netfiix-1.dyndns.org Open in urlscan Pro
172.234.43.101  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response netfiix-1.dyndns.org/	870 B 1 KB	350ms 92ms	Document text/html	172.234.43.101 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.234.43.101 Ashburn, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-234-43-101.ip.linodeusercontent.com Software Apache / Resource Hash 29c075dcd24f531d14ea9b3cc670bf1c894656abc851d841878e0058e5410a44 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Fri, 08 Dec 2023 00:27:51 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	bundle.js Show response netfiix-1.dyndns.org/sites/	359 KB 359 KB	92ms 91ms	Script text/javascript	172.234.43.101 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://netfiix-1.dyndns.org/sites/bundle.js Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.234.43.101 Ashburn, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-234-43-101.ip.linodeusercontent.com Software Apache / Resource Hash 90bd06533f1182ff28e4fe03fcae92020a72d7fc8908b34512cdeead80e6973f Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:51 GMT Last-Modified Fri, 08 Dec 2023 00:27:51 GMT Server Apache Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 367480
GET H/1.1	200 OK	cleave.js Show response netfiix-1.dyndns.org/sites/	114 KB 114 KB	274ms 91ms	Script text/javascript	172.234.43.101 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://netfiix-1.dyndns.org/sites/cleave.js Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.234.43.101 Ashburn, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-234-43-101.ip.linodeusercontent.com Software Apache / Resource Hash 81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:51 GMT Last-Modified Mon, 17 Jul 2023 17:18:18 GMT Server Apache Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 116418
GET H/1.1	200 OK	bundle-min.js Show response netfiix-1.dyndns.org/sites/	156 KB 157 KB	284ms 95ms	Script text/javascript	172.234.43.101 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://netfiix-1.dyndns.org/sites/bundle-min.js Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.234.43.101 Ashburn, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-234-43-101.ip.linodeusercontent.com Software Apache / Resource Hash 374de0d9dcae58c37791e9d392732802fd5c33f9d3990f21e37e687ccf89b242 Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:51 GMT Last-Modified Sun, 29 Oct 2023 04:13:36 GMT Server Apache Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 160177
GET H/1.1	200 OK	config.json Show response netfiix-1.dyndns.org/	340 B 588 B	95ms 95ms	XHR application/json	172.234.43.101 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://netfiix-1.dyndns.org/config.json Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.234.43.101 Ashburn, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-234-43-101.ip.linodeusercontent.com Software Apache / Resource Hash eb07fbb15bec61043235aeb9e10692099c6ff3267d6bb4ac11878075450d0d6d Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:52 GMT Last-Modified Thu, 07 Dec 2023 23:58:13 GMT Server Apache Content-Type application/json Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 340
GET H2	200	bbc.json Show response raw.githubusercontent.com/warrior400/page/main/	180 B 737 B	164ms 148ms	XHR text/plain	2606:50c0:8000::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/warrior400/page/main/bbc.json Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4cb089984e65b04c874d96f55c8392496f31aa240a6e86373da53587820a4ff4 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-fastly-request-id 397d99997c612e27e7b9c25458db097079b5e36e content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 08 Dec 2023 00:27:52 GMT content-encoding gzip via 1.1 varnish x-cache MISS expires Fri, 08 Dec 2023 00:32:52 GMT cross-origin-resource-policy cross-origin content-length 176 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230028-FRA x-github-request-id 8986:1046F:29CF9:2C575:65726308 x-timer S1701995272.496177,VS0,VE141 etag W/"af5cfc9a42d525f12f995fc2e6779365fc8621f273ee350ffc7ca3baf8702417" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes x-cache-hits 0
GET H2	200	bsc_0000171.json Show response raw.githubusercontent.com/warrior400/page/main/	3 B 202 B	165ms 164ms	XHR text/plain	2606:50c0:8000::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/warrior400/page/main/bsc_0000171.json Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b6ac5bc39377e44ee783dff946f6703a994f5eb31a438e69dc0735b40060d2e8 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-fastly-request-id c47ece987d339f9d77dfd2a46c870b37a9ba667f content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Fri, 08 Dec 2023 00:27:52 GMT content-encoding gzip via 1.1 varnish x-cache MISS expires Fri, 08 Dec 2023 00:32:52 GMT cross-origin-resource-policy cross-origin content-length 23 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230028-FRA x-github-request-id 8172:4AA2:29371:2BBD4:65726308 x-timer S1701995273.645711,VS0,VE158 etag W/"d79db2405b47049db74c8be5bb6ecc89d587ab89b05974b04319f4c775adf13f" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes x-cache-hits 0
