urlscan.io logo urlscan.io
SecurityTrails logo

www.netflix1.cf Open in urlscan Pro
2a00:1450:4001:820::2013  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.netflix1.cf/
Effective URL: https://www.netflix1.cf/
Submission Tags: phishingcatcher certstream Search All
Submission: On May 15 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 17 HTTP transactions. The main IP is 2a00:1450:4001:820::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.netflix1.cf.
TLS certificate: Issued by GTS CA 1D2 on May 15th 2020. Valid for: 3 months.
This is the only time www.netflix1.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2a00:1450:4001:820::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.netflix1.cf
3    52.219.112.208 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com
s3-us-west-1.amazonaws.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700:3037::6818:72cc (United States)

ASN13335 (CLOUDFLARENET, US)
cpmirrorhandler.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700:3037::6812:35f7 (United States)

ASN13335 (CLOUDFLARENET, US)
cldoffers.net
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
4 cldoffers.net cpmirrorhandler.com
3 s3-us-west-1.amazonaws.com www.netflix1.cf
3 www.netflix1.cf 1 redirects www.netflix1.cf
2 www.google-analytics.com www.netflix1.cf
1 fonts.gstatic.com www.netflix1.cf
1 fonts.googleapis.com www.netflix1.cf
1 cpmirrorhandler.com www.netflix1.cf
1 ajax.googleapis.com www.netflix1.cf
0 gc.kis.v2.scr.kaspersky-labs.com Failed www.netflix1.cf
17 9

This site contains links to these domains. Also see Links.

Domain
www.netflix.com
www.blogger.com
Subject Issuer Validity Valid
www.netflix1.cf
GTS CA 1D2		 2020-05-15 -
2020-08-13		 3 months crt.sh
*.s3-us-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-10		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-24 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-15 -
2020-07-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.netflix1.cf/
Frame ID: 0AD4E1C79DC9DA00DF64E201D9494A08
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.netflix1.cf/ HTTP 301
    https://www.netflix1.cf/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

17
Requests

88 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

478 kB
Transfer

630 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.netflix1.cf/ HTTP 301
    https://www.netflix1.cf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.netflix1.cf/
Redirect Chain
  • http://www.netflix1.cf/
  • https://www.netflix1.cf/
62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
33109cc695489bd0e9ed4dd36476669664867febc2516c8a4197224ed19a99fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.netflix1.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
expires
Fri, 15 May 2020 21:37:43 GMT
date
Fri, 15 May 2020 21:37:43 GMT
cache-control
private, max-age=0
last-modified
Fri, 15 May 2020 21:35:12 GMT
etag
W/"88e5aa2df728910713a34965764c9a86205a08111b56c8170e31ed76c534e670"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21652
server
GSE

