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
cloudinary /
Resource Hash
324de037370e44003fa8f455bb13747c89f9817520e7f08aaf8a4ad8acce4c92

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:25:27 GMT
edge-cache-tag
201827961611850739140998747876020238808,204984693721949135831195349082843131634,9942e5215e50f10e1a1af0776fa97dca
status
200
content-disposition
inline; filename="Screenshot-2018-5-10 Netflix.webp"
content-length
2190
surrogate-key
201827961611850739140998747876020238808 204984693721949135831195349082843131634 9942e5215e50f10e1a1af0776fa97dca
last-modified
Thu, 10 May 2018 12:22:32 GMT
server
cloudinary
etag
"1c6e44f69443afa4f0af6ea46ef89a62"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=601223
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 17 May 2018 12:25:50 GMT
Screenshot-2018-5-10%20Netflix.png
res.cloudinary.com/paperform/image/fetch/w_295,f_auto/https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/pb32ol2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/paperform/image/fetch/w_295,f_auto/https://s3-ap-southeast-2.amazonaws.com/paperform/u-12769/1/2018-05-10/pb32ol2/Screenshot-2018-5-10%20Netflix.png
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
2.21.160.88 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
Software
cloudinary /
Resource Hash
6b6b3dc643aa434da3edec5b514227f06263fd7bcb2a33aba012fd1ccf861d85

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:25:27 GMT
edge-cache-tag
222126347405545369624247142312599407003,257079727336633283474101208060677432627,9942e5215e50f10e1a1af0776fa97dca
status
200
content-disposition
inline; filename="Screenshot-2018-5-10 Netflix.webp"
content-length
2222
surrogate-key
222126347405545369624247142312599407003 257079727336633283474101208060677432627 9942e5215e50f10e1a1af0776fa97dca
last-modified
Thu, 10 May 2018 12:22:32 GMT
server
cloudinary
etag
"7fb43563b5f0e0d3df4a2019a484ec55"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=601190
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 17 May 2018 12:25:17 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f238.1e100.net
Software
Golfe2 /
Resource Hash
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
2556
date
Thu, 10 May 2018 12:42:51 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14353
expires
Thu, 10 May 2018 14:42:51 GMT
Cookie set event
www-netflix.paperform.co/api/v1/form/5af43435b234f2058651db25/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www-netflix.paperform.co/api/v1/form/5af43435b234f2058651db25/event
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.80.77.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-80-77-132.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www-netflix.paperform.co
Accept-Encoding
gzip, deflate
x-csrf-token
null
Host
www-netflix.paperform.co
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
Cache-Control
no-cache
Referer
https://www-netflix.paperform.co/
Cookie
XSRF-TOKEN=eyJpdiI6IlF1Vm1oOFRYblIyZzdzeGNKQVZ2bFE9PSIsInZhbHVlIjoiRVJ2eFV2NENmdTJQQ2ZSTkpUUUV5MXNtU2VKYkhyZ3FLXC9kdFlhdjg4Q3hFWnR6VE5TNVJOd1dJSTNMT3JlOURTbXRlTzF3cFVQYmp3eTRISEhiTjFBPT0iLCJtYWMiOiJjMDIyZWNlY2IyOTkxYmFkNjhmYzlmZmY5NWJjOGRjMDI4OTI3MTk0NTA5ZjUxZTZkYjRlMGM3YWI3NWE0NmQ2In0%3D; laravel_session=eyJpdiI6Ikt0YzlnRG9GZkNGbFU0ZmdiYVNTK2c9PSIsInZhbHVlIjoiMDdxVzNYNHdnZG1EWW1ZaGNrdzNWd1B3TWhhbEJhdEc4eE5yU2tZVW5zNTBmNWJSKzMrXC9yM1VYMVJQemZxc1NpM1JBb1pYMWJNTzFQMDBWWGtmRTBBPT0iLCJtYWMiOiJjNjk0OTcwNzhkYjU3NzI0MTk2M2Y5MmYzM2VhNzgxZTVjMmIyMTBkM2Q2NzU4OGZhM2JiNDdjMTQxMzU2YzM5In0%3D
Connection
keep-alive
Content-Length
70
accept
application/json
Referer
https://www-netflix.paperform.co/
Origin
https://www-netflix.paperform.co
x-csrf-token
null
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json

Response headers

Date
Thu, 10 May 2018 13:25:27 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
X-RateLimit-Remaining
119
Cache-Control
no-cache
Transfer-Encoding
chunked
X-RateLimit-Limit
120
Set-Cookie
XSRF-TOKEN=eyJpdiI6IlBqZnpnZllVejFJNjJKenFDNGI5N3c9PSIsInZhbHVlIjoic3JVTzFsZlQyaWFPRUxDYmJwUWpkQjdIdGFDMTJcL1VzSWFFZnlCaks3YTRFM3VKRHN2STJhSzR4YUVBa1hiaThid21CSDZXSWVYVERCSWVhZFwvYVJYZz09IiwibWFjIjoiOWQ1ZGZlZTRmMDg0M2Q0OWE1ZmM0ZjE5YzRiOGNkM2ExZjM1NmNmYmJjNDJhODFmNDJlMTg4NzQyNTkwMDMwMyJ9; expires=Thu, 17-May-2018 13:25:27 GMT; Max-Age=604800; path=/ laravel_session=eyJpdiI6IlR2WWZYSDJZcUlKZHNRaUgwZUJBZVE9PSIsInZhbHVlIjoidXZCc2RTc1ZyR1lEaTB6YmxuNDRod2t6akJRUXFibEU4TmVwc1JLNCtBc1wvczRXdHpwNDN6U2NPYkRBZDM2MzdXOEQ3SnRvVEdxT2ZzTFNYeVpPTFZRPT0iLCJtYWMiOiIyZDdiZDJmN2IwNjM5MGM3MzRkMDAyMTU2MGIxNTc0NWRmOTZhMGU4YWZhYTJiYTBlZGMyZDEwMmIwMzRlYjBjIn0%3D; expires=Thu, 17-May-2018 13:25:27 GMT; Max-Age=604800; path=/; HttpOnly
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		57 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: duube1y6ojsji.cloudfront.net
URL: https://duube1y6ojsji.cloudfront.net/a17c483b615a562b764d.form.min.js
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
sffe /
Resource Hash
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,400,700|Material+Icons
Origin
https://www-netflix.paperform.co

Response headers

date
Wed, 09 May 2018 04:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
120076
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29554
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 May 2019 04:04:11 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j67&a=685163798&t=pageview&_s=1&dl=https%3A%2F%2Fwww-netflix.paperform.co%2F&ul=en-us&de=UTF-8&dt=Netflix&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1095639851&gjid=2041603645&cid=1365617090.1525958727&tid=UA-82275604-3&_gid=41159149.1525958727&_r=1&z=601504066
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
172.217.21.238 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f238.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 May 2018 13:25:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-1071.min.js
js-agent.newrelic.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: www-netflix.paperform.co
URL: https://www-netflix.paperform.co/
Protocol
SPDY
Server
151.101.14.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 13:25:31 GMT
content-encoding
gzip
x-amz-request-id
481FE111768851BD
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
0YRbL+xndniUNryTFyPMh7blhTKIHFgax7VZOYNB0faQOHdTX/PT1kK81w0HdqDzPFNiC/1Ey3g=
x-served-by
cache-fra19138-FRA
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1525958731.206513,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
66160
87e8d511b7
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/87e8d511b7?a=103052959&v=1071.385e752&to=ZgAGN0dYWRdRVENdV19KJQBBUFgKH3ZHRGR5ERATaXpYCkRFWFhUVBcXP3NWRQlzWFlASl4JCAZHeVELQlphXV1G&rst=5255&ref=https://www-netflix.paperform.co/&ap=27&be=1063&fe=5243&dc=1416&perf=%7B%22timing%22:%7B%22of%22:1525958725959,%22n%22:0,%22f%22:1049,%22dn%22:381,%22dne%22:691,%22c%22:691,%22s%22:794,%22ce%22:902,%22rq%22:902,%22rp%22:1036,%22rpe%22:1048,%22dl%22:1050,%22di%22:1415,%22ds%22:1415,%22de%22:1417,%22dc%22:5243,%22l%22:5243,%22le%22:5243%7D,%22navigation%22:%7B%7D%7D&at=SkcFQQ9CShk%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Server
162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://www-netflix.paperform.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require object| _state number| _edit string| _user object| _translation object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| text object| _saved object| _pages object| _sections object| _blockMetadata object| _questionPageMap object| _initialForm object| React object| ReactDOM object| store function| _cb69i1v function| _cb9del1 function| _exportReactApp string| GoogleAnalyticsObject function| ga object| analytics object| gaplugins object| gaGlobal object| gaData

