urlscan.io logo urlscan.io
SecurityTrails logo

www.netflix20.ml Open in urlscan Pro
2a00:1450:4001:818::2013  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.netflix20.ml/
Submission: On July 08 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 24 HTTP transactions. The main IP is 2a00:1450:4001:818::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.netflix20.ml.
TLS certificate: Issued by GTS CA 1D2 on July 6th 2020. Valid for: 3 months.
This is the only time www.netflix20.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

2    2a00:1450:4001:818::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.netflix20.ml
5    2a00:1450:4001:81e::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:801::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2606:4700:20::ac43:45d7 (United States)

ASN13335 (CLOUDFLARENET, US)
cpabuild.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2606:4700:3033::681f:51f5 (United States)

ASN13335 (CLOUDFLARENET, US)
cldoffers.net
1    35.222.120.150 (United States)

ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com
anthill.instapage.com
Domain Requested by
6 cldoffers.net cpabuild.com
4 storage.googleapis.com www.netflix20.ml
4 www.blogger.com www.netflix20.ml
3 fonts.gstatic.com www.netflix20.ml
2 www.netflix20.ml www.netflix20.ml
1 anthill.instapage.com www.netflix20.ml
1 www.google-analytics.com www.netflix20.ml
1 resources.blogblog.com www.netflix20.ml
1 cpabuild.com www.netflix20.ml
1 fonts.googleapis.com www.netflix20.ml
24 10

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
Subject Issuer Validity Valid
www.netflix20.ml
GTS CA 1D2		 2020-07-06 -
2020-10-04		 3 months crt.sh
*.blogger.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
cpabuild.com
Cloudflare Inc ECC CA-3		 2020-07-03 -
2021-07-03		 a year crt.sh
*.google.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-21 -
2020-10-09		 6 months crt.sh
anthill.instapage.com
Let's Encrypt Authority X3		 2020-05-18 -
2020-08-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.netflix20.ml/
Frame ID: 3ED6680FF92AA3E7022CBE27797B2373
Requests: 23 HTTP requests in this frame

Frame: https://cldoffers.net/public/offers/customTemplates.php?it=945098&w=1600&h=1200&key=d3553&m=0&r=
Frame ID: 19A47CDDA2F67CBCBD0070AAEE188F9B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • meta generator /^Blogger$/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

24
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

10
Subdomains

9
IPs

2
Countries

248 kB
Transfer

781 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.netflix20.ml/ 		37 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b3e6cccba995c3b4fc7641d24fd855a14c91df45879c07bb15aa3aae1a3c0520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.netflix20.ml
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html; charset=UTF-8
expires
Wed, 08 Jul 2020 00:17:52 GMT
date
Wed, 08 Jul 2020 00:17:52 GMT
cache-control
private, max-age=0
last-modified
Mon, 06 Jul 2020 06:20:02 GMT
etag
W/"e53f2693e8e3787f6c6df50fe0c07aa8df9d9b4c07e1936d900b48bde101df3c"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10998
server
GSE
3455314004-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3455314004-widget_css_bundle.css
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25f654e30834688f9a468bfa5b0a90b6c54066dfce4c81a7975fedef029f5e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Jun 2020 00:49:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Jun 2020 19:21:50 GMT
server
sffe
age
1898926
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6822
x-xss-protection
0
expires
Wed, 16 Jun 2021 00:49:07 GMT
css
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 08 Jul 2020 00:08:59 GMT
server
ESF
date
Wed, 08 Jul 2020 00:17:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Jul 2020 00:17:53 GMT
031a761e2b05d2bed213fd1f07412755.css
storage.googleapis.com/instapage-app-assets/425/ 		215 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/instapage-app-assets/425/031a761e2b05d2bed213fd1f07412755.css
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
49552cf24fb4a73f0616514ddbf7938201de980b1d1323dafacd3be80e5c5faa

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 23:36:45 GMT
content-encoding
gzip
x-goog-stored-content-length
34300
age
2468
x-guploader-uploadid
AAANsUn9Px4GZ4OT_5AeoHvuvuRzzUNSoJHlc5fPFNZmi0Ng1beJTv9WpZBluoTVovtUnmfQNLHPS7NH6znABcUPW90
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-meta-expires
Sun, 08 Apr 2018 07:26:07 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34300
last-modified
Wed, 15 Feb 2017 15:26:07 GMT
server
UploadServer
etag
"080c1afb7f7be4c9fdbb2d497c010bbe"
vary
Accept-Encoding
x-goog-hash
crc32c=A2d8LA==, md5=CAwa+3975Mn9uy1JfAELvg==
x-goog-generation
1487172367761037
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=315360000, public
x-goog-meta-content-length
34300
accept-ranges
bytes
content-type
text/css
expires
Wed, 07 Jul 2021 23:36:45 GMT
a5cb880a745154a6a1a45f3465215dfd.js
storage.googleapis.com/instapage-app-assets/425/ 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/instapage-app-assets/425/a5cb880a745154a6a1a45f3465215dfd.js
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
15b3fcc73003a15db7d41d2c0f6e03a432fe190c0da5603cbd71b5cc5111b6b8

