netflix.topoffers.promo Open in urlscan Pro
2606:4700:3034::681b:a025 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://netflix.topoffers.promo/
Submission: On February 16 via api (February 16th 2020, 11:39:47 am UTC) from GB

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3034::681b:a025, located in United States and belongs to CLOUDFLARENET, US. The main domain is netflix.topoffers.promo.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on August 17th 2019. Valid for: a year.

This is the only time netflix.topoffers.promo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3034::681b:a025	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
4	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
16	8

4 2606:4700:3034::681b:a025 (United States)

ASN13335 (CLOUDFLARENET, US)

netflix.topoffers.promo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	topoffers.promo netflix.topoffers.promo	150 KB
3	googleapis.com fonts.googleapis.com	97 KB
2	jquery.com code.jquery.com	97 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com	35 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	ytimg.com s.ytimg.com	10 KB
1	youtube.com www.youtube.com	944 B
1	cloudflare.com cdnjs.cloudflare.com	637 B
1	fontawesome.com use.fontawesome.com	10 KB
16	9

	Domain	Requested by
4	netflix.topoffers.promo	netflix.topoffers.promo
3	fonts.googleapis.com	netflix.topoffers.promo
2	code.jquery.com	netflix.topoffers.promo
2	stackpath.bootstrapcdn.com	netflix.topoffers.promo
1	fonts.gstatic.com	netflix.topoffers.promo
1	s.ytimg.com	www.youtube.com
1	www.youtube.com	netflix.topoffers.promo
1	cdnjs.cloudflare.com	netflix.topoffers.promo
1	use.fontawesome.com	netflix.topoffers.promo
16	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-08-17` - `2020-08-16`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://netflix.topoffers.promo/
Frame ID: A2E874AAF638857B303AC0E3D0C1E2CC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
script /jquery-ui.*\.js/i

Page Statistics

16
Requests

100 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

408 kB
Transfer

1619 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
netflix.topoffers.promo/ 2 KB
1 KB 836ms
687ms Document
text/html 2606:4700:3034::681b:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 63759cb01b01b22e761daeef4141cb7815d6a7d3788cf5ea85e777e9cdb72f5b

Request headers

:method: GET
:authority: netflix.topoffers.promo
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Sun, 16 Feb 2020 11:39:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd98600598a4176422e97cc76482c11ff1581853169; expires=Tue, 17-Mar-20 11:39:29 GMT; path=/; domain=.topoffers.promo; HttpOnly; SameSite=Lax; Secure
x-powered-by: Express
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2019 20:29:43 GMT
expires: Sun, 23 Feb 2020 11:39:30 GMT
cache-control: public, max-age=604800
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 565f3dc51ca6dfdb-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 11 KB
856 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800

Requested by

Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a311e2d6fa8ee1806f712d01d742f78d77da41da4c7920fd5001fb811630a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Feb 2020 11:39:30 GMT
server: ESF
date: Sun, 16 Feb 2020 11:39:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Feb 2020 11:39:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
950 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800

Requested by

Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Feb 2020 11:39:30 GMT
server: ESF
date: Sun, 16 Feb 2020 11:39:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Feb 2020 11:39:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 467 KB
95 KB 36ms
34ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

755495205e9a8307aabc4183ebc4c95952ed8ea9cde4406fe35113b8a71dfc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Feb 2020 11:39:30 GMT
server: ESF
date: Sun, 16 Feb 2020 11:39:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Feb 2020 11:39:30 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.11/css/ 38 KB
10 KB 55ms
17ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.11/css/all.css
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 914928762d3ffddcacd3506a73b6e9b021952b305d05f49a8a19765bb0d27267

Request headers

Referer: https://netflix.topoffers.promo/
Origin: https://netflix.topoffers.promo
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 16 Feb 2020 11:39:30 GMT
content-encoding: gzip
last-modified: Wed, 02 May 2018 19:17:05 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"43f51d4f34e4891f1b4a6a38842603c4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/ 137 KB
21 KB 32ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255

Request headers

Referer: https://netflix.topoffers.promo/
Origin: https://netflix.topoffers.promo
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 16 Feb 2020 11:39:30 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:34:10 GMT
access-control-allow-origin: *
etag: "1544639650"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 21024

GET
H2 200 loading-bar.min.css
cdnjs.cloudflare.com/ajax/libs/angular-loading-bar/0.9.0/ 2 KB
637 B 12ms
10ms Stylesheet
text/css 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-loading-bar/0.9.0/loading-bar.min.css

Requested by

Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddcf4b2888276d5856677b23851e5a4415856fee2c559bba21a467ca3f20793a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 16 Feb 2020 11:39:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 789263
cf-ray: 565f3dc979ae96e6-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:15:28 GMT
server: cloudflare
etag: W/"5afd4830-8bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Fri, 05 Feb 2021 11:39:30 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 style-f7ec75b0f0.css
netflix.topoffers.promo/ 8 KB
2 KB 659ms
658ms Stylesheet
text/css 2606:4700:3034::681b:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.topoffers.promo/style-f7ec75b0f0.css
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 33ab1ac254e3cb2b8f1c6f5e0c89e33b88bffa7e6d1f438a78d020d05cddac9e

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

cf-ray: 565f3dc9798edfdb-FRA
date: Sun, 16 Feb 2020 11:39:30 GMT
via: 1.1 vegur
etag: W/"0-1573504183000"
cf-cache-status: MISS
last-modified: Mon, 11 Nov 2019 20:29:43 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=604800
content-encoding: br
expires: Sun, 23 Feb 2020 11:39:30 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 859 B
944 B 21ms
20ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