Redirect headers

Location
https://www.netflix1.cf/
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Date
Fri, 15 May 2020 21:37:42 GMT
Expires
Fri, 15 May 2020 21:37:42 GMT
Cache-Control
private, max-age=0
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors 'self'
X-XSS-Protection
1; mode=block
Content-Length
174
Server
GSE
main.js
gc.kis.v2.scr.kaspersky-labs.com/0ABFAB14-757D-B14A-A60A-D564DA601BF4/ 		0
0
1488069992571d02d023ab6dd3a9a39045aff803da.png
s3-us-west-1.amazonaws.com/bucket.cpabuild.com/uploads/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-1.amazonaws.com/bucket.cpabuild.com/uploads/1488069992571d02d023ab6dd3a9a39045aff803da.png
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.112.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
01280923c79bf6a234981824a2abf72609ca298621d4eb67453bf2c47140ebf5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 21:37:44 GMT
Last-Modified
Sun, 26 Feb 2017 00:46:33 GMT
Server
AmazonS3
x-amz-request-id
DFB9E228532A725A
ETag
"c939fd82365e12e4d74058f09af84d3f"
Content-Type
image/png
x-amz-version-id
LMY7QeKnIi2hKi6JHlhFHQ1JdbgdiChb
Accept-Ranges
bytes
Content-Length
13463
x-amz-id-2
ARcHPhLkBbasO64den1k5u5lkOU6Ly1abN9JgVTG5sVfpdOSyMBGkiaDlOGpfzcPBsYfhVM5sYw=
1488069991765e104b24b20f39d8318b42fe8226b5.png
s3-us-west-1.amazonaws.com/bucket.cpabuild.com/uploads/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-1.amazonaws.com/bucket.cpabuild.com/uploads/1488069991765e104b24b20f39d8318b42fe8226b5.png
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.112.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
dc9d4ab3b0f26001f05c6981dfb23c3f6237eca218a574154f0ec5c7a1a87ff6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 21:37:45 GMT
Last-Modified
Sun, 26 Feb 2017 00:46:32 GMT
Server
AmazonS3
x-amz-request-id
DEC9ABE4D8E1E117
ETag
"537e6d07107b2d2875ea48c6f1908005"
Content-Type
image/png
x-amz-version-id
3JBPoaHNFOxhEIto2Z6Jd1jWToBq7_hF
Accept-Ranges
bytes
Content-Length
79339
x-amz-id-2
tSaQnK5WD1TLO9HEpvDeUB9Mr3vL0Sa5lRJPzH/KXy7r3S1MEda/8ULQbENcC8BECJzS+5QhuYs=
cookienotice.js
www.netflix1.cf/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflix1.cf/js/cookienotice.js
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:37:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 May 2020 19:29:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Fri, 22 May 2020 21:37:44 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 02:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70194
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 May 2021 02:07:49 GMT
locker.js
cpmirrorhandler.com/public/external/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpmirrorhandler.com/public/external/locker.js
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6818:72cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e8d166b5ad43c05334f28d92b9679349171e628266016553563f0246a20297

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:37:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 Apr 2020 07:30:58 GMT
server
cloudflare
age
2758
etag
W/"57ac-5a3c7ff28f976"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
59400079cee3d6e1-FRA
cf-request-id
02bbdea0180000d6e13f9e7200000001
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
2496
date
Fri, 15 May 2020 20:56:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Fri, 15 May 2020 22:56:19 GMT
14880699912f7f771960c077dace6e354ab14f23b9.jpg
s3-us-west-1.amazonaws.com/bucket.cpabuild.com/uploads/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-us-west-1.amazonaws.com/bucket.cpabuild.com/uploads/14880699912f7f771960c077dace6e354ab14f23b9.jpg
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.112.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
93b6515b28790b7c807eced312279b5ab2511ba190beb78056c3903ab35aa051

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 15 May 2020 21:37:56 GMT
Last-Modified
Sun, 26 Feb 2017 00:46:32 GMT
Server
AmazonS3
x-amz-request-id
7FB1E82A01B0787C
ETag
"f367e7c3a4eda22b1c934bd7494aaaca"
Content-Type
image/jpg
x-amz-version-id
CALREiRUKX885MrlqXXb0.C6etaq4hnz
Accept-Ranges
bytes
Content-Length
295832
x-amz-id-2
ja0Bp206iD7ap1KUfX3UdED81hG6ck141VNiu9GEvVO+I7JTmzZruG4F10fFr78DEm9fAqFimH8=
css
fonts.googleapis.com/ 		2 KB
789 B 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700.woff
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
600d5f48dfba1019a6e4474b9f0c18dc3aaf7d6874ad319f12e635da583ab5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.netflix1.cf

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 15 May 2020 21:37:55 GMT
server
ESF
date
Fri, 15 May 2020 21:37:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 May 2020 21:37:55 GMT
css
fonts.googleapis.com/ 		0
0
html.875820.fa24d.0.js
cldoffers.net/public/external/v2/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/v2/html.875820.fa24d.0.js
Requested by
Host: cpmirrorhandler.com
URL: https://cpmirrorhandler.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:35f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash
bdccf90b23915fde49bd3c60d7160c08aec5cb3c78be0d42bee5a1a40efb314b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:37:55 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-powered-by
PHP/7.2.28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
594000c09ba0dfef-FRA
cf-request-id
02bbdecc5b0000dfefcba06200000001
css_front.css
cldoffers.net/public/external/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/css_front.css
Requested by
Host: cpmirrorhandler.com
URL: https://cpmirrorhandler.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:35f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:37:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 22:28:56 GMT
server
cloudflare
age
3979
etag
W/"19c4-5a2f742516a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
594000c09ba1dfef-FRA
cf-request-id
02bbdecc5b0000dfefcba07200000001
RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/roboto/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v15/RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01a44f86a9b361ef0d3ad5e4f9f0f01d394ab53fc5b0e3dff92466fa411e706b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
Origin
https://www.netflix1.cf

Response headers

date
Fri, 10 Apr 2020 02:56:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jan 2015 22:47:38 GMT
server
sffe
age
3091303
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14596
x-xss-protection
0
expires
Sat, 10 Apr 2021 02:56:12 GMT
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1511440592&t=pageView&_s=1&dl=https%3A%2F%2Fwww.netflix1.cf%2F&ul=en-us&de=UTF-8&dt=Claim%20Your%20%2460%20Netflix%20Card&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=855495916&gjid=900003002&cid=586188445.1589578675&tid=UA-85922709-2&_gid=278940912.1589578675&_r=1&cd1=0&z=2133627171
Requested by
Host: www.netflix1.cf
URL: https://www.netflix1.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 May 2020 21:37:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
css.css
cldoffers.net/public/clockers/HumanVerification/ 		1 KB
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/clockers/HumanVerification/css.css
Requested by
Host: cpmirrorhandler.com
URL: https://cpmirrorhandler.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:35f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9064b3368b65c9e47e057f59538af8739a43ff3e3b9713bf2675916a2d586b88

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:37:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
cloudflare
age
6776
etag
W/"436-5a2f7428ae907"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
594000c2b9c7dfef-FRA
cf-request-id
02bbdecdb10000dfefcba19200000001
check.php
cldoffers.net/public/external/ 		0
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/check.php?time=1589578677635&it=875820
Requested by
Host: cpmirrorhandler.com
URL: https://cpmirrorhandler.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:35f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 15 May 2020 21:37:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cf-ray
594000cf3f76dfef-FRA
content-length
0
cf-request-id
02bbded5850000dfefcbaee200000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gc.kis.v2.scr.kaspersky-labs.com
URL
https://gc.kis.v2.scr.kaspersky-labs.com/0ABFAB14-757D-B14A-A60A-D564DA601BF4/main.js
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto.woff

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| GoogleAnalyticsObject function| ga object| adsbygoogle function| $ function| jQuery object| CPABUILDSETTINGS string| forward object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| cookieChoices object| logo object| title object| sky object| coatClosed object| coatOpened object| wrapper object| gboverlay object| gbmouse object| generatorbox object| gblogo object| statustext object| progress object| code object| wholder object| whcontent boolean| content boolean| video number| ts number| as string| ae number| psMin number| psMax number| psLongMin number| psLongMax boolean| canClose object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| r number| g number| b number| checkWidget

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cldoffers.net
cpmirrorhandler.com
fonts.googleapis.com
fonts.gstatic.com
gc.kis.v2.scr.kaspersky-labs.com
s3-us-west-1.amazonaws.com
www.google-analytics.com
www.netflix1.cf
fonts.googleapis.com
gc.kis.v2.scr.kaspersky-labs.com
2606:4700:3037::6812:35f7
2606:4700:3037::6818:72cc
2a00:1450:4001:800::200a
2a00:1450:4001:808::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::2013
52.219.112.208
01280923c79bf6a234981824a2abf72609ca298621d4eb67453bf2c47140ebf5
01a44f86a9b361ef0d3ad5e4f9f0f01d394ab53fc5b0e3dff92466fa411e706b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
33109cc695489bd0e9ed4dd36476669664867febc2516c8a4197224ed19a99fa
600d5f48dfba1019a6e4474b9f0c18dc3aaf7d6874ad319f12e635da583ab5b9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9064b3368b65c9e47e057f59538af8739a43ff3e3b9713bf2675916a2d586b88
93b6515b28790b7c807eced312279b5ab2511ba190beb78056c3903ab35aa051
a6e8d166b5ad43c05334f28d92b9679349171e628266016553563f0246a20297
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
bdccf90b23915fde49bd3c60d7160c08aec5cb3c78be0d42bee5a1a40efb314b
dc9d4ab3b0f26001f05c6981dfb23c3f6237eca218a574154f0ec5c7a1a87ff6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855