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 23:36:45 GMT
content-encoding
gzip
x-goog-stored-content-length
67426
age
2468
x-guploader-uploadid
AAANsUk2ykcbAs2dartq7qXb9GEkyDqrh1RWD6jcGSI0fyzRbf3zhzvWRy2Ie6BNF6oBMOkCEqzdr5ySvfD6FijD1w0
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-meta-expires
Sun, 08 Apr 2018 07:26:06 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67426
last-modified
Wed, 15 Feb 2017 15:26:07 GMT
server
UploadServer
etag
"950df85e291c10eeaa94f3fe572e1d38"
vary
Accept-Encoding
x-goog-hash
crc32c=vxmlYw==, md5=lQ34XikcEO6qlPP+Vy4dOA==
x-goog-generation
1487172367196574
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=315360000, public
x-goog-meta-content-length
67426
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 07 Jul 2021 23:36:45 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2999219134899492804&zx=22815b9c-4807-4f9b-b631-5b74100e919d
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 08 Jul 2020 00:17:53 GMT
server
GSE
date
Wed, 08 Jul 2020 00:17:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
13132213-0-netflix-logo.png
storage.googleapis.com/instapage-user-media/b2744156/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/instapage-user-media/b2744156/13132213-0-netflix-logo.png
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
267dae8c975546a1f326a7a069f81c3ec6b77f131ed55e0018ce76a9fbc93739

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 23:36:46 GMT
x-goog-stored-content-length
10867
age
2467
x-guploader-uploadid
AAANsUlW6QVJxQiDog3z9BdHA6go5gSuXTQv1VLIVIqzlnGx0rAe-h5RX1YLiySdkrwQx_wX9W9ubYxsOjz6pDC2niI
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sun, 08 Apr 2018 12:52:51 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10867
last-modified
Wed, 15 Feb 2017 20:52:51 GMT
server
UploadServer
etag
"f1eea7f8ea2a5ee85fc2a20fedbefbbd"
x-goog-hash
crc32c=FtfruQ==, md5=8e6n+OoqXuhfwqIP7b77vQ==
x-goog-generation
1487191971199000
cache-control
max-age=315360000, public
x-goog-meta-content-length
0
accept-ranges
bytes
content-type
image/png
expires
Wed, 07 Jul 2021 23:36:46 GMT
locker.js
cpabuild.com/public/external/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cpabuild.com/public/external/locker.js
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6e8d166b5ad43c05334f28d92b9679349171e628266016553563f0246a20297

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jun 2020 20:06:50 GMT
server
cloudflare
age
2965
etag
W/"57ac-5a8c5e6567f21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=691200
cf-ray
5af59ff30b62d6d5-FRA
cf-request-id
03cd624be10000d6d55e078200000001
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 04:55:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Jul 2020 01:33:13 GMT
server
sffe
age
588154
content-type
image/png
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Wed, 08 Jul 2020 04:55:19 GMT
cookienotice.js
www.netflix20.ml/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.netflix20.ml/js/cookienotice.js
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Jul 2020 20:18:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Wed, 15 Jul 2020 00:17:53 GMT
2758729552-widgets.js
www.blogger.com/static/v1/widgets/ 		140 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/2758729552-widgets.js
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1fc68b864b50ca3195bfd59a6f9594d6178bd718e540ce01e5043db6eff6888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 03 Jul 2020 00:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 Jul 2020 23:09:21 GMT
server
sffe
age
431106
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52090
x-xss-protection
0
expires
Sat, 03 Jul 2021 00:32:47 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4895
date
Tue, 07 Jul 2020 22:56:18 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 08 Jul 2020 00:56:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic
Origin
https://www.netflix20.ml

Response headers

date
Wed, 10 Jun 2020 14:25:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
2368366
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 10 Jun 2021 14:25:07 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic
Origin
https://www.netflix20.ml

Response headers

date
Fri, 12 Jun 2020 20:41:36 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2172977
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 12 Jun 2021 20:41:36 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,300italic,400italic,500,500italic,700,700italic,900,900italic
Origin
https://www.netflix20.ml