2c0884853dc57e0e429d1bec631837b0f356b5806e913f00dd2828b3f88b3b6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 11:39:30 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 37ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 16 Feb 2020 11:39:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1581853170.dop054.fr8.t,1581853170.cds083.fr8.shn,1581853170.dop054.fr8.t,1581853170.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H/1.1 200
OK jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
67 KB 39ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 16 Feb 2020 11:39:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 16:34:16 GMT
Server: nginx
ETag: W/"57d97c08-3dee4"
Vary: Accept-Encoding
X-HW: 1581853170.dop156.fr8.t,1581853170.cds086.fr8.shn,1581853170.cds086.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 67751

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 50 KB
14 KB 33ms
8ms Script
text/javascript 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 11:39:30 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:33:53 GMT
access-control-allow-origin: *
etag: "1544639633"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 14049

GET
H2 200 assets-36d633a1f6.js Show response
netflix.topoffers.promo/ 487 KB
137 KB 946ms
945ms Script
application/javascript 2606:4700:3034::681b:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.topoffers.promo/assets-36d633a1f6.js
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 651e4d508830cd79e460cb3cf6144b60f7429f5f6ea14800cebaa328b84e6a3c

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

cf-ray: 565f3dc97990dfdb-FRA
date: Sun, 16 Feb 2020 11:39:31 GMT
via: 1.1 vegur
etag: W/"0-1573504183000"
cf-cache-status: MISS
last-modified: Mon, 11 Nov 2019 20:29:43 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
content-encoding: br
expires: Sun, 23 Feb 2020 11:39:30 GMT

GET
H2 200 live-4118057773.js Show response
netflix.topoffers.promo/ 35 KB
8 KB 646ms
645ms Script
application/javascript 2606:4700:3034::681b:a025
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.topoffers.promo/live-4118057773.js
Requested by: Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681b:a025 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fc13f9420691682939ac826236ae4b0f53317b56067e7ebfc01d630ef4264dd4

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

cf-ray: 565f3dc97992dfdb-FRA
date: Sun, 16 Feb 2020 11:39:30 GMT
via: 1.1 vegur
etag: W/"0-1573504183000"
cf-cache-status: MISS
last-modified: Mon, 11 Nov 2019 20:29:43 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=604800
content-encoding: br
expires: Sun, 23 Feb 2020 11:39:30 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflYl14TA/ 27 KB
10 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflYl14TA/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60111948f7ff6c6621b9183616896e465889d75bad2c797ad267aa2feedc3efa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://netflix.topoffers.promo/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 11:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1992
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10243
x-xss-protection: 0
last-modified: Sat, 15 Feb 2020 00:53:13 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 24 Feb 2020 11:06:18 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: netflix.topoffers.promo
URL: https://netflix.topoffers.promo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Origin: https://netflix.topoffers.promo
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 00:22:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1336623
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:22:27 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.topoffers.promo/	1970-01-19 08:07:25	Name: __cfduid Value: dd98600598a4176422e97cc76482c11ff1581853169

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://code.jquery.com/jquery-3.3.1.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property '$LoopBack$accessTokenId' of null TypeError: Cannot read property '$LoopBack$accessTokenId' of null at https://netflix.topoffers.promo/assets-36d633a1f6.js:1:496313 at Array.forEach (<anonymous>) at new t (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:496263) at Object.<anonymous> (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:496819) at Object.invoke (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:78029) at Object.f.$get (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:76467) at Object.invoke (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:78029) at https://netflix.topoffers.promo/assets-36d633a1f6.js:1:75921 at u (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:77406) at o (https://netflix.topoffers.promo/assets-36d633a1f6.js:1:77711) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
netflix.topoffers.promo
s.ytimg.com
stackpath.bootstrapcdn.com
use.fontawesome.com
www.youtube.com
2001:4de0:ac19::1:b:2a
23.111.9.35
2606:4700:3034::681b:a025
2606:4700::6811:4004
2a00:1450:4001:808::200a
2a00:1450:4001:809::200e
2a00:1450:4001:815::2003
2a00:1450:4001:821::200e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2c0884853dc57e0e429d1bec631837b0f356b5806e913f00dd2828b3f88b3b6c
33ab1ac254e3cb2b8f1c6f5e0c89e33b88bffa7e6d1f438a78d020d05cddac9e
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3a311e2d6fa8ee1806f712d01d742f78d77da41da4c7920fd5001fb811630a1d
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
60111948f7ff6c6621b9183616896e465889d75bad2c797ad267aa2feedc3efa
63759cb01b01b22e761daeef4141cb7815d6a7d3788cf5ea85e777e9cdb72f5b
651e4d508830cd79e460cb3cf6144b60f7429f5f6ea14800cebaa328b84e6a3c
755495205e9a8307aabc4183ebc4c95952ed8ea9cde4406fe35113b8a71dfc42
84e6ba10a3ea0dbddf004cdd014b1621c5fe8a7065a3f15271307272befea438
914928762d3ffddcacd3506a73b6e9b021952b305d05f49a8a19765bb0d27267
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
ddcf4b2888276d5856677b23851e5a4415856fee2c559bba21a467ca3f20793a
fc13f9420691682939ac826236ae4b0f53317b56067e7ebfc01d630ef4264dd4

netflix.topoffers.promo Open in urlscan Pro 2606:4700:3034::681b:a025 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

88 %IPv6

9 Domains

9 Subdomains

8 IPs

3 Countries

408 kBTransfer

1619 kBSize

1 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

netflix.topoffers.promo Open in urlscan Pro
2606:4700:3034::681b:a025 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

8
IPs

3
Countries

408 kB
Transfer

1619 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions