urlscan.io logo urlscan.io
SecurityTrails logo

ron-marom12.github.io
2606:50c0:8003::153  Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: https://ron-marom12.github.io/netflix/ 2yr old
Submission: On August 01 via automatic, source openphish — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 31 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is ron-marom12.github.io. 2yr old
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: 1yr.
This is the only time ron-marom12.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
7 2606:50c0:800... 54113 (FASTLY)
6 2a00:86c0:209... 40027 (NETFLIX-ASN)
2 2607:f8b0:400... 15169 (GOOGLE)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 74.125.192.103 15169 (GOOGLE)
31 7
7    2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)
ron-marom12.github.io 2yr old
6    2a00:86c0:2091::1 (United States)

ASN40027 (NETFLIX-ASN, US)
assets.nflxext.com 11yr old
2    2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com 9yr old
11    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org 9yr old
1    2607:f8b0:400d:c00::69 (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google.com 56yr old
1    2606:4700::6812:1d7f (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com 8yr old
3    74.125.192.103 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f103.1e100.net
www.google.com 56yr old
Apex Domain
Subdomains		 Transfer
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554 9yr old
271 KB
7 github.io
ron-marom12.github.io 2yr old
68 KB
6 nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 1656 11yr old
951 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10 56yr old
1 KB
2 gstatic.com
www.gstatic.com 9yr old
211 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019 8yr old
295 B
31 6
Domain Requested by
11 cdn.cookielaw.org ron-marom12.github.io
cdn.cookielaw.org
7 ron-marom12.github.io ron-marom12.github.io
assets.nflxext.com
6 assets.nflxext.com ron-marom12.github.io
assets.nflxext.com
4 www.google.com ron-marom12.github.io
www.gstatic.com
2 www.gstatic.com ron-marom12.github.io
www.google.com
1 geolocation.onetrust.com cdn.cookielaw.org
31 6

This site contains links to these domains. Also see Links.

Domain
policies.google.com
help.netflix.com
optout.aboutads.info
www.onetrust.com
Subject Issuer Validity Valid
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 1yr crt.sh
*.1.nflxso.net
DigiCert Secure Site ECC CA-1		 2024-07-17 -
2024-09-25		 2mo crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3mo crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2024-03-01 -
2024-12-31		 10mo crt.sh
www.google.com
WR2		 2024-07-30 -
2024-10-22		 3mo crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 1yr crt.sh
*.google.com
WR2		 2024-07-30 -
2024-10-22		 3mo crt.sh

This page contains 4 frames:

Primary Page: https://ron-marom12.github.io/netflix/
Frame ID: 56362A290A74F1660102D9A869E25CEA
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=iw&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ayy6defyjvze
Frame ID: 248F42EE232074199C946E77BE388AF4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9yb24tbWFyb20xMi5naXRodWIuaW86NDQz&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=yotlh71vjl3p
Frame ID: AE16F5C01636534C1EA2C50DE7239750
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9yb24tbWFyb20xMi5naXRodWIuaW86NDQz&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=kbm2spakybe3
Frame ID: F07E1142D78DD98812BF570049ED416C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.github\.io
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

31
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

6
Subdomains

7
IPs

1
Countries

1502 kB
Transfer

4513 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ron-marom12.github.io/netflix/ 		323 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
25f399dc20831a77465fea2dcade93ab57dadf2d5efa4935f2127eac29a70918
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
58019
content-type
text/html; charset=utf-8
date
Thu, 01 Aug 2024 00:17:41 GMT
etag
W/"658b8070-50d93"
expires
Thu, 01 Aug 2024 00:27:41 GMT
last-modified
Wed, 27 Dec 2023 01:40:00 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
25c071e52411c6378898e129e4170673d142d380
x-github-request-id
64EC:16A5:1BC1700:20A3EA1:66AAD425
x-proxy-cache
MISS
x-served-by
cache-yul1970032-YUL
x-timer
S1722471461.412173,VS0,VE28
loginControllerClient.js.6a552702096c11a2b5cb.js
assets.nflxext.com/web/ffe/wp/components/login/ 		2 MB
525 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.6a552702096c11a2b5cb.js
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b10e925c42cb7d4f62b55ca9ecd4ccf87e5c0bf8e1cc836d78d39674d52699dd

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 00:17:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Dec 2023 14:07:23 GMT
Server
nginx
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
536741
Expires
Thu, 08 Aug 2024 00:17:42 GMT
WebsiteDetect
ron-marom12.github.io/personalization/cl2/freeform/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://ron-marom12.github.io/netflix/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
x-fastly-request-id
a8bf6fa8b9fb77e2df7c90c0a3aad03d795747df
strict-transport-security
max-age=31556952
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
date
Thu, 01 Aug 2024 00:17:41 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
5254
x-served-by
cache-yul1970032-YUL
server
GitHub.com
x-github-request-id
2275:E9BDA:4728869:5396D81:66AAD423
x-timer
S1722471461.471079,VS0,VE26
etag
W/"64d39a40-24a3"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__iw.js
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ron-marom12.github.io/
Origin
https://ron-marom12.github.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 00:17:42 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1621
x-xss-protection
0
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Wbr2pAeg61Hfi+2FuD0cYA==
age
33240
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 30 Jul 2024 06:13:33 GMT
server
cloudflare
etag
0x8DCB05EBD67BCB8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2759b695-301e-00c8-3eb1-e202bd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58a881ea216-YYZ
expires
Thu, 01 Aug 2024 15:03:41 GMT
loginBase.6b02118817e957e7abed.css
assets.nflxext.com/web/ffe/wp/less/login/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.6b02118817e957e7abed.css
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ebdf640c52c18e29163711ed4a20123bb7aaca05f0a9f970f9934c0fe04093ba

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 00:17:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 May 2024 23:47:14 GMT
Server
nginx
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9228
Expires
Thu, 08 Aug 2024 00:17:42 GMT
Login.e1bf4c53a34d8e135356.css
assets.nflxext.com/web/ffe/wp/less/pages/login/ 		89 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/web/ffe/wp/less/pages/login/Login.e1bf4c53a34d8e135356.css
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9bbb1a6abdbbf9f61ebe7f7417713774d26f106f50f442b550a60e1557be322a

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 00:17:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Nov 2023 20:09:26 GMT
Server
nginx
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15108
Expires
Thu, 08 Aug 2024 00:17:42 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202301.1.0/ 		395 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
TPatHKMti4L8TVrK0PWkxg==
age
23024
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
96303
x-ms-lease-status
unlocked
last-modified
Wed, 22 Feb 2023 03:39:35 GMT
server
cloudflare
etag
0x8DB14866ADAA84A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5e262276-701e-0068-1464-235f13000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58cda51a216-YYZ
IL-en-20231218-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/563192ea-ac0e-4906-a865-ba9899ffafad/5d38fec7-584c-4f29-b0b8-8c5f5051bff1/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/ffe/siteui/vlv3/563192ea-ac0e-4906-a865-ba9899ffafad/5d38fec7-584c-4f29-b0b8-8c5f5051bff1/IL-en-20231218-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d5c4c9ff7c7f04322817b7949ab12c7b9d90e806d887e4a28962dc0848cd73d4

