daiwikproductions.com Open in urlscan Pro
192.185.106.53  Malicious Activity! Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response daiwikproductions.com/CA-en/app/	170 KB 32 KB	916ms 543ms	Document text/html	192.185.106.53 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.106.53 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS admiral.websitewelcome.com Software Apache / Resource Hash 2c104eee3180999e4fbeb864f1c9f657c2bf650d0e1cddfd1d37ff16c721b022 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-CH,de;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 07 Sep 2023 15:26:40 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding
GET H/1.1	200 OK	loginControllerClient.js.686362d355434dbd3997.js Show response assets.nflxext.com/web/ffe/wp/components/login/	1 MB 295 KB	77ms 35ms	Script application/javascript	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash dcfaae47f11e3c532e108520cdf71840e04652437a952cb08546db3559711828 Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 07 Sep 2023 15:26:40 GMT Content-Encoding gzip Last-Modified Thu, 14 Jul 2022 20:09:12 GMT Server nginx Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 301460 Expires Thu, 14 Sep 2023 15:26:41 GMT
GET H2	200	WebsiteDetect daiwikproductions.com/personalization/cl2/freeform/	64 KB 13 KB	262ms 261ms	Stylesheet text/html	192.185.106.53 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://daiwikproductions.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.106.53 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS admiral.websitewelcome.com Software Apache / Resource Hash f3d01ded4ab1ddd95d2e9d5199e53fdc16d7e7f87c0dac2ec8638375d761c8ea Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/CA-en/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 07 Sep 2023 15:26:40 GMT content-encoding gzip server Apache content-length 13165 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	75ms 31ms	Script application/javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:40 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 7EncTFplbWDUpOxlbB9/Qg== age 52999 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6836 x-ms-lease-status unlocked last-modified Wed, 06 Sep 2023 10:00:52 GMT server cloudflare etag 0x8DBAEC0277A0438 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id ee812e67-201e-0028-07fb-e0582b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b0ac615271-MXP
GET H/1.1	200 OK	error-page.b4d75d715f60a9ee1887.css assets.nflxext.com/web/ffe/wp/less/core/	17 KB 5 KB	57ms 16ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash c50d81f310847f9dd5c054871180b211c7f4a9eccbb42ee95f9574880b56ef73 Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 07 Sep 2023 15:26:40 GMT Content-Encoding gzip Last-Modified Fri, 13 May 2022 12:33:06 GMT Server nginx Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 4422 Expires Thu, 14 Sep 2023 15:26:41 GMT
GET H/1.1	200 OK	loginBase.09e271325f8873705389.css assets.nflxext.com/web/ffe/wp/less/login/	59 KB 12 KB	76ms 35ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.09e271325f8873705389.css Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 9d69235daf0df021876c6a159d1b0804fe00d19bd4f17a6290d8fe1178071e1c Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 07 Sep 2023 15:26:40 GMT Content-Encoding gzip Last-Modified Fri, 13 May 2022 12:33:06 GMT Server nginx Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 11804 Expires Thu, 14 Sep 2023 15:26:41 GMT
GET H/1.1	200 OK	Login.f701fd76ffbab95b6def.css assets.nflxext.com/web/ffe/wp/less/pages/login/	80 KB 14 KB	80ms 38ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/less/pages/login/Login.f701fd76ffbab95b6def.css Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 0819a946b01d40bc0595f31cff5d4567a357e0d6f7ea98ed425d384dd7c47b37 Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 07 Sep 2023 15:26:40 GMT Content-Encoding gzip Last-Modified Wed, 06 Jul 2022 12:33:23 GMT Server nginx Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 13760 Expires Thu, 14 Sep 2023 15:26:41 GMT
GET H/1.1	200 OK	US-en-20220711-popsignuptwoweeks-perspective_alpha_website_large.jpg assets.nflxext.com/ffe/siteui/vlv3/1ef84595-1fdb-4404-adac-15215ceeb3ae/9b7e4892-200e-4740-909b-cdd33763fe9f/	311 KB 312 KB	34ms 34ms	Image image/jpeg	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/vlv3/1ef84595-1fdb-4404-adac-15215ceeb3ae/9b7e4892-200e-4740-909b-cdd33763fe9f/US-en-20220711-popsignuptwoweeks-perspective_alpha_website_large.jpg Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash ed008e83e196197a1bd7fcce22ba1774aaf55874adccd3a7702dc462ce6bb731 Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 07 Sep 2023 15:26:40 GMT Last-Modified Wed, 13 Jul 2022 12:53:45 GMT Server nginx Content-MD5 xWFB4JNmylemmxtxf7TRRw== Content-Type image/jpeg Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 318765 Expires Thu, 14 Sep 2023 15:26:41 GMT
