urlscan.io logo urlscan.io
SecurityTrails logo

translated.turbopages.org Open in urlscan Pro
213.180.193.193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://podporapredplat.com/
Effective URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Submission Tags: @ecarlesi possiblethreat #phishing #netflix Search All
Submission: On August 16 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 23 HTTP transactions. The main IP is 213.180.193.193, located in Russian Federation and belongs to YANDEX, RU. The main domain is translated.turbopages.org. The Cisco Umbrella rank of the primary domain is 487670.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on March 21st 2023. Valid for: 6 months.
This is the only time translated.turbopages.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 216.239.34.21 15169 (GOOGLE)
1 1 213.180.204.193 13238 (YANDEX)
2 3 213.180.193.193 13238 (YANDEX)
7 178.154.131.217 13238 (YANDEX)
1 104.18.11.207 13335 (CLOUDFLAR...)
2 34.120.194.28 396982 (GOOGLE-CL...)
6 45.57.90.1 2906 (AS-SSI)
1 142.250.65.202 15169 (GOOGLE)
1 172.217.13.99 15169 (GOOGLE)
3 5.255.255.77 13238 (YANDEX)
1 213.180.204.194 13238 (YANDEX)
23 9
1    216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net
podporapredplat.com
1    213.180.204.193 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: translate.yandex.ru
translate.yandex.com
3    213.180.193.193 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: z5h64q92x9.net
translated.turbopages.org
7    178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    34.120.194.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.194.120.34.bc.googleusercontent.com
v.netici7767.repl.co
6    45.57.90.1 (United States)

ASN2906 (AS-SSI, US)
assets.nflxext.com
1    142.250.65.202 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f10.1e100.net
fonts.googleapis.com
1    172.217.13.99 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f3.1e100.net
fonts.gstatic.com
3    5.255.255.77 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru
yandex.ru
1    213.180.204.194 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: translate.yandex.net
translate.yandex.net
Apex Domain
Subdomains		 Transfer
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6466
90 KB
6 nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4094
186 KB
3 yandex.ru
yandex.ru — Cisco Umbrella Rank: 2014
1 KB
3 turbopages.org
translated.turbopages.org — Cisco Umbrella Rank: 487670
16 KB
2 repl.co
v.netici7767.repl.co
312 KB
1 yandex.net
translate.yandex.net — Cisco Umbrella Rank: 28472
904 B
1 gstatic.com
fonts.gstatic.com
46 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
998 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1179
7 KB
1 yandex.com
translate.yandex.com — Cisco Umbrella Rank: 207451
624 B
1 podporapredplat.com
podporapredplat.com
282 B
23 11
Domain Requested by
7 yastatic.net translated.turbopages.org
6 assets.nflxext.com translated.turbopages.org
assets.nflxext.com
3 yandex.ru translated.turbopages.org
3 translated.turbopages.org 2 redirects
2 v.netici7767.repl.co translated.turbopages.org
v.netici7767.repl.co
1 translate.yandex.net yastatic.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com v.netici7767.repl.co
1 maxcdn.bootstrapcdn.com translated.turbopages.org
1 translate.yandex.com 1 redirects
1 podporapredplat.com 1 redirects
23 11

This site contains links to these domains. Also see Links.

Domain
translate.yandex.com
yandex.com
v.netici7767.repl.co
Subject Issuer Validity Valid
z5h64q92x9.net
GlobalSign RSA OV SSL CA 2018		 2023-03-21 -
2023-09-19		 6 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-07-10 -
2024-01-07		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
netici7767.repl.co
GTS CA 1P5		 2023-08-12 -
2023-11-10		 3 months crt.sh
*.1.nflxso.net
DigiCert Secure Site ECC CA-1		 2023-08-14 -
2023-09-19		 a month crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2023-06-21 -
2023-12-19		 6 months crt.sh
translate.yandex.net
GlobalSign RSA OV SSL CA 2018		 2023-07-08 -
2023-12-12		 5 months crt.sh

This page contains 1 frames:

Primary Page: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Frame ID: A105D2C3016E54C3F9D073F0781AE7CE
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix

Page URL History Show full URLs

  1. http://podporapredplat.com/ HTTP 302
    https://translate.yandex.com/translate?view=compact&url=v.netici7767.repl.co&lang=en-sk HTTP 302
    https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/v.netici7767.repl.co HTTP 307
    https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.... HTTP 307
    https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

9
IPs

3
Countries

660 kB
Transfer

978 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://podporapredplat.com/ HTTP 302
    https://translate.yandex.com/translate?view=compact&url=v.netici7767.repl.co&lang=en-sk HTTP 302
    https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/v.netici7767.repl.co HTTP 307
    https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/ HTTP 307
    https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1.php
translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/
Redirect Chain
  • http://podporapredplat.com/
  • https://translate.yandex.com/translate?view=compact&url=v.netici7767.repl.co&lang=en-sk
  • https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/v.netici7767.repl.co
  • https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/
  • https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.180.193.193 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
z5h64q92x9.net
Software
/
Resource Hash
69e04a5daeb29d28ea3a0621b8b42e81fea5cbf98c51260a482693abc7433ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=120
content-length
16303
content-type
text/html; charset=utf-8
date
Wed, 16 Aug 2023 12:04:12 GMT
etag
"213b09080cf45e459e6cfbda9a8dd713d988f516"
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 16 Aug 2023 12:04:12 GMT
location
./1.php
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
turbo.js
yastatic.net/s3/translate/v109.1/dist/scripts/bundles/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/scripts/bundles/turbo.js
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
a3262e29ede50f5466f519748606b47cd46000e99868e90f3294ff7d404d1fff
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Origin
https://translated.turbopages.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:17 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"f7d2638cb883f5b97c12e48b357afed9"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
fd6e040267ce937c
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:49:24 GMT
tr_page_common.css
yastatic.net/s3/translate/v109.1/dist/styles/misc/ 		65 B
593 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/styles/misc/tr_page_common.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
64ff50635f01862246140b7752377d30beb0129cc2c3637b52327d0af8f2671b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:21 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"87f1cbc47d6477e7b9ca1e8d6eb76dd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
7f3ecae67db5b9bc
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:48:49 GMT
tr_page_popup.css
yastatic.net/s3/translate/v109.1/dist/styles/misc/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/styles/misc/tr_page_popup.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:21 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"17e415f83f90752e80dd978e2a5d611f"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
a3d5b08569724ef1
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:51:35 GMT
tr_page_stripe.css
yastatic.net/s3/translate/v109.1/dist/styles/misc/ 		32 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/styles/misc/tr_page_stripe.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
25fee228870a47e60a3364441f6ee08c554dcda68e14de11204643f4f11d50a0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:22 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"a2b96d69837844f58e717ca0f1dbef43"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
1567d1f4795fcd1e
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:52:21 GMT
tr_page.js
yastatic.net/s3/translate/v109.1/dist/scripts/addons/ 		204 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/scripts/addons/tr_page.js
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
cc8bd510ecf0f1286a4def691fc8c24040089908c96bf6bd0608da25a530ef38
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:16 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"9a67db4346b60f28f5d10976de5fefe6"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
4684e545ce08e04d