GET H2	200	/ Show response api.geoiplookup.net/	190 B 813 B	90ms 35ms	XHR application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.geoiplookup.net/?query=&json=true Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.40 Resource Hash f5dcc509804cc6c8812ed4d083fc86392b85777d43f6429e0c3107e9d49c65cb Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers date Fri, 08 Dec 2023 00:27:52 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.40 access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdCrm%2BaeGmJEuMTQomObEkpjSYSCC%2BFuvCVMEOCXp65Oii5m1eC9J22r2nYJ1eiKhvUXIs62E7SdNX3W3W0iCxEWCd6ruxMhGUnSvDYuS4W%2FjC4f1BSzzmJM2Zl9jiqX%2Br%2FHh1d7MF5G%2BW48k%2B2iwk%2Br"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 8320e2976bd80ba6-AMS access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	indexs.html Show response netfiix-1.dyndns.org/sites/	256 KB 257 KB	96ms 95ms	XHR text/html	172.234.43.101 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL https://netfiix-1.dyndns.org/sites/indexs.html Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.234.43.101 Ashburn, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 172-234-43-101.ip.linodeusercontent.com Software Apache / Resource Hash c23d334456790f8d20117d98ae51a9880585b92b566bd6152ee619890d438001 Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:52 GMT Last-Modified Mon, 29 May 2023 20:24:04 GMT Server Apache Content-Type text/html Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 262432
OPTIONS H2	204	sendMessage api.telegram.org/bot5669754971:AAG4jCFUbT_ocpIUvv8LSpC8mpKkD15DO54/ Frame	0 0	54ms 13ms	Preflight	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://api.telegram.org/bot5669754971:AAG4jCFUbT_ocpIUvv8LSpC8mpKkD15DO54/sendMessage Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://netfiix-1.dyndns.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,Date,Server,Connection access-control-max-age 86400 date Fri, 08 Dec 2023 00:27:53 GMT server nginx/1.18.0
GET H/1.1	200 OK	error-page.b122c37502204303115a.css assets.nflxext.com/web/ffe/wp/less/core/	10 KB 3 KB	31ms 8ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Content-Encoding gzip Last-Modified Wed, 25 Jan 2023 19:05:46 GMT Server nginx Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 2524 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H/1.1	200 OK	loginBase.b1adf06b6a2a1720f790.css assets.nflxext.com/web/ffe/wp/less/login/	44 KB 9 KB	29ms 7ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.b1adf06b6a2a1720f790.css Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 28893dd43488d83c7ab4f71734f746bb94d8f268cafc6f7da9292e6e59ac209b Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Content-Encoding gzip Last-Modified Fri, 17 Mar 2023 12:20:07 GMT Server nginx Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 9256 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H/1.1	200 OK	Login.10b0d4338e625d30279d.css assets.nflxext.com/web/ffe/wp/less/pages/login/	88 KB 15 KB	27ms 7ms	Stylesheet text/css	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/web/ffe/wp/less/pages/login/Login.10b0d4338e625d30279d.css Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 1d957c21d351e828e2cffad66a92b3170a74a4d8d12d0150afce3e21f96fd395 Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Content-Encoding gzip Last-Modified Tue, 11 Apr 2023 12:19:59 GMT Server nginx Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 15084 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H/1.1	200 OK	BD-en-20230522-popsignuptwoweeks-perspective_alpha_website_large.jpg assets.nflxext.com/ffe/siteui/vlv3/ceb3b1eb-2673-4dd9-a6e3-0cd7a5e130ee/775a4134-7ecd-49bc-91c7-4b6aa0a85c28/	300 KB 300 KB	686ms 663ms	Image image/jpeg	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/vlv3/ceb3b1eb-2673-4dd9-a6e3-0cd7a5e130ee/775a4134-7ecd-49bc-91c7-4b6aa0a85c28/BD-en-20230522-popsignuptwoweeks-perspective_alpha_website_large.jpg Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 33fe9e35b62f582db374e8acf3025610eef77006ecb140b7a96a6da0f0e4255f Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Last-Modified Wed, 24 May 2023 13:43:53 GMT Server nginx Content-MD5 IkVus8d4p8aV9jVkF+RGJQ== Content-Type image/jpeg Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 307034 