GET H2	200	WebsiteDetect Show response daiwikproductions.com/personalization/cl2/freeform/	64 KB 13 KB	263ms 263ms	XHR text/html	192.185.106.53 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://daiwikproductions.com/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.106.53 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS admiral.websitewelcome.com Software Apache / Resource Hash 9756f3ea690202cac0ffed22d5ee5f9b442834bd6f72df4b4fa2af75ccbce806 Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/CA-en/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip server Apache content-length 13151 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	WebsiteScreen Show response daiwikproductions.com/personalization/cl2/freeform/	64 KB 13 KB	272ms 272ms	XHR text/html	192.185.106.53 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://daiwikproductions.com/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1 Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.106.53 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS admiral.websitewelcome.com Software Apache / Resource Hash 9ea07cf655c455b39952b1bb5cf8ccb06a82b189f5190ef2709282553659d9e2 Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/CA-en/app/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip server Apache content-length 13189 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	87b6a5c0-0104-4e96-a291-092c11350111.json Show response cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/	6 KB 2 KB	82ms 40ms	XHR application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a4065ead26a118363a9ee57fbbf14747fbb890cb8c02806ffdba6ca1e01e6ba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 6062 content-md5 LNTJSBxq/pu406OeBM98cA== content-length 1893 x-ms-lease-status unlocked last-modified Wed, 23 Aug 2023 20:05:08 GMT server cloudflare etag 0x8DBA414404B8522 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id bb501f37-a01e-0044-0d8e-e1b3bc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b26a0e4bf5-MXP expires Fri, 08 Sep 2023 15:26:41 GMT
GET H/1.1	200 OK	nf-icon-v1-93.woff assets.nflxext.com/ffe/siteui/fonts/	72 KB 72 KB	47ms 15ms	Font font/woff	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.09e271325f8873705389.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d Request headers Referer https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.09e271325f8873705389.css Origin https://daiwikproductions.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers Date Thu, 07 Sep 2023 15:26:41 GMT Last-Modified Mon, 29 Jan 2018 01:50:51 GMT Server nginx Content-MD5 fPYVbMSBJEtaJUNi17c/AA== Content-Type font/woff Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 73572 Expires Thu, 14 Sep 2023 15:26:42 GMT
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	67 B 304 B	76ms 40ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept application/json Referer https://daiwikproductions.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 07 Sep 2023 15:26:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 802ff8b35e15021d-ZRH access-control-allow-headers Content-Type
GET H2	200	enterprise.js Show response www.google.com/recaptcha/	1 KB 1 KB	89ms 32ms	Script text/javascript	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 5994e4c451d1c9a3af1cceb52779e82eadbfada6b0e0d1bc0b8105a0a576f1b6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 898 x-xss-protection 1; mode=block expires Thu, 07 Sep 2023 15:26:41 GMT
POST H2	200	log Show response daiwikproductions.com/personalization/	64 KB 13 KB	276ms 276ms	XHR text/html	192.185.106.53 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://daiwikproductions.com/personalization/log Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.106.53 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS admiral.websitewelcome.com Software Apache / Resource Hash 5a75bcb7694678088a7504861282059689bd44f48a2beb6c97243e118d51fbab Request headers X-Netflix.ichnaea.request.type UiRequest Referer https://daiwikproductions.com/CA-en/app/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Content-Type application/json Response headers date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip server Apache content-length 13158 vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202301.1.0/	395 KB 94 KB	33ms 32ms	Script application/javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 TPatHKMti4L8TVrK0PWkxg== age 47654 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 96303 x-ms-lease-status unlocked last-modified Wed, 22 Feb 2023 03:39:35 GMT server cloudflare etag 0x8DB14866ADAA84A vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id bdce70f4-f01e-00ad-093e-79f88c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b3986f5271-MXP