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 00:17:41 GMT
Last-Modified
Wed, 20 Dec 2023 14:49:34 GMT
Server
nginx
Content-MD5
CgDWiugW8Jf5bsugherapQ==
Content-Type
image/jpeg
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
326911
Expires
Thu, 08 Aug 2024 00:17:42 GMT
enterprise.js
www.google.com/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c00::69 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
80821be04bdf81c9c326f472207ca253c2615a9df49c275728e7b52a7b3a6417
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 00:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 01 Aug 2024 00:17:41 GMT
Netflix_Logo_PMS.png
cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3MQJRwmi3BSvKIhEVW/5tw==
age
13486
content-length
16386
x-ms-lease-status
unlocked
last-modified
Mon, 18 May 2020 21:10:31 GMT
server
cloudflare
etag
0x8D7FB6FE5CFC000
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
226f34b6-c01e-0042-5908-7c8003000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58b289ca216-YYZ
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
33383
x-ms-lease-status
unlocked
last-modified
Tue, 30 Jul 2024 06:13:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
b01fb8d7-301e-000f-4cb3-e27e7c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac1a58b68cba216-YYZ
WebsiteDetect
ron-marom12.github.io/personalization/cl2/freeform/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://ron-marom12.github.io/netflix/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
1
x-fastly-request-id
e4a2d70fc2a075a5a8bd2e0954b44b0101c6cdda
strict-transport-security
max-age=31556952
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
date
Thu, 01 Aug 2024 00:17:41 GMT
via
1.1 varnish
age
0
x-cache
HIT
content-length
5254
x-served-by
cache-yul1970032-YUL
server
GitHub.com
x-github-request-id
2275:E9BDA:4728869:5396D81:66AAD423
x-timer
S1722471462.519726,VS0,VE1
etag
W/"64d39a40-24a3"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
WebsiteScreen
ron-marom12.github.io/personalization/cl2/freeform/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1285&screenw=1600&screenh=1200&ratio=1
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://ron-marom12.github.io/netflix/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-cache-hits
0
x-fastly-request-id
37040bc83a6d9035126982306ca51c2762212b65
strict-transport-security
max-age=31556952
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
date
Thu, 01 Aug 2024 00:17:41 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
5254
x-served-by
cache-yul1970032-YUL
server
GitHub.com
x-github-request-id
5B80:1701:2B0649B:326DE39:66AAD423
x-timer
S1722471462.519691,VS0,VE27
etag
W/"64d39a40-24a3"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-allow-origin
*
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
87b6a5c0-0104-4e96-a291-092c11350111.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8efdfa1f1787edc955adde466cca9f1a815beb7d09b16de98aebde287cef334b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
4ZdpTpk+PCs2x8sniXnzdQ==
content-length
2047
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jul 2024 17:03:29 GMT
server
cloudflare
etag
0x8DC9F6FE40ACBE5
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
714cbaed-801e-0052-0754-e38e78000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58b2bcfab3b-YYZ
expires
Fri, 02 Aug 2024 00:17:41 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 00:17:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8ac1a58cbc88a253-YYZ
access-control-allow-headers
Content-Type
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.6b02118817e957e7abed.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer
https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.6b02118817e957e7abed.css
Origin
https://ron-marom12.github.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 00:17:42 GMT
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73572
Expires
Thu, 08 Aug 2024 00:17:43 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202406.1.0/ 		451 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7I5y/rp4ODu7ul89ty+epQ==
age
6676
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
112027
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:01 GMT
server
cloudflare
etag
0x8DCA5E56F667161
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c05e064f-501e-009c-79cf-d7e837000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58d0a77a216-YYZ
en.json
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/0190934a-1a28-76d7-83d2-3d0544f00076/ 		67 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/0190934a-1a28-76d7-83d2-3d0544f00076/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab526bf1cb72237d5ef3b597737defdc27237c280e92b361adc6bb58c8c7664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
BorIqWs8meI2iDgpgNJpoA==
content-length
17062
x-ms-lease-status
unlocked
last-modified
Mon, 08 Jul 2024 17:03:33 GMT
server
cloudflare
etag
0x8DC9F6FE6798439
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f8265c5b-201e-0039-0aa8-e3d32e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58d5ceeab3b-YYZ
expires
Fri, 02 Aug 2024 00:17:42 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sHJXWIgDpMKY35PyRRy4zQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3003
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:54 GMT
server
cloudflare
etag
0x8DCA5E56B3084E2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0fd31128-101e-00b9-15b2-d87084000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58e8dbaab3b-YYZ
otPcTab.json
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/ 		64 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/v2/otPcTab.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f782196e69b26506e8d7dd58efebf50eed2a2a5f22213840228c06e22cf326ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
sxVQu4bvJiVSEaVIG+YdHw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13838
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:19:56 GMT
server
cloudflare
etag
0x8DCA5E56CAA35E2
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b0ca737d-c01e-00b0-0f77-d86a0a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8ac1a58e8dbcab3b-YYZ
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202406.1.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202406.1.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
HyPJ72TNHxdfOI82cqKVqA==
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 22:20:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
770d636a-001e-00ad-2777-d8b3e0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac1a58e8dbdab3b-YYZ
recaptcha__en.js
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 		531 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1d667d61bb50e0a815101a7d0d7f379b7219776fee856eedbe965a049db8d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ron-marom12.github.io/
Origin
https://ron-marom12.github.io
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 00:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
215075
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Jul 2025 00:38:25 GMT
log
ron-marom12.github.io/personalization/ 		131 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/personalization/log
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.6a552702096c11a2b5cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