Response headers

date
Fri, 12 Jun 2020 00:19:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
2246291
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Sat, 12 Jun 2021 00:19:42 GMT
html.945098.d3553.0.js
cldoffers.net/public/external/v2/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/v2/html.945098.d3553.0.js
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:51f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash
1bf7206bd474b3bb85960531d6267d93df513ac645abe8fefab3b8ed4a8ffb67

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:53 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-powered-by
PHP/7.2.28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
5af59ff3f82d1f39-FRA
cf-request-id
03cd624c7e00001f396e82e200000001
css_front.css
cldoffers.net/public/external/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/css_front.css
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:51f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jun 2020 20:05:34 GMT
server
cloudflare
age
2339
etag
W/"19c4-5a8c5e1dcc9d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5af59ff3f82b1f39-FRA
cf-request-id
03cd624c7e00001f396e82d200000001
authorization.css
www.blogger.com/dyn-css/ 		1 B
88 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=2999219134899492804&zx=22815b9c-4807-4f9b-b631-5b74100e919d
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 08 Jul 2020 00:17:53 GMT
server
GSE
date
Wed, 08 Jul 2020 00:17:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
visit
anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/ 		35 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://anthill.instapage.com/projects/56c2f3d796773d0a7e96a536/events/visit?api_key=68fed4e4018a653907eb9ad013ec6afcc8ae3cdd7020d48fcee256a892976a47a6bcb82250280e1a6acfe87ab0e741fcbab9e09f862e6b31b004fef8c6f11b7de1796edff21627c12cc625669a9cee8b7b0d2b596da8d4296d19f2ae0583cbe84f572bcb16ccb804cac851df7f03bf0555d631deef53b150b139b15ea792408387a4ff3e58c74fbd8947dd7f2c4769aa&data=eyJ1c2VyX2lkIjoxMjc4NDE5LCJwYWdlX2lkIjo0ODIxODY4LCJwdWJsaXNoZWRfdmVyc2lvbiI6NCwicXVhbnRpdHkiOjEsInN0YXRpY19wYWdlIjpmYWxzZSwidmFyaWF0aW9uX25hbWUiOiJBIiwidmFyaWF0aW9uX2lkIjoxLCJsaW5rZWRfdmFyaWF0aW9uX2lkIjoyLCJpbml0aWFsX3Jlc3BvbnNpdmVfbW9kZSI6bnVsbCwidmlzaXRvcl9pcCI6IjEwNC4xNTUuMTU5LjcxIiwidXNlcmFnZW50IjoiIiwiamF2YXNjcmlwdCI6dHJ1ZSwidmFyaWF0aW9uIjoiQSIsImdlbmVyYXRpb25fdGltZSI6IjEzMyIsInJlc3BvbnNpdmVfbW9kZSI6bnVsbCwidmlzaXRlZCI6MH0=
Requested by
Host: www.netflix20.ml
URL: https://www.netflix20.ml/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.222.120.150 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
150.120.222.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:53 GMT
referrer-policy
same-origin
x-powered-by
Express
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
status
200
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=315360000; includeSubDomains
vary
Origin
content-length
35
etag
W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"
css.css
cldoffers.net/public/clockers/MobileApps/ 		1010 B
419 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/clockers/MobileApps/css.css
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:51f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
cloudflare
age
1898
etag
W/"3f2-5a2f7428ae907"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
5af59ff75bbd1f39-FRA
cf-request-id
03cd624e9b00001f396e856200000001
loading_circle.svg
storage.googleapis.com/instapage-app-assets/img/ 		694 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/instapage-app-assets/img/loading_circle.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 07 Jul 2020 23:37:56 GMT
age
2397
x-guploader-uploadid
AAANsUkYuCEwDJuBVrNmBmoDRzHYY7XDL1owaTo-M2jfCbxnHO2xITxxxd9-NxkFfTMxfSU9I2W7KIUJD2nym-uGao0
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
694
last-modified
Mon, 04 Jul 2016 13:37:12 GMT
server
UploadServer
etag
"be00fc4a29d03016e78b28c9943e3f51"
x-goog-hash
crc32c=Y/o9cg==, md5=vgD8SinQMBbniyjJlD4/UQ==
x-goog-generation
1467639432842000
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
694
accept-ranges
bytes
content-type
image/svg+xml
expires
Wed, 08 Jul 2020 00:37:56 GMT
check.php
cldoffers.net/public/external/ 		0
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/check.php?time=1594167475826&it=945098
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:51f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cf-ray
5af5a003e9eb1f39-FRA
content-length
0
cf-request-id
03cd62566f00001f396e8b6200000001
customTemplates.php
cldoffers.net/public/offers/ Frame 19A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/offers/customTemplates.php?it=945098&w=1600&h=1200&key=d3553&m=0&r=
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:51f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash

Request headers

:method
GET
:authority
cldoffers.net
:scheme
https
:path
/public/offers/customTemplates.php?it=945098&w=1600&h=1200&key=d3553&m=0&r=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.netflix20.ml/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.netflix20.ml/

Response headers

status
200
date
Wed, 08 Jul 2020 00:17:58 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dced2587c806a4ba50bbcb663b4978d2c1594167478; expires=Fri, 07-Aug-20 00:17:58 GMT; path=/; domain=.cldoffers.net; HttpOnly; SameSite=Lax BUILD_VISITOR_RAND=0b67e133; expires=Thu, 09-Jul-2020 00:17:58 GMT; Max-Age=86400; path=/ BUILD_VISITOR_ID=431402126; expires=Thu, 09-Jul-2020 00:17:58 GMT; Max-Age=86400; path=/ BUILD_VISITOR_ID_KEY=a1baa7bb998111ebc545d1e23140cdea; expires=Thu, 09-Jul-2020 00:17:58 GMT; Max-Age=86400; path=/ BUILD_VISITOR_IT_ID=945098; expires=Thu, 09-Jul-2020 00:17:58 GMT; Max-Age=86400; path=/ BUILD_VISITOR_IT_ID_KEY=d3553; expires=Thu, 09-Jul-2020 00:17:58 GMT; Max-Age=86400; path=/
x-powered-by
PHP/7.2.28
cache-control
no-cache, no-transform
pragma
no-cache
expires
Sat, 26 Jul 1997 05:00:00 GMT
cf-cache-status
DYNAMIC
cf-request-id
03cd625fe300001f396e92c200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5af5a0130b2f1f39-FRA
impression.php
cldoffers.net/public/external/ 		10 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cldoffers.net/public/external/impression.php?time=1594167479244
Requested by
Host: cpabuild.com
URL: https://cpabuild.com/public/external/locker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681f:51f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d

Request headers

Referer
https://www.netflix20.ml/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 00:17:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.28
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
status
200
cf-ray
5af5a0194a4f1f39-FRA
cf-request-id
03cd6263ca00001f396e959200000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| adsbygoogle string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| B64 function| base64_encode function| base64_decode function| FormErrorPosition function| InstapageFormController object| _form_controller function| MobileHelper function| $ function| jQuery function| Translate function| TranslateElement function| ijQuery function| ServerStorageLocal function| InstapageUniqueVisit function| moment number| page_version object| _Translate number| __page_id number| __version string| __variant boolean| __is_tablet string| __page_domain string| __instapage_services string| __instapage_proxy_services boolean| __preview boolean| __facebook number| __page_type number| __mobile_version object| jQuery11110938102818987788 function| is_new_mobile_visible function| iCopyKeenEvent function| iEncodePixelUrl function| iCreateTrackingPixel object| __conversions_settings object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| _Mobile_helper object| __unique object| __keen_io_called_parameters number| r number| g number| b

1 Cookies

Domain/Path Name / Value
www.netflix20.ml/ Name: instapage-visit-4821868
Value: %7B%22A%22%3A%7B%22b%22%3A1%2C%22d%22%3A1594167473%7D%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anthill.instapage.com
cldoffers.net
cpabuild.com
fonts.googleapis.com
fonts.gstatic.com
resources.blogblog.com
storage.googleapis.com
www.blogger.com
www.google-analytics.com
www.netflix20.ml
2606:4700:20::ac43:45d7
2606:4700:3033::681f:51f5
2a00:1450:4001:800::200a
2a00:1450:4001:801::2010
2a00:1450:4001:808::200e
2a00:1450:4001:818::2003
2a00:1450:4001:818::2013
2a00:1450:4001:81e::2009
35.222.120.150
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
15b3fcc73003a15db7d41d2c0f6e03a432fe190c0da5603cbd71b5cc5111b6b8
1bf7206bd474b3bb85960531d6267d93df513ac645abe8fefab3b8ed4a8ffb67
25f654e30834688f9a468bfa5b0a90b6c54066dfce4c81a7975fedef029f5e13
267dae8c975546a1f326a7a069f81c3ec6b77f131ed55e0018ce76a9fbc93739
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
49552cf24fb4a73f0616514ddbf7938201de980b1d1323dafacd3be80e5c5faa
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94df22701bd80fca42c776b7064a4505986161b616007963e1ba60adba6f84d5
a6e8d166b5ad43c05334f28d92b9679349171e628266016553563f0246a20297
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b3e6cccba995c3b4fc7641d24fd855a14c91df45879c07bb15aa3aae1a3c0520
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d1fc68b864b50ca3195bfd59a6f9594d6178bd718e540ce01e5043db6eff6888
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955