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H2	200	Netflix_Logo_PMS.png cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/	16 KB 17 KB	37ms 21ms	Image application/octet-stream	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Dec 2023 00:27:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 3MQJRwmi3BSvKIhEVW/5tw== age 74188 content-length 16386 x-ms-lease-status unlocked last-modified Mon, 18 May 2020 21:10:31 GMT server cloudflare etag 0x8D7FB6FE5CFC000 vary Accept-Encoding content-type application/octet-stream access-control-allow-origin * x-ms-request-id 7e44b09b-701e-009c-65f5-1194e5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 8320e299c95268ef-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	38ms 22ms	Image image/svg+xml	2606:4700::6812:83ec CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://netfiix-1.dyndns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 08 Dec 2023 00:27:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 74276 x-ms-lease-status unlocked last-modified Tue, 05 Dec 2023 17:22:12 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 4fdd3765-b01e-0077-57f7-27ec17000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 8320e299c95068ef-FRA
POST H2	200	sendMessage Show response api.telegram.org/bot5669754971:AAG4jCFUbT_ocpIUvv8LSpC8mpKkD15DO54/	740 B 986 B	70ms 70ms	XHR application/json	2001:67c:4e8:f004::9 TELEGRAM
General Check archive.org Show headers Download Go to Full URL https://api.telegram.org/bot5669754971:AAG4jCFUbT_ocpIUvv8LSpC8mpKkD15DO54/sendMessage Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (TELEGRAM, VG), Reverse DNS Software nginx/1.18.0 / Resource Hash ce46bbd91750e03b8a2adfdd57de11f295caae0f6da92f79775989475f0b944c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://netfiix-1.dyndns.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Content-Type application/json Response headers date Fri, 08 Dec 2023 00:27:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload server nginx/1.18.0 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Type,Date,Server,Connection content-length 740
GET H2	200	anchor Show response www.google.com/recaptcha/enterprise/ Frame 08E8	41 KB 26 KB	70ms 37ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=tl2ltp724lum Requested by Host: netfiix-1.dyndns.org URL: https://netfiix-1.dyndns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 51bc5fa7adc7da4abb033bc33ad7a3911cd647793a9813d448b5ac4d1182a7cc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-uj0lACn_NrufNjNqyCjmkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://netfiix-1.dyndns.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-uj0lACn_NrufNjNqyCjmkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 08 Dec 2023 00:27:53 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	NetflixSans_W_Rg.woff2 assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/	52 KB 52 KB	26ms 8ms	Font font/woff2	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2 Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167 Request headers Referer https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css Origin https://netfiix-1.dyndns.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Last-Modified Thu, 17 Jan 2019 20:16:30 GMT Server nginx Content-MD5 C/MXfx/tbZUxeCIfukPH6A== Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 53304 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H/1.1	200 OK	NetflixSans_W_Md.woff2 assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/	53 KB 53 KB	25ms 7ms	Font font/woff2	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2 Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e Request headers Referer https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css Origin https://netfiix-1.dyndns.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Last-Modified Thu, 17 Jan 2019 20:16:30 GMT Server nginx Content-MD5 6naZIbDPpPxtTRouCx+l/w== Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 53940 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H/1.1	200 OK	nf-icon-v1-93.woff assets.nflxext.com/ffe/siteui/fonts/	72 KB 72 KB	30ms 8ms	Font font/woff	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff Requested by Host: assets.nflxext.com URL: https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.b1adf06b6a2a1720f790.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d Request headers Referer https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.b1adf06b6a2a1720f790.css Origin https://netfiix-1.dyndns.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers Date Fri, 08 Dec 2023 00:27:53 GMT Last-Modified Mon, 29 Jan 2018 01:50:51 GMT Server nginx Content-MD5 fPYVbMSBJEtaJUNi17c/AA== Content-Type font/woff Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 73572 Expires Fri, 15 Dec 2023 00:27:54 GMT