X-Netflix.ichnaea.request.type
UiRequest
Referer
https://ron-marom12.github.io/netflix/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-served-by
cache-yul1970032-YUL
x-fastly-request-id
1aff937e08fb0b61b6b24fbefa7b3a25c829ea21
date
Thu, 01 Aug 2024 00:17:42 GMT
via
1.1 varnish
server
Varnish
x-timer
S1722471463.809444,VS0,VE1
x-cache
MISS
accept-ranges
bytes
content-length
131
retry-after
0
x-cache-hits
0
anchor
www.google.com/recaptcha/enterprise/ Frame 248F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=iw&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=ayy6defyjvze
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f103.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bm9VvTqntKmQX_9ucvCxlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ron-marom12.github.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bm9VvTqntKmQX_9ucvCxlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 00:17:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ot_close.svg
cdn.cookielaw.org/logos/static/ 		651 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: ron-marom12.github.io
URL: https://ron-marom12.github.io/netflix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 01 Aug 2024 00:17:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
23030
x-ms-lease-status
unlocked
last-modified
Wed, 31 Jul 2024 06:32:33 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
33bccd68-101e-0018-3a4e-e3be1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8ac1a592aefca216-YYZ
anchor
www.google.com/recaptcha/enterprise/ Frame AE16 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9yb24tbWFyb20xMi5naXRodWIuaW86NDQz&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=yotlh71vjl3p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f103.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cIOrmVLs8Mg5QtjIR2jNZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ron-marom12.github.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-cIOrmVLs8Mg5QtjIR2jNZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 00:17:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/enterprise/ Frame F07E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly9yb24tbWFyb20xMi5naXRodWIuaW86NDQz&hl=en&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=kbm2spakybe3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.192.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qn-in-f103.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A7z2PcYmc1GS8Bww9dKXDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ron-marom12.github.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-A7z2PcYmc1GS8Bww9dKXDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 01 Aug 2024 00:17:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nficon2023.ico
assets.nflxext.com/us/ffe/siteui/common/icons/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/us/ffe/siteui/common/icons/nficon2023.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3

Request headers

Referer
https://ron-marom12.github.io/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Thu, 01 Aug 2024 00:17:43 GMT
Last-Modified
Thu, 31 Aug 2023 18:57:29 GMT
Server
nginx
Content-MD5
WPVNnqFRdmcYAr6+7k2kyw==
Content-Type
image/x-icon
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9854
Expires
Thu, 08 Aug 2024 00:17:44 GMT
cl2
ron-marom12.github.io/personalization/ 		131 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/personalization/cl2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.6a552702096c11a2b5cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