GET H2	200	recaptcha__de_ch.js Show response www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/	454 KB 183 KB	75ms 22ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de_ch.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6af4a047b0d008cf83f703ee6add654184eac57f06dc2a3f9607fe566fba45ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://daiwikproductions.com/ Origin https://daiwikproductions.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 31 Aug 2023 17:15:58 GMT content-encoding gzip x-content-type-options nosniff age 598243 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 186652 x-xss-protection 0 last-modified Mon, 21 Aug 2023 02:02:34 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 30 Aug 2024 17:15:58 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/55af99db-f9fd-4653-abf3-199720a8670a/	58 KB 15 KB	47ms 47ms	Fetch application/x-javascript	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/55af99db-f9fd-4653-abf3-199720a8670a/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 992c42bd5f23100c660699b2d71f03874aaf19dc54ab1c40617e6726d072a1b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 6062 content-md5 lgSbys05qGMixDZKZiwxKg== content-length 15456 x-ms-lease-status unlocked last-modified Wed, 23 Aug 2023 20:05:16 GMT server cloudflare etag 0x8DBA41444C71630 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id c6ae54d0-701e-0047-1491-e152d8000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b40cd74bf5-MXP expires Fri, 08 Sep 2023 15:26:41 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202301.1.0/assets/	13 KB 3 KB	43ms 43ms	Fetch application/json	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 JRquOrwnT+1fACynxEiZlA== age 6062 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 3020 x-ms-lease-status unlocked last-modified Wed, 22 Feb 2023 03:39:28 GMT server cloudflare etag 0x8DB148666B3B223 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 6b14d99d-a01e-0054-638e-e176d4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b47dc14bf5-MXP
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/	62 KB 13 KB	34ms 34ms	Fetch application/json	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 5x5OTvRos5JBKPa+Qbpqxg== age 6061 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 13354 x-ms-lease-status unlocked last-modified Wed, 22 Feb 2023 03:39:30 GMT server cloudflare etag 0x8DB148668308060 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 6b14d9a7-a01e-0054-6d8e-e176d4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b47dc74bf5-MXP
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202301.1.0/assets/	21 KB 4 KB	62ms 62ms	Fetch text/css	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 XcxlleAcPGO2n5kTZrHH2Q== age 6062 x-ms-lease-status unlocked last-modified Wed, 22 Feb 2023 03:39:39 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 965f4ca5-301e-0034-6a8e-e10a4b000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 802ff8b47dc84bf5-MXP
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame B890	7 KB 1 KB	67ms 66ms	Document text/html	2a00:1450:4001:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9kYWl3aWtwcm9kdWN0aW9ucy5jb206NDQz&hl=de-CH&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=uk1hquq8b8gn Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de_ch.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash e97305b60c17d174936f77bf22d552be1c7f5937e27a8aa09452d520dc958fca Security Headers Name Value Content-Security-Policy script-src 'nonce-uLhzysiaU7HMFLkUD5eNJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://daiwikproductions.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding gzip content-length 1100 content-security-policy script-src 'nonce-uLhzysiaU7HMFLkUD5eNJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 07 Sep 2023 15:26:41 GMT expires Thu, 07 Sep 2023 15:26:41 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 490 B	48ms 37ms	Fetch image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 tXyZydHjxQshFMbbBT1/8A== age 6061 x-ms-lease-status unlocked last-modified Wed, 06 Sep 2023 20:05:22 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id c40fb5a8-b01e-0077-6a8e-e1ec17000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 802ff8b58fcf4bf5-MXP
GET H2	200	Netflix_Logo_PMS.png cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/	16 KB 16 KB	35ms 35ms	Image application/octet-stream	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 3MQJRwmi3BSvKIhEVW/5tw== age 2001 content-length 16386 x-ms-lease-status unlocked last-modified Mon, 18 May 2020 21:10:31 GMT server cloudflare etag 0x8D7FB6FE5CFC000 vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * x-ms-request-id 1d31dc25-e01e-00f6-2840-79fff0000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 802ff8b58b515271-MXP
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	34ms 34ms	Image image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: daiwikproductions.com URL: https://daiwikproductions.com/CA-en/app/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://daiwikproductions.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers x-ms-blob-type BlockBlob date Thu, 07 Sep 2023 15:26:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 52995 x-ms-lease-status unlocked last-modified Wed, 06 Sep 2023 10:00:59 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id de4d4aba-301e-009d-0dec-e0cb39000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 802ff8b58b535271-MXP
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B890	55 KB 24 KB	80ms 28ms	Stylesheet text/css	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9kYWl3aWtwcm9kdWN0aW9ucy5jb206NDQz&hl=de-CH&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=uk1hquq8b8gn Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 07 Sep 2023 06:13:49 GMT content-encoding gzip x-content-type-options nosniff age 33172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 21 Aug 2023 02:02:34 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 06 Sep 2024 06:13:49 GMT