5 Cookies

Domain/Path Name / Value
www-netflix.paperform.co/ Name: laravel_session
Value: eyJpdiI6IlR2WWZYSDJZcUlKZHNRaUgwZUJBZVE9PSIsInZhbHVlIjoidXZCc2RTc1ZyR1lEaTB6YmxuNDRod2t6akJRUXFibEU4TmVwc1JLNCtBc1wvczRXdHpwNDN6U2NPYkRBZDM2MzdXOEQ3SnRvVEdxT2ZzTFNYeVpPTFZRPT0iLCJtYWMiOiIyZDdiZDJmN2IwNjM5MGM3MzRkMDAyMTU2MGIxNTc0NWRmOTZhMGU4YWZhYTJiYTBlZGMyZDEwMmIwMzRlYjBjIn0%3D
.paperform.co/ Name: _gat
Value: 1
www-netflix.paperform.co/ Name: XSRF-TOKEN
Value: eyJpdiI6IlBqZnpnZllVejFJNjJKenFDNGI5N3c9PSIsInZhbHVlIjoic3JVTzFsZlQyaWFPRUxDYmJwUWpkQjdIdGFDMTJcL1VzSWFFZnlCaks3YTRFM3VKRHN2STJhSzR4YUVBa1hiaThid21CSDZXSWVYVERCSWVhZFwvYVJYZz09IiwibWFjIjoiOWQ1ZGZlZTRmMDg0M2Q0OWE1ZmM0ZjE5YzRiOGNkM2ExZjM1NmNmYmJjNDJhODFmNDJlMTg4NzQyNTkwMDMwMyJ9
.paperform.co/ Name: _gid
Value: GA1.2.41159149.1525958727
.paperform.co/ Name: _ga
Value: GA1.2.1365617090.1525958727

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
duube1y6ojsji.cloudfront.net
email.idealflatmate.co.uk
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
res.cloudinary.com
s3-ap-southeast-2.amazonaws.com
www-netflix.paperform.co
www.google-analytics.com
151.101.14.110
162.247.242.19
172.217.18.170
172.217.21.238
172.217.23.131
2.21.160.88
52.85.177.150
52.95.131.9
54.200.184.29
54.80.77.132
105da7e72516e1c54ed58a936a9ad0c439125852e32fa1ca644f764e0febe67a
1e6fb0f0aad74d68d31ee31f473fd6e24ee4356f81a25f7c88bfbd220185fa74
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
324de037370e44003fa8f455bb13747c89f9817520e7f08aaf8a4ad8acce4c92
4977f8d8f865c43ee26dc31409cd4fe8945048d5800719133d79ab053527d859
5245fea10b68ff373b129817bdb75b71c8ae45adbf74711415f949970f31722c
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
6b6b3dc643aa434da3edec5b514227f06263fd7bcb2a33aba012fd1ccf861d85
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f78189e02d1bd2979934a1d40e9909f3af4ae16a67f11bc1164ed2fbdd07885
9c4590446dbf83edae05be4ca28ef789ee50a01ef2cb8f1b51c5937d029cac76
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
baafd74a4cb4dc594b614eeb45c7267bb1af729d9271752460348ece16532d04
c81394532444a49f38584b9b56683fd0404af0a8680e298c2c6030ae78507fc8
cc0246910074465489dbcb9bfa93e5ae091b8953e457b8f001ef316b02c405ed
dbae987bd01a7a668eb54696f784b4ac781dfb7fb1578e98aafb7cda1dbb7513
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23