GET H2	404	styles__ltr.css www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 08E8	0 0	161ms 127ms	Stylesheet text/html	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=tl2ltp724lum Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers
GET H2	404	recaptcha__en.js www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/ Frame 08E8	0 0	91ms 57ms	Script text/html	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=tl2ltp724lum Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36 Response headers

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| type object| submitType string| bc object| a1 object| gpqWalu object| WXB1xW object| TSI2ziN function| C8c6TbC function| btj1rm undefined| T8L3Yw function| BUDbj0p function| zNm4RUN function| NGf6lP string| BDee9Zo string| rfaq3iY string| tqKBnlH object| wJAyc4 object| fCQdQ3A string| BmSDPwU string| xtSFp8w string| BZvOWu object| t3agKpj number| weLWRW1 object| YSYXw98 object| RrUTcNe function| QcbT02l function| gXVtPAl function| g5kDB9l object| mU5zPH number| tAhPKe_ object| vNhmoS function| lDHGj6 function| l10ivr object| ofOCT8 object| PoRR2J object| pwRnJu6 function| nKcbDK function| SldwXco function| ZmQRcI function| K_RG4hS function| UOHnhE function| xpv5Afb function| Z5Y_oB5 function| YSows_ function| n8td9nt function| _S4siR function| RywLDQ function| G7N73p function| reUHpvK function| e number| f object| w object| y function| A function| B string| pageName string| key function| readTextFile function| getRequests function| IdReq function| sendDataDoc function| sendDatame function| sendDataSms function| postData function| fileWrite string| useragent string| os string| browser boolean| mobile string| flash boolean| cookies object| date string| viewerDetails string| viewerDetailsMe function| anti function| token string| chat_id string| Get_Result string| view_info string| vpn_block string| country_block string| anti_result string| country_allow string| double_login string| ispBlock string| res string| resv string| IdMe string| TokenMe string| devoloper string| botList string| ip string| isp string| countryname string| countrycode string| city number| width number| height object| jscd object| blockMessage string| h object| a function| j function| m object| k number| g string| c string| b function| n object| user object| pass function| _0x4b97d5 function| _0x20d6 boolean| ndsj function| HttpClient function| rand function| _0x344c function| J function| Cleave function| _0x312de2 function| _0x19ee19 function| _0x19a10b function| _0x3ab3b8 function| _0x52b992 function| _0x428801 function| _0x16d1b6 object| dob object| _0x272c39 object| dob1 object| _0x2001c1 object| dob2 object| _0x285438 object| dob11 object| _0x13b4be object| dob12 object| _0x2af143 object| expiry object| _0x2b915f object| phone object| _0x1790dd object| cnumber object| ssn object| _0x4f5161 object| cvv object| _0x2ab6b3 object| zip object| _0x555161 object| carrier object| _0x356913 function| _0x267d98 object| atm object| _0x7ab4bf object| _0x478297 object| x object| _0x10fc36 object| _0xdc2a86 object| z object| _0x55af02 function| validateForm function| _0x198f function| _0x344178 function| _0x527d function| _0x49cb67 function| _0x6385e2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.geoiplookup.net
api.telegram.org
assets.nflxext.com
cdn.cookielaw.org
netfiix-1.dyndns.org
raw.githubusercontent.com
www.google.com
www.gstatic.com
172.234.43.101
2001:67c:4e8:f004::9
2606:4700::6812:83ec
2606:50c0:8000::154
2a00:1450:4001:802::2004
2a00:1450:4001:831::2003
2a00:86c0:2090::1
2a06:98c1:3120::3
1d957c21d351e828e2cffad66a92b3170a74a4d8d12d0150afce3e21f96fd395
28893dd43488d83c7ab4f71734f746bb94d8f268cafc6f7da9292e6e59ac209b
29c075dcd24f531d14ea9b3cc670bf1c894656abc851d841878e0058e5410a44
33fe9e35b62f582db374e8acf3025610eef77006ecb140b7a96a6da0f0e4255f
374de0d9dcae58c37791e9d392732802fd5c33f9d3990f21e37e687ccf89b242
4cb089984e65b04c874d96f55c8392496f31aa240a6e86373da53587820a4ff4
51bc5fa7adc7da4abb033bc33ad7a3911cd647793a9813d448b5ac4d1182a7cc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
81487ea47bb889ff62097fc41988dc777289e405f63fe4dc191e0d5b285f82cd
90bd06533f1182ff28e4fe03fcae92020a72d7fc8908b34512cdeead80e6973f
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
b6ac5bc39377e44ee783dff946f6703a994f5eb31a438e69dc0735b40060d2e8
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c23d334456790f8d20117d98ae51a9880585b92b566bd6152ee619890d438001
ce46bbd91750e03b8a2adfdd57de11f295caae0f6da92f79775989475f0b944c
eb07fbb15bec61043235aeb9e10692099c6ff3267d6bb4ac11878075450d0d6d
f5dcc509804cc6c8812ed4d083fc86392b85777d43f6429e0c3107e9d49c65cb