GET H3	200	recaptcha__de_ch.js Show response www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame B890	454 KB 182 KB	92ms 41ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de_ch.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9kYWl3aWtwcm9kdWN0aW9ucy5jb206NDQz&hl=de-CH&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=uk1hquq8b8gn Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6af4a047b0d008cf83f703ee6add654184eac57f06dc2a3f9607fe566fba45ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Thu, 31 Aug 2023 17:15:58 GMT content-encoding gzip x-content-type-options nosniff age 598243 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 186652 x-xss-protection 0 last-modified Mon, 21 Aug 2023 02:02:34 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 30 Aug 2024 17:15:58 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame B890	2 KB 2 KB	23ms 21ms	Image image/png	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 02 Sep 2023 06:02:48 GMT x-content-type-options nosniff age 465833 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Sat, 09 Sep 2023 06:02:48 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 fonts.gstatic.com/s/roboto/v18/ Frame B890	10 KB 11 KB	77ms 22ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9kYWl3aWtwcm9kdWN0aW9ucy5jb206NDQz&hl=de-CH&v=0hCdE87LyjzAkFO5Ff-v7Hj1&size=invisible&cb=uk1hquq8b8gn Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 Response headers date Sat, 02 Sep 2023 05:27:34 GMT x-content-type-options nosniff age 467947 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10748 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 01 Sep 2024 05:27:34 GMT
POST H2	200	cl2 Show response daiwikproductions.com/personalization/	64 KB 13 KB	282ms 282ms	XHR text/html	192.185.106.53 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://daiwikproductions.com/personalization/cl2 Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.106.53 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS admiral.websitewelcome.com Software Apache / Resource Hash de7e1b138665e1f582aa16cf8b7c615a6d116d6f1223ac218d63fef9f784b09e Request headers Referer https://daiwikproductions.com/CA-en/app/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1 X-Netflix.Client.Request.Name ui/cl Content-Type application/json Response headers date Thu, 07 Sep 2023 15:26:46 GMT content-encoding gzip server Apache content-length 13155 vary Accept-Encoding content-type text/html; charset=utf-8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| OneTrustStub function| OptanonWrapper object| netflix string| __public_path__ object| webpackChunkshakti function| _ object| util string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Optanon object| OneTrust object| recaptcha object| closure_lm_393302

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			daiwikproductions.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d0e428f8dd4e1bc84c650315fdadd677
			.daiwikproductions.com/	1969-12-31 23:59:59	Name: cL Value: 1694100401025%7C169410040113562402%7C169410040186593791%7C%7C4%7Cnull

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
cdn.cookielaw.org
daiwikproductions.com
fonts.gstatic.com
geolocation.onetrust.com
www.google.com
www.gstatic.com
192.185.106.53
2606:4700:4400::6812:2089
2606:4700::6812:83ec
2a00:1450:4001:811::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:830::2003
2a00:86c0:2090::1
0819a946b01d40bc0595f31cff5d4567a357e0d6f7ea98ed425d384dd7c47b37
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
1a4065ead26a118363a9ee57fbbf14747fbb890cb8c02806ffdba6ca1e01e6ba
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1e91e62490f19fae2907ddbfae2a95990ca18631d5386fa9de60311dd777ae4e
2c104eee3180999e4fbeb864f1c9f657c2bf650d0e1cddfd1d37ff16c721b022
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
5994e4c451d1c9a3af1cceb52779e82eadbfada6b0e0d1bc0b8105a0a576f1b6
5a75bcb7694678088a7504861282059689bd44f48a2beb6c97243e118d51fbab
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6af4a047b0d008cf83f703ee6add654184eac57f06dc2a3f9607fe566fba45ad
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9756f3ea690202cac0ffed22d5ee5f9b442834bd6f72df4b4fa2af75ccbce806
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
992c42bd5f23100c660699b2d71f03874aaf19dc54ab1c40617e6726d072a1b3
9d69235daf0df021876c6a159d1b0804fe00d19bd4f17a6290d8fe1178071e1c
9ea07cf655c455b39952b1bb5cf8ccb06a82b189f5190ef2709282553659d9e2
a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9
c50d81f310847f9dd5c054871180b211c7f4a9eccbb42ee95f9574880b56ef73
dcfaae47f11e3c532e108520cdf71840e04652437a952cb08546db3559711828
de7e1b138665e1f582aa16cf8b7c615a6d116d6f1223ac218d63fef9f784b09e
e181730c1a666b38b299b81ead525f7fec078ff980360b4c032e75b9802ebf0d
e97305b60c17d174936f77bf22d552be1c7f5937e27a8aa09452d520dc958fca
ed008e83e196197a1bd7fcce22ba1774aaf55874adccd3a7702dc462ce6bb731
f3d01ded4ab1ddd95d2e9d5199e53fdc16d7e7f87c0dac2ec8638375d761c8ea