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:49:23 GMT
tr_page_worker.js
yastatic.net/s3/translate/v109.1/dist/scripts/addons/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/scripts/addons/tr_page_worker.js
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
d83b795a23947b8db87e38319edf3f4e62e569bfe7cec19e64fb3e6dab62471f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:17 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"7e2b682027c0132e3979263c4937d125"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
93a9d48c917bbb3a
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:52:21 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
4747985
cdn-cachedat
07/15/2022 17:39:48
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fd988eff7e18a1438cab136d55eb10e6
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7f7989e14fcb36d8-YYZ
cdn-requestpullsuccess
True
style.css
v.netici7767.repl.co/css/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v.netici7767.repl.co/css/style.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.194.120.34.bc.googleusercontent.com
Software
/
Resource Hash
cf26c5c4ac4e79b88ab50f275bfd3afabb991240ec6f7ac3efd505d3329d4692
Security Headers
Name Value
Strict-Transport-Security max-age=7425110; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:13 GMT
strict-transport-security
max-age=7425110; includeSubDomains
host
v.netici7767.repl.co
replit-cluster
hacker
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
4487
content-type
text/css; charset=UTF-8
error-page.b122c37502204303115a.css
assets.nflxext.com/web/ffe/wp/less/core/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 12:04:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Jan 2023 19:05:46 GMT
Server
nginx
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2524
Expires
Wed, 23 Aug 2023 12:04:14 GMT
loginBase.db4481459b483cc78012.css
assets.nflxext.com/web/ffe/wp/less/login/ 		44 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/web/ffe/wp/less/login/loginBase.db4481459b483cc78012.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
89a3506e5e15a2cee9feb5422374cca721ba83ee9dfa92f26091ec0f5af51d16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 12:04:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 21:20:44 GMT
Server
nginx
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
9249
Expires
Wed, 23 Aug 2023 12:04:14 GMT
Login.fcd0c98cb56a9e2b00f0.css
assets.nflxext.com/web/ffe/wp/less/pages/login/ 		80 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/web/ffe/wp/less/pages/login/Login.fcd0c98cb56a9e2b00f0.css
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
2578d84257821ea44b1333609474b85b37e6902626f4c322d4565cf894626ee3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 12:04:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2023 13:19:06 GMT
Server
nginx
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13739
Expires
Wed, 23 Aug 2023 12:04:14 GMT
css2
fonts.googleapis.com/ 		3 KB
998 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@400;700&display=swap
Requested by
Host: v.netici7767.repl.co
URL: https://v.netici7767.repl.co/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f10.1e100.net
Software
ESF /
Resource Hash
5da315580f658c5cf759032561f8346157dd2b47855a7a820b4fbfc2af15e706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://v.netici7767.repl.co/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 16 Aug 2023 12:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 11:04:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Aug 2023 12:04:14 GMT
fond.jpg
v.netici7767.repl.co/img/ 		307 KB
307 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v.netici7767.repl.co/img/fond.jpg
Requested by
Host: v.netici7767.repl.co
URL: https://v.netici7767.repl.co/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.194.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
28.194.120.34.bc.googleusercontent.com
Software
/
Resource Hash
d964e693f725d8f156dfa25536c43521e441f5ae0c709cd4cdd5feca2c4ce4a3
Security Headers
Name Value
Strict-Transport-Security max-age=7425109; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://v.netici7767.repl.co/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:14 GMT
strict-transport-security
max-age=7425109; includeSubDomains
host
v.netici7767.repl.co
replit-cluster
hacker
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
314112
content-type
image/jpeg
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

Referer
https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Origin
https://translated.turbopages.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 12:04:14 GMT
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
Content-MD5
C/MXfx/tbZUxeCIfukPH6A==
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53304
Expires
Wed, 23 Aug 2023 12:04:15 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f3.1e100.net
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://translated.turbopages.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:45:40 GMT
x-content-type-options
nosniff
age
40714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Aug 2024 00:45:40 GMT
NetflixSans_W_Bd.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Bd.woff2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
6cc71e5053b6599423f3ba402e6e50c04907b9ba93c3211a56dd32e3a2e6cf4d

Request headers

Referer
https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Origin
https://translated.turbopages.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 12:04:14 GMT
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
Content-MD5
iMafL3dhn8cfItg2Q/mGRQ==
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
55228
Expires
Wed, 23 Aug 2023 12:04:15 GMT
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
Requested by
Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software
nginx /
Resource Hash
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

Request headers

Referer
https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css
Origin
https://translated.turbopages.org
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Wed, 16 Aug 2023 12:04:14 GMT
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
Content-MD5
6naZIbDPpPxtTRouCx+l/w==
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53940
Expires
Wed, 23 Aug 2023 12:04:15 GMT
turbo.js
yastatic.net/s3/translate/v109.1/dist/scripts/bundles/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/translate/v109.1/dist/scripts/bundles/turbo.js
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
a3262e29ede50f5466f519748606b47cd46000e99868e90f3294ff7d404d1fff
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 12:04:14 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
last-modified
Thu, 10 Aug 2023 13:07:17 GMT
server
nginx/1.17.9
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag
W/"f7d2638cb883f5b97c12e48b357afed9"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
f909389a4e8fc53c
timing-allow-origin
*
expires
Thu, 15 Aug 2024 17:51:35 GMT
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=12101/ytr_host=https%3A%2F%2Fv.netici7767.repl.co%2F1.php/ytr_lang=en-sk/ytr_url=https%3A%2F%2... 		43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=first_translation_request/ytr_time=12101/ytr_host=https%3A%2F%2Fv.netici7767.repl.co%2F1.php/ytr_lang=en-sk/ytr_url=https%3A%2F%2Fv.netici7767.repl.co%2F1.php/ytr_sid=cc09eeb2.64dcbb3c.cc548ce4.74722d75726c/ytr_srv=tr-url/ytr_ver=v109.1/ytr_dir=en-sk/ytr_key=first_translation_request/ytr_cur_ts=1692187454728/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1692187455108737-6409102645079941563-balancer-l7leveler-kubr-yp-vla-142-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
cache-control
no-cache
content-length
43
translate
translate.yandex.net/api/v1/tr.json/ 		610 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://translate.yandex.net/api/v1/tr.json/translate?context_title=Netflix&id=cc09eeb2.64dcbb3c.cc548ce4.74722d75726c-0-0&context_host=v.netici7767.repl.co&srv=tr-url&text=Log%20in&text=Email%20or%20phone%20number&text=Password&text=Sign%20In&text=Remember%20me&text=Need%20help%3F&text=First%20time%20signing%20in%20to%20Netflix%3F%20%20%3Ca%3ESign%20up%20now.%3C%2Fa%3E.%20%20&text=%3Cspan%3EThis%20page%20is%20protected%20by%20Google%20reCAPTCHA%20to%20ensure%20you%26apos%3Bre%20not%20a%20robot.%3C%2Fspan%3E%3Cspan%3ELearn%20More.%3C%2Fspan%3E&text=Questions%3F%20Call%20000-800-919-1694&text=FAQ&text=Help%20Center&text=Terms%20of%20use&lang=en-sk&format=html&options=2&
Requested by
Host: yastatic.net
URL: https://yastatic.net/s3/translate/v109.1/dist/scripts/addons/tr_page.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.194 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
translate.yandex.net
Software
/
Resource Hash
2e68f05b126cde1fd536bdc1731b4d302b8729da3533cb45699ccc6714d2dba2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://translated.turbopages.org
date
Wed, 16 Aug 2023 12:04:15 GMT
cache-control
no-store
x-content-type-options
nosniff
content-length
610
content-type
application/json; charset=utf-8
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=12133/ytr_host=https://v.netici7767.repl.co/1.php/ytr_lang=en-ru/ytr_url=https://v.netici7767.repl.co/1.php/yt... 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74186/ytr_counter_name=dcl_event/ytr_time=12133/ytr_host=https://v.netici7767.repl.co/1.php/ytr_lang=en-ru/ytr_url=https://v.netici7767.repl.co/1.php/ytr_sid=cc09eeb2.64dcbb3c.cc548ce4.74722d75726c/ytr_srv=tr-url/ytr_ver=v109.1/ytr_dir=en-sk/ytr_key=dcl_event/ytr_cur_ts=1692187454760/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Requested by
Host: translated.turbopages.org
URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1692187455109175-12969806554646669256-balancer-l7leveler-kubr-yp-vla-142-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
cache-control
no-cache
content-length
43
*
yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=578/ytr_error=0/ytr_counter=1/ytr_host=https%3A%2F%2Fv.netici7767.repl.co%2F1.php/ytr_lang=en-sk/yt... 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yandex.ru/clck/click/dtype=stred/pid=453/cid=74096/ytr_counter_name=url_translation_time/ytr_time=578/ytr_error=0/ytr_counter=1/ytr_host=https%3A%2F%2Fv.netici7767.repl.co%2F1.php/ytr_lang=en-sk/ytr_url=https%3A%2F%2Fv.netici7767.repl.co%2F1.php/ytr_sid=cc09eeb2.64dcbb3c.cc548ce4.74722d75726c/ytr_srv=tr-url/ytr_ver=v109.1/ytr_dir=en-sk/ytr_cur_ts=1692187455306/ytr_ui_type=desktop/ytr_is_turbo=1/path=web_desktop.url/*
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.255.255.77 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id
1692187455384949-3139923731166944386-balancer-l7leveler-kubr-yp-vla-142-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __core-js_shared__ object| core object| Ya object| yt function| initTurboPageApp

6 Cookies

Domain/Path Name / Value
.yandex.com/ Name: _yasc
Value: VmY38zus3ixQJg0LG9nwIQHnwyJCw0u6wfEpACD2Ip3PrU8pGeHCmCh3pLrP
.yandex.com/ Name: i
Value: f1RB8rt98nOC9jrcFFYHo13fL7106weH7KrMK7hwG2+6Jce8DmVEkTJfGfEEqz7wxBMRgi+P0M9i+mYkqKr4H28xP/4=
.yandex.com/ Name: yandexuid
Value: 4179944711692187450
.turbopages.org/ Name: _yasc
Value: iKMlIJLAshOIi+V5wJm9CTFtR9QWHc9bNurxaVNsnsE1Dwz9I15O4uJYPk/W
.yandex.ru/ Name: i
Value: zDlJNUkesI3DyqlcWKFH/JWDyBgM5fjvIv7QuLverydSNMR4t0/xtC88qNzsL6Qg8hjYGwkvEFaXKqrj7LHmb8l8nN0=
.yandex.ru/ Name: yandexuid
Value: 8466692561692187455

2 Console Messages

Source Level URL
Text
other warning URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Message:
A preload for 'https://yastatic.net/s3/translate/v109.1/dist/scripts/bundles/turbo.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript warning URL: https://translated.turbopages.org/proxy_u/en-sk.en.3b59a852-64dcbb3a-33e790cb-74722d776562/https/v.netici7767.repl.co/1.php
Message:
The resource https://yastatic.net/s3/translate/v109.1/dist/scripts/bundles/turbo.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
podporapredplat.com
translate.yandex.com
translate.yandex.net
translated.turbopages.org
v.netici7767.repl.co
yandex.ru
yastatic.net
104.18.11.207
142.250.65.202
172.217.13.99
178.154.131.217
213.180.193.193
213.180.204.193
213.180.204.194
216.239.34.21
34.120.194.28
45.57.90.1
5.255.255.77
2532477e8d513907453281875c0094b15c2de4f140f4a009b93cc870d58c7ebe
2578d84257821ea44b1333609474b85b37e6902626f4c322d4565cf894626ee3
25fee228870a47e60a3364441f6ee08c554dcda68e14de11204643f4f11d50a0
2e68f05b126cde1fd536bdc1731b4d302b8729da3533cb45699ccc6714d2dba2
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
5da315580f658c5cf759032561f8346157dd2b47855a7a820b4fbfc2af15e706
64ff50635f01862246140b7752377d30beb0129cc2c3637b52327d0af8f2671b
69e04a5daeb29d28ea3a0621b8b42e81fea5cbf98c51260a482693abc7433ba6
6cc71e5053b6599423f3ba402e6e50c04907b9ba93c3211a56dd32e3a2e6cf4d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
89a3506e5e15a2cee9feb5422374cca721ba83ee9dfa92f26091ec0f5af51d16
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
a3262e29ede50f5466f519748606b47cd46000e99868e90f3294ff7d404d1fff
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
cc8bd510ecf0f1286a4def691fc8c24040089908c96bf6bd0608da25a530ef38
cf26c5c4ac4e79b88ab50f275bfd3afabb991240ec6f7ac3efd505d3329d4692
d83b795a23947b8db87e38319edf3f4e62e569bfe7cec19e64fb3e6dab62471f
d964e693f725d8f156dfa25536c43521e441f5ae0c709cd4cdd5feca2c4ce4a3