urlscan.io logo urlscan.io
SecurityTrails logo

dhammaparami.lk Open in urlscan Pro
107.155.77.34  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wee.so/8qaar
Effective URL: https://dhammaparami.lk/homesign/net/login.php
Submission Tags: phishing malicious Search All
Submission: On November 28 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 22 HTTP transactions. The main IP is 107.155.77.34, located in Dallas, United States and belongs to HVC-AS, US. The main domain is dhammaparami.lk.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 15th 2023. Valid for: 3 months.
This is the only time dhammaparami.lk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 192.124.249.11 30148 (SUCURI-SEC)
3 13 107.155.77.34 29802 (HVC-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:86c0:209... 40027 (NETFLIX-ASN)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 6
1    192.124.249.11 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10011.sucuri.net
wee.so
13    107.155.77.34 (Dallas, United States)

ASN29802 (HVC-AS, US)
PTR: ultra.lankahost.net
dhammaparami.lk
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)
assets.nflxext.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 dhammaparami.lk
dhammaparami.lk
200 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 MB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
1 nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 5083
72 KB
1 wee.so
wee.so
1 KB
22 5
Domain Requested by
13 dhammaparami.lk 3 redirects dhammaparami.lk
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com dhammaparami.lk
www.gstatic.com
www.google.com
1 fonts.gstatic.com www.google.com
1 assets.nflxext.com dhammaparami.lk
1 wee.so 1 redirects
22 6

This site contains no links.

Subject Issuer Validity Valid
dhammaparami.lk
cPanel, Inc. Certification Authority		 2023-10-15 -
2024-01-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.1.nflxso.net
DigiCert Secure Site ECC CA-1		 2023-11-01 -
2023-12-04		 a month crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://dhammaparami.lk/homesign/net/login.php
Frame ID: E4C82D2CBD843221D5B93781029A0B42
Requests: 13 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
Frame ID: EA49193A45C883DFDF79980291A1F2FF
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V
Frame ID: 7817DACEDE0BECD98BE55C36C6DC5AD0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix

Page URL History Show full URLs

  1. https://wee.so/8qaar HTTP 301
    https://dhammaparami.lk/homesign HTTP 301
    https://dhammaparami.lk/homesign/ HTTP 302
    https://dhammaparami.lk/homesign/net/ HTTP 302
    https://dhammaparami.lk/homesign/net/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

22
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1776 kB
Transfer

2254 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wee.so/8qaar HTTP 301
    https://dhammaparami.lk/homesign HTTP 301
    https://dhammaparami.lk/homesign/ HTTP 302
    https://dhammaparami.lk/homesign/net/ HTTP 302
    https://dhammaparami.lk/homesign/net/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
dhammaparami.lk/homesign/net/
Redirect Chain
  • https://wee.so/8qaar
  • https://dhammaparami.lk/homesign
  • https://dhammaparami.lk/homesign/
  • https://dhammaparami.lk/homesign/net/
  • https://dhammaparami.lk/homesign/net/login.php
38 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed / PHP/7.2.34
Resource Hash
fbc7ff27c23f244cee84c40b602249062b526e868ea0e8e2d91c551ad60ff0a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
4329
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 16:29:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 16:29:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
login.php
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.2.34
none.css
dhammaparami.lk/homesign/net/files/css/ 		145 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/files/css/none.css
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
996606e12517e3bb57e0a5f01fed3d7144e2d07a4d8076717a90285c351fa835

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18440
expires
Tue, 05 Dec 2023 16:29:59 GMT
none2.css
dhammaparami.lk/homesign/net/files/css/ 		163 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/files/css/none2.css
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
72b3228cb98385052ac5e8e287ad5e563cd7e4f7943bfc23090dc9c4776e72dd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22299
expires
Tue, 05 Dec 2023 16:29:59 GMT
modernizr.min.js
dhammaparami.lk/homesign/net/files/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/files/js/modernizr.min.js
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1634
expires
Tue, 05 Dec 2023 16:29:59 GMT
jquery.js
dhammaparami.lk/homesign/net/files/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/files/js/jquery.js
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29615
expires
Tue, 05 Dec 2023 16:29:59 GMT
jquery.ccvalid.js
dhammaparami.lk/homesign/net/files/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/files/js/jquery.ccvalid.js
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1800
expires
Tue, 05 Dec 2023 16:29:59 GMT
jquery.mask.js
dhammaparami.lk/homesign/net/files/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dhammaparami.lk/homesign/net/files/js/jquery.mask.js
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
38c89b667f0b98ab618ce6eef2947a58b9cac93e4dce667fec781562c34cd66e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3199
expires
Tue, 05 Dec 2023 16:29:59 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1dd0bece16a24e16ee8d713bb7df4c7c658de5b4857d06caf75cb7a3238b0280
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 28 Nov 2023 16:29:59 GMT
bg.jpg
dhammaparami.lk/homesign/net/files/img/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhammaparami.lk/homesign/net/files/img/bg.jpg
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
cde4074549e72df2b148594b13728b01118887d02d99e5e7d67c5d1e54cc6669

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
120105
expires
Tue, 05 Dec 2023 16:29:59 GMT
logo.svg
dhammaparami.lk/homesign/net/files/img/ 		864 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhammaparami.lk/homesign/net/files/img/logo.svg
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
8a421d5798accee1c284865ac05cee792ad3f6bcb3c70ce1dcb954d23e86fdad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
content-encoding
br
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
498
expires
Tue, 05 Dec 2023 16:29:59 GMT
fb.png
dhammaparami.lk/homesign/net/files/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhammaparami.lk/homesign/net/files/img/fb.png
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/login.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.155.77.34 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS
ultra.lankahost.net
Software
LiteSpeed /
Resource Hash
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dhammaparami.lk/homesign/net/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:29:59 GMT
last-modified
Wed, 10 Aug 2022 00:53:02 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1455
expires
Tue, 05 Dec 2023 16:29:59 GMT
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: dhammaparami.lk
URL: https://dhammaparami.lk/homesign/net/files/css/none.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer
https://dhammaparami.lk/
Origin
https://dhammaparami.lk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 16:29:59 GMT
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73572
Expires
Tue, 05 Dec 2023 16:30:00 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 		467 KB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dhammaparami.lk/
Origin
https://dhammaparami.lk
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:36:47 GMT
x-content-type-options
nosniff
age
294792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
477845
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:36:47 GMT
anchor
www.google.com/recaptcha/api2/ Frame EA49 		61 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e62b13dec81d88f8fa207718edaec5ceb3c79019c00d19f8026ffa5e903485dc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-thQvES-jxQ8R6yxnUlyTTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dhammaparami.lk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-thQvES-jxQ8R6yxnUlyTTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:30:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame EA49 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 08:31:38 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame EA49 		467 KB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:36:47 GMT
x-content-type-options
nosniff
age
294793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
477845
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:36:47 GMT
truncated
/ Frame EA49 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EA49 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EA49 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:04:28 GMT
x-content-type-options
nosniff
age
73532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 04 Dec 2023 20:04:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EA49 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:26:56 GMT
x-content-type-options
nosniff
age
406984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:26:56 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EA49 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
57179112de4d4b4e1d1b6c501c17a9e90fc8517e5160d82ef95083fe69b1e1be
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V&co=aHR0cHM6Ly9kaGFtbWFwYXJhbWkubGs6NDQz&hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&size=normal&cb=3vvny8pmhns
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 16:30:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 28 Nov 2023 16:30:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 7817 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6aa1ff73da89326f0075d3124a336b5f18c0bf639c4f7c7590f49b73ad4849d2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yJjyr-QXbDAn0a1TTsCFJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dhammaparami.lk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yJjyr-QXbDAn0a1TTsCFJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 16:30:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7817 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 08:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 08:31:38 GMT
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 7817 		467 KB
467 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__nl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=nl&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6LcmVR0pAAAAAFcAhNTnoonsI-0Ljw6uNEZ-jY3V
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:36:47 GMT
x-content-type-options
nosniff
age
294793
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
477845
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:36:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| html5 object| Modernizr function| $ function| jQuery object| $jscomp function| isEmail function| submitForm object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_700161

4 Cookies

Domain/Path Name / Value
wee.so/ Name: XSRF-TOKEN
Value: eyJpdiI6Ik1ma21XaGNQVzFKSjJvOVZ3N3BUY2c9PSIsInZhbHVlIjoiXC9vWmhFa3drVDZuYUZ1SWRlTXUwNjZHUE9LZW1iY053dlZxSFBxdFM5NGZlNHhpdHl0RUxobjlUbFpaQ3RKbW9STlltYWpUcm04U0FTSFdcLzg2TW1NcHFScURxaSthTXU2U0FiV0I3R1pnRXdPeGZGN0N4TzZ3NGVIa3BNblp3aSIsIm1hYyI6IjQxOTNmOGM3YmQ1ZmI0YTBlMWE5Y2Q3NTc5ZmRkMzE2ZWY2ZWI2NmMzZTcyMWY2MzU2Y2ViOGE3ZTRlNDkwYmYifQ%3D%3D
wee.so/ Name: wee_session
Value: eyJpdiI6IlJYSk1aSDNxQW5IU3RwUjNhVWRrRmc9PSIsInZhbHVlIjoiTVlZOURPV2g3TFBvblwvb1p4WWtCamVhc1lacEVFeWVxMVNFNHN3V0dsaVFnOTBTM3pLalZTK2c0TWV6aXJobDRneXBjUlJRTTc2Rm1uZ2s5dFZGY3NhdlwvdjBrNjdXWHd2SzM4WHJkc2xmZEFVb3NiMkNJaHdCN0NRV0o4cmp5TSIsIm1hYyI6IjYwMDY1YzYwMTA0MDJkMzBkNjJiMWM5NDIwODRkNjJlODFmZTBjNzcyMTc1Y2RmNDMyZjU1MDZjOGQyYzMzOGMifQ%3D%3D
wee.so/ Name: dark_mode
Value: 0
dhammaparami.lk/ Name: PHPSESSID
Value: cdc83aad8753b07e0d033770fe420114

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
dhammaparami.lk
fonts.gstatic.com
wee.so
www.google.com
www.gstatic.com
107.155.77.34
192.124.249.11
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a00:86c0:2090::1
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dd0bece16a24e16ee8d713bb7df4c7c658de5b4857d06caf75cb7a3238b0280
38c89b667f0b98ab618ce6eef2947a58b9cac93e4dce667fec781562c34cd66e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
47b778cb62a7d3b5e4a6f2e355403ede9f49a6a533110ac3039e2c5f4714aa78
57179112de4d4b4e1d1b6c501c17a9e90fc8517e5160d82ef95083fe69b1e1be
6aa1ff73da89326f0075d3124a336b5f18c0bf639c4f7c7590f49b73ad4849d2
72b3228cb98385052ac5e8e287ad5e563cd7e4f7943bfc23090dc9c4776e72dd
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8603b20b548270423fb03c2138c16f5f863ead4c48eb0999167df869e2eef8a6
8a421d5798accee1c284865ac05cee792ad3f6bcb3c70ce1dcb954d23e86fdad
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
996606e12517e3bb57e0a5f01fed3d7144e2d07a4d8076717a90285c351fa835
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
ca83477931d09aca84c55e779bb2e6ef502b1af1bef668de771b8209a43eb11b
cde4074549e72df2b148594b13728b01118887d02d99e5e7d67c5d1e54cc6669
e62b13dec81d88f8fa207718edaec5ceb3c79019c00d19f8026ffa5e903485dc
fbc7ff27c23f244cee84c40b602249062b526e868ea0e8e2d91c551ad60ff0a1