Referer
https://ron-marom12.github.io/netflix/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Netflix.Client.Request.Name
ui/cl
Content-Type
application/json

Response headers

x-served-by
cache-yul1970032-YUL
x-fastly-request-id
c747eb9efb8f73d731980ed60ae94d2bf0951a18
date
Thu, 01 Aug 2024 00:17:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1722471468.690639,VS0,VE0
x-cache
MISS
accept-ranges
bytes
content-length
131
retry-after
0
x-cache-hits
0
cl2
ron-marom12.github.io/personalization/ 		131 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ron-marom12.github.io/personalization/cl2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.6a552702096c11a2b5cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

Referer
https://ron-marom12.github.io/netflix/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
X-Netflix.Client.Request.Name
ui/cl
Content-Type
application/json

Response headers

x-served-by
cache-yul1970032-YUL
x-fastly-request-id
f16535819cbec4284a4838fa9dd3e42a0c9b4c3f
date
Thu, 01 Aug 2024 00:17:48 GMT
via
1.1 varnish
server
Varnish
x-timer
S1722471469.714638,VS0,VE1
x-cache
MISS
accept-ranges
bytes
content-length
131
retry-after
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

25 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| OptanonWrapper object| netflix string| __public_path__ string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust object| webpackChunk_nf_web_ui_nonmember function| _ object| util object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| handleSubmit object| recaptcha object| closure_lm_25298

0 Cookies

8 Console Messages

Source Level URL
Text
network error URL: https://ron-marom12.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ron-marom12.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ron-marom12.github.io/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1285&screenw=1600&screenh=1200&ratio=1
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__iw.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ron-marom12.github.io/netflix/
Message:
Refused to execute script from 'https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__iw.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://ron-marom12.github.io/personalization/log
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://ron-marom12.github.io/personalization/cl2
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://ron-marom12.github.io/personalization/cl2
Message:
Failed to load resource: the server responded with a status of 405 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
cdn.cookielaw.org
geolocation.onetrust.com
ron-marom12.github.io
www.google.com
www.gstatic.com
2606:4700::6812:1d7f
2606:4700::6812:562a
2606:50c0:8003::153
2607:f8b0:400d:c00::69
2607:f8b0:400d:c07::5e
2a00:86c0:2091::1
74.125.192.103
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
1505aa0792421f831935f4761a95f31462a3dd097c8bd00ad8e9c765c8065517
25f399dc20831a77465fea2dcade93ab57dadf2d5efa4935f2127eac29a70918
47407e3845cb067265a07cb279ccc7a38b927b0c2dc034b627f089115ac0d306
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
80821be04bdf81c9c326f472207ca253c2615a9df49c275728e7b52a7b3a6417
8efdfa1f1787edc955adde466cca9f1a815beb7d09b16de98aebde287cef334b
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ab526bf1cb72237d5ef3b597737defdc27237c280e92b361adc6bb58c8c7664
9bbb1a6abdbbf9f61ebe7f7417713774d26f106f50f442b550a60e1557be322a
9c5f7722c5df8eb24dda20ecc01c9f73e3103e10052fd980da4e7d9f753a97d3
b10e925c42cb7d4f62b55ca9ecd4ccf87e5c0bf8e1cc836d78d39674d52699dd
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368
d5c4c9ff7c7f04322817b7949ab12c7b9d90e806d887e4a28962dc0848cd73d4
d890abf66010907c7a0a61236d25c3c98bcb7edec34b13dc887f5be122bfef7e
db0da7efe3ac5fc9e598f71e291326f137ea7bbbf97fed4fee0e86b717b0d9a8
db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f
e1d667d61bb50e0a815101a7d0d7f379b7219776fee856eedbe965a049db8d44
ebdf640c52c18e29163711ed4a20123bb7aaca05f0a9f970f9934c0fe04093ba
f782196e69b26506e8d7dd58efebf50eed2a2a5f22213840228c06e22cf326ff