netflix.grosirtopup.com Open in urlscan Pro
45.9.74.96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://netflix.grosirtopup.com/
Submission: On August 22 via automatic, source certstream-suspicious (August 22nd 2023, 6:45:47 pm UTC) — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 45.9.74.96, located in and belongs to PARTNER-AS, RU. The main domain is netflix.grosirtopup.com.
TLS certificate: Issued by R3 on August 22nd 2023. Valid for: 3 months.

This is the only time netflix.grosirtopup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	45.9.74.96 45.9.74.96	204603 (PARTNER-AS) (PARTNER-AS)
1	2a02:ec80:600... 2a02:ec80:600:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	199.231.166.82 199.231.166.82	29802 (HVC-AS) (HVC-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:86c0:209... 2a00:86c0:2091::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
8	5

4 45.9.74.96 (None, )

ASN204603 (PARTNER-AS, RU)

netflix.grosirtopup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:600:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.231.166.82 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: clover.vhostplatform.com

pinnacleproductions.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:86c0:2091::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	grosirtopup.com netflix.grosirtopup.com	358 KB
1	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 4094	316 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	979 B
1	pinnacleproductions.in pinnacleproductions.in	159 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3522	15 KB
8	5

	Domain	Requested by
4	netflix.grosirtopup.com	netflix.grosirtopup.com
1	assets.nflxext.com	netflix.grosirtopup.com
1	fonts.googleapis.com	netflix.grosirtopup.com
1	pinnacleproductions.in	netflix.grosirtopup.com
1	upload.wikimedia.org	netflix.grosirtopup.com
8	5

This site contains no links.

Subject Issuer	Validity	Valid
netflix.grosirtopup.com R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-27` - `2023-11-17`	a year	crt.sh
pinnacleproductions.in R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2023-07-31` - `2023-09-01`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://netflix.grosirtopup.com/
Frame ID: 04A45ECB5B7B00D570AFB84145BB9E01
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

8
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

848 kB
Transfer

851 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
netflix.grosirtopup.com/ 1 KB
1018 B 170ms
40ms Document
text/html 45.9.74.96
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.grosirtopup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.9.74.96 -, , ASN204603 (PARTNER-AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: a72c62397e60f45bc564b57b1f4e3eabbbc3125d3054352e7e4d2bd03f12ec35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 708
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Aug 2023 18:45:40 GMT
ETag: "569-60386a8e7f497-gzip"
Last-Modified: Tue, 22 Aug 2023 17:52:34 GMT
Server: nginx/1.24.0
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
netflix.grosirtopup.com/css/ 5 KB
2 KB 41ms
41ms Stylesheet
text/css 45.9.74.96
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.grosirtopup.com/css/main.css
Requested by: Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.9.74.96 -, , ASN204603 (PARTNER-AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 4e2e9ea5752733eed6139f750f8b3fc652f645c81453aec48ea9a193f99f5f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix.grosirtopup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:45:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 17:52:40 GMT
Server: nginx/1.24.0
ETag: W/"64e4f5e8-1271"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H2 200 1024px-Netflix_2015_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/0/08/Netflix_2015_logo.svg/ 14 KB
15 KB 216ms
125ms Image
image/png 2a02:ec80:600:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/0/08/Netflix_2015_logo.svg/1024px-Netflix_2015_logo.svg.png

Requested by

Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:600:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

82bfca383085418b273bd7b4ffe3672f49113c46bebab9aa3dc1a4c77888bd8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix.grosirtopup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 08:37:27 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 36493
x-cache-status: hit-front
x-cache: cp6003 hit, cp6004 hit/5
content-disposition: inline;filename*=UTF-8''Netflix_2015_logo.svg.png
server-timing: cache;desc="hit-front", host;desc="cp6004"
content-length: 14056
x-client-ip: 2a00:c98:2030:a004:1::9
last-modified: Wed, 16 Feb 2022 12:23:06 GMT
server: ATS/9.1.4
etag: df605527faac680524a938643c2cfa87
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 popcorn.png
pinnacleproductions.in/wp-content/uploads/2023/01/ 158 KB
159 KB 1616ms
325ms Image
image/png 199.231.166.82
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pinnacleproductions.in/wp-content/uploads/2023/01/popcorn.png
Requested by: Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.231.166.82 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: clover.vhostplatform.com
Software: LiteSpeed /
Resource Hash: 2e970e22fe336eb84efed8046b7a6ed37e1201554eab81d4eb069498bde61892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix.grosirtopup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 18:45:42 GMT
last-modified: Mon, 30 Jan 2023 16:59:17 GMT
server: LiteSpeed
etag: "279a8-63d7f765-456de134ed02500d;;;"
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 162216
expires: Tue, 29 Aug 2023 18:45:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
979 B 93ms
36ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix.grosirtopup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 18:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 17:08:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 18:45:40 GMT

GET
H/1.1 200
OK US-en-20230619-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/530fc327-2ddb-4038-a3f0-2da2d9ccede1/16dc19eb-4b61-4568-9696-c9ddfc377f23/ 315 KB
316 KB 133ms
79ms Image
image/jpeg 2a00:86c0:2091::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/530fc327-2ddb-4038-a3f0-2da2d9ccede1/16dc19eb-4b61-4568-9696-c9ddfc377f23/US-en-20230619-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by: Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 66f4d9cb30404bffb2ef1e4a57f70e48f54118dfee5ef904ef5d036971443987

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix.grosirtopup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:45:41 GMT
Last-Modified: Wed, 21 Jun 2023 13:40:15 GMT
Server: nginx
Content-MD5: OFVKI5kFKfBTtqHZYVgK9w==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 322895
Expires: Tue, 29 Aug 2023 18:45:42 GMT

GET
H/1.1 200
OK netflixsans-bold.ttf
netflix.grosirtopup.com/fonts/ 178 KB
178 KB 354ms
353ms Font
font/ttf 45.9.74.96
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.grosirtopup.com/fonts/netflixsans-bold.ttf
Requested by: Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.9.74.96 -, , ASN204603 (PARTNER-AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: a362c14088676ec0dd66aad9957d44700fa36d093640166424821aa3e4bbacb6

Request headers

Referer: https://netflix.grosirtopup.com/css/main.css
Origin: https://netflix.grosirtopup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:45:41 GMT
Last-Modified: Tue, 22 Aug 2023 18:01:46 GMT
Server: nginx/1.24.0
ETag: "2c864-60386c9d265de"
Content-Type: font/ttf
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 182372

GET
H/1.1 200
OK netflixsans-regular.ttf
netflix.grosirtopup.com/fonts/ 177 KB
177 KB 138ms
75ms Font
font/ttf 45.9.74.96
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://netflix.grosirtopup.com/fonts/netflixsans-regular.ttf
Requested by: Host: netflix.grosirtopup.com
URL: https://netflix.grosirtopup.com/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.9.74.96 -, , ASN204603 (PARTNER-AS, RU),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 261773d4215caffb88649014fab00e9ee42054c35694b98c69338af4b80cefeb

Request headers

Referer: https://netflix.grosirtopup.com/css/main.css
Origin: https://netflix.grosirtopup.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 18:45:41 GMT
Last-Modified: Tue, 22 Aug 2023 18:01:48 GMT
Server: nginx/1.24.0
ETag: "2c3cc-60386c9f0abf9"
Content-Type: font/ttf
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181196

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
fonts.googleapis.com
netflix.grosirtopup.com
pinnacleproductions.in
upload.wikimedia.org
199.231.166.82
2a00:1450:4001:82f::200a
2a00:86c0:2091::1
2a02:ec80:600:ed1a::2:b
45.9.74.96
261773d4215caffb88649014fab00e9ee42054c35694b98c69338af4b80cefeb
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2e970e22fe336eb84efed8046b7a6ed37e1201554eab81d4eb069498bde61892
4e2e9ea5752733eed6139f750f8b3fc652f645c81453aec48ea9a193f99f5f65
66f4d9cb30404bffb2ef1e4a57f70e48f54118dfee5ef904ef5d036971443987
82bfca383085418b273bd7b4ffe3672f49113c46bebab9aa3dc1a4c77888bd8e
a362c14088676ec0dd66aad9957d44700fa36d093640166424821aa3e4bbacb6
a72c62397e60f45bc564b57b1f4e3eabbbc3125d3054352e7e4d2bd03f12ec35

netflix.grosirtopup.com Open in urlscan Pro 45.9.74.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

848 kBTransfer

851 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

netflix.grosirtopup.com Open in urlscan Pro
45.9.74.96 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

848 kB
Transfer

851 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions