Report - netflixclone.azurewebsites.net/

Report Overview

Submitted URL
netflixclone.azurewebsites.net/
IP
191.235.228.36
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2024-04-19 05:43:52
Access
public
Website Title
Netflix
Final URL
netflixclone.azurewebsites.net/
Tags
netflix phishing
urlquery detections
Phishing - Netflix

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2024-04-19	443 B	74 kB	104.19.177.52
codex.nflxext.com	11577	2011-02-11	2016-09-24	2024-04-09	3.4 kB	1.8 kB	45.57.91.1
www.blogger.com	8975	1999-06-22	2012-05-22	2024-04-18	1.4 kB	74 kB	142.250.74.105
assets.nflxext.com	3871	2011-02-11	2015-07-22	2024-04-18	2.0 kB	231 kB	45.57.91.1
unpkg.com	11693	2016-01-06	2016-01-08	2024-04-18	409 B	488 B	104.17.245.203
netflixclone.azurewebsites.net	unknown	2012-01-24	2024-01-15	2024-02-01	1.2 kB	41 kB	191.235.228.36
extreme-ip-lookup.com	106576	2016-06-24	2016-07-04	2024-04-03	508 B	835 B	185.221.219.64
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-18	915 B	3.9 kB	142.250.74.35
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	702 B	46 kB	142.250.74.164
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	446 B	35 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	netflixclone.azurewebsites.net/	Netflix Inc.
2024-04-18	medium	netflixclone.azurewebsites.net/	Netflix Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	netflixclone.azurewebsites.net	Sinkholed
2024-04-19	medium	netflixclone.azurewebsites.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	netflixclone.azurewebsites.net/	126 B	2024-01-16	2024-04-19
Pretty URL netflixclone.azurewebsites.net/ IP 191.235.228.36 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-16 03:00:58 Last Seen2024-04-19 07:43:53 Times Seen3 Hash 300a015b820b699368a1b061ec7fcb9b e7167a4bcc28ff91f7f1cfa2dd9e22acdf7b2e16 4eadaa6b59c1015c0f338bd10f1f4b1b775d2bbbd56b39688cc005e293f2eee9 Loading...

	netflixclone.azurewebsites.net/	80 B	2023-03-09	2024-04-19
Pretty URL netflixclone.azurewebsites.net/ IP 191.235.228.36 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 13:19:33 Last Seen2024-04-19 07:43:53 Times Seen11 Hash 31caa306d240f5748229ef9699f5cd9e ec5828e379dc207e3af65b430b1f9b20f93323dc 2802ed175b394e679988c81977337133feae62f26398541e546deeb1c8f3eb19 Loading...

	www.blogger.com/static/v1/widgets/3929663660-widgets.js	158 kB	2024-01-16	2024-04-19
Pretty URL www.blogger.com/static/v1/widgets/3929663660-widgets.js IP 142.250.74.105 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-16 03:00:58 Last Seen2024-04-19 07:43:53 Times Seen6 Hash cf0afad9b87b0761cb6931741c8ce2fd 626ca93c0dcc2920cd94b4e6d92311aadf050ff8 2f1db4c265d15c67a56718b9521f0faff323d65af1d8bbc5a8fe0039cbdbe208 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x	75 B	2023-03-07	2024-05-02
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:59 Last Seen2024-05-02 10:46:11 Times Seen10494 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x	36 kB	2024-04-19	2024-04-19
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 07:43:53 Last Seen2024-04-19 07:43:53 Times Seen1 Hash a09979b42e84890f8ae61345afa027ed dea78f05288dd2d1a5d6fb217568b615bfe2bfd9 7badc4d2e74e3ce57d43814e26fa7916799469cd47cf8fd3f6771f41d0bc15ea Loading...

	extreme-ip-lookup.com/json/?key=ASxrQuT0kHE3jnnPPfcw&callback=jQuery112407505934161226755_1646328937919&_=1646328937920	586 B	2024-04-19	2024-04-19
Pretty URL extreme-ip-lookup.com/json/?key=ASxrQuT0kHE3jnnPPfcw&callback=jQuery112407505934161226755_1646328937919&_=1646328937920 IP 185.221.219.64 ASN #63023 AS-GLOBALTELEHOST Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 07:43:53 Last Seen2024-04-19 07:43:53 Times Seen2 Hash e9030d12ba016e2fc2225061e9328345 4cee4c9a49ff328402bff8aba8154cf7c5c36c20 2ae660b68e251e5ad69cfca802f276fb5ac7d501670efd793cc30dd50b6304bf Loading...

	netflixclone.azurewebsites.net/	13 B	2023-03-07	2024-04-30
Pretty URL netflixclone.azurewebsites.net/ IP 191.235.228.36 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:23 Last Seen2024-04-30 17:08:04 Times Seen834 Hash 1892a845aa81b9ddb8b6ef6920d742bb 0075569a5a4198b9812be41eab8956188aa19e55 6ba6c11bd8700086c8f00d11c7e22487a9c13a211f57e0cf06bb9e365fa87704 Loading...

	cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js	346 kB	2023-03-07	2024-04-19
Pretty URL cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js IP 104.19.177.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:35 Last Seen2024-04-19 07:43:53 Times Seen204 Hash 6391b7114b5be931f1cc4ed0e983c891 cd5dcad2efca5d3410d8972279a877dbe3249335 5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-05-02
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-02 08:04:33 Times Seen118964 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	netflixclone.azurewebsites.net/	1 B	2023-03-07	2024-05-02
Pretty URL netflixclone.azurewebsites.net/ IP 191.235.228.36 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-02 11:02:33 Times Seen69494 Hash 68b329da9893e34099c7d8ad5cb9c940 adc83b19e793491b1c6ea0fd8b46cd9f32e592fc 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b Loading...

HTTP Transactions (22)

URL IP Response Size

netflixclone.azurewebsites.net/

191.235.228.36

200 OK

40 kB

URL User Request GET HTTP/1.1
netflixclone.azurewebsites.net/
IP
191.235.228.36:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint57:31:90:49:91:54:73:28:AC:D8:0A:FE:96:90:9C:D6:5E:06:86:98
ValidityWed, 13 Mar 2024 01:27:25 GMT - Sat, 08 Mar 2025 01:27:25 GMT

File type
HTML document, ASCII text, with very long lines (1156), with CRLF line terminators
Size
40 kB (40354 bytes)
Hash
1f90007a1255e8baa08ed92d5b787674
8d60f7cb58d340e4be6c2f46c89b5184a5bf718a
7dc4b54f25e0b315381643ad1c4c35add3247d93a7ffc2bedb8d7e21e9f9a2fa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix
OpenPhish	phishing	Netflix Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: netflixclone.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 40354
Content-Type: text/html; charset=utf-8
Date: Fri, 19 Apr 2024 05:43:25 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: ARRAffinity=c015407f2340ab83319171108305fa1072c8452284bc5ef903dfd906b4fd7902;Path=/;HttpOnly;Secure;Domain=netflixclone.azurewebsites.net
ARRAffinitySameSite=c015407f2340ab83319171108305fa1072c8452284bc5ef903dfd906b4fd7902;Path=/;HttpOnly;SameSite=None;Secure;Domain=netflixclone.azurewebsites.net
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

104.19.177.52

200 OK

73 kB

URL GET HTTP/2
cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js
IP
104.19.177.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerCloudflare, Inc.
Subjectcookielaw.org
FingerprintC9:7F:A3:0A:53:6E:A6:6C:2F:D0:E2:2C:F5:35:B4:BC:81:90:40:31
ValidityFri, 01 Mar 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65456)
Size
73 kB (73082 bytes)
Hash
6391b7114b5be931f1cc4ed0e983c891
cd5dcad2efca5d3410d8972279a877dbe3249335
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a

HTTP Headers

GET /scripttemplates/6.6.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:43:25 GMT
content-type: application/javascript
content-length: 73082
content-encoding: gzip
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
etag: 0x8D85529F2EBAD26
x-ms-request-id: 6af8dc05-d01e-0071-3b6e-0cdfa8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 41701
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876a93b28bbb5691-OSL
X-Firefox-Spdy: h2

codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/bootstrap.js,common%7Cbootstrap.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/bck/true/none

45.57.91.1

404 Not Found

146 B

URL GET HTTP/1.1
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/bootstrap.js,common%7Cbootstrap.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/bck/true/none
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint82:39:C1:29:85:98:B9:08:D6:75:03:2D:E8:0A:86:D5:AD:C8:ED:AB
ValidityFri, 22 Mar 2024 00:00:00 GMT - Sat, 27 Apr 2024 23:55:48 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/bootstrap.js,common%7Cbootstrap.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/bck/true/none HTTP/1.1
Host: codex.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 05:43:25 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vafe38bd5/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/btzvF4DrugayCE/none/true/none

45.57.91.1

404 Not Found

146 B

URL GET HTTP/1.1
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vafe38bd5/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/btzvF4DrugayCE/none/true/none
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint18:7D:90:F6:2C:3E:4D:C5:AB:50:81:D7:B4:51:90:80:69:91:A9:2A
ValiditySat, 23 Mar 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:45:32 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vafe38bd5/css/css/less%7Clogin%7CloginBase.less,less%7Cpages%7Clogin%7CLogin.less/1/btzvF4DrugayCE/none/true/none HTTP/1.1
Host: codex.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 05:43:25 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vafe38bd5/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DrugayCE/none/true/none

45.57.91.1

404 Not Found

146 B

URL GET HTTP/1.1
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vafe38bd5/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DrugayCE/none/true/none
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint70:B4:51:8C:22:D8:D7:83:58:1D:DE:17:47:BE:D9:24:A5:0C:6E:BA
ValiditySat, 30 Mar 2024 00:00:00 GMT - Sun, 05 May 2024 23:14:44 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vafe38bd5/css/css/less%7Ccore%7Cerror-page.less/1/btzvF4DrugayCE/none/true/none HTTP/1.1
Host: codex.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 05:43:25 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

netflixclone.azurewebsites.net/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login

191.235.228.36

404 Not Found

103 B

URL GET HTTP/1.1
netflixclone.azurewebsites.net/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login
IP
191.235.228.36:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerMicrosoft Corporation
Subject*.azurewebsites.net
Fingerprint57:31:90:49:91:54:73:28:AC:D8:0A:FE:96:90:9C:D6:5E:06:86:98
ValidityWed, 13 Mar 2024 01:27:25 GMT - Sat, 08 Mar 2025 01:27:25 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
96c5637e1eb8f8f8c34172f2d23eafc6
2a416f86c3c9e26f9c34bf1f8b1bb5daa46e86f9
90b2d35cd5e08370ed20db81197dd9da1a4dbb421f71293fd5733ea49eb7b3e1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix
OpenPhish	phishing	Netflix Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=login HTTP/1.1
Host: netflixclone.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Cookie: ARRAffinity=c015407f2340ab83319171108305fa1072c8452284bc5ef903dfd906b4fd7902; ARRAffinitySameSite=c015407f2340ab83319171108305fa1072c8452284bc5ef903dfd906b4fd7902
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Length: 103
Content-Type: text/html
Date: Fri, 19 Apr 2024 05:43:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.106

200 OK

34 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 17:19:05 GMT
expires: Wed, 16 Apr 2025 17:19:05 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 217460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

extreme-ip-lookup.com/json/?key=ASxrQuT0kHE3jnnPPfcw&callback=jQuery112407505934161226755_1646328937919&_=1646328937920

185.221.219.64

200 OK

586 B

URL GET HTTP/2
extreme-ip-lookup.com/json/?key=ASxrQuT0kHE3jnnPPfcw&callback=jQuery112407505934161226755_1646328937919&_=1646328937920
IP
185.221.219.64:443
ASN
#63023 AS-GLOBALTELEHOST

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerLet's Encrypt
Subjectt1.extreme-dm.com
Fingerprint4C:60:6A:96:28:0C:ED:BC:D8:5E:34:36:C7:1B:6B:50:76:79:08:BD
ValidityWed, 10 Apr 2024 23:33:47 GMT - Tue, 09 Jul 2024 23:33:46 GMT

File type
ASCII text
Size
586 B (586 bytes)
Hash
e9030d12ba016e2fc2225061e9328345
4cee4c9a49ff328402bff8aba8154cf7c5c36c20
2ae660b68e251e5ad69cfca802f276fb5ac7d501670efd793cc30dd50b6304bf

HTTP Headers

GET /json/?key=ASxrQuT0kHE3jnnPPfcw&callback=jQuery112407505934161226755_1646328937919&_=1646328937920 HTTP/1.1
Host: extreme-ip-lookup.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 05:43:25 GMT
content-type: text/javascript; charset=utf-8;
content-length: 586
access-control-allow-origin: *
access-control-allow-headers: *
cache-control: max-age=3600
X-Firefox-Spdy: h2

codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/components%7Clogin%7CloginControllerClient.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/l/true/none

45.57.91.1

404 Not Found

146 B

URL GET HTTP/1.1
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/components%7Clogin%7CloginControllerClient.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/l/true/none
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint18:7D:90:F6:2C:3E:4D:C5:AB:50:81:D7:B4:51:90:80:69:91:A9:2A
ValiditySat, 23 Mar 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:45:32 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/components%7Clogin%7CloginControllerClient.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/l/true/none HTTP/1.1
Host: codex.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

www.blogger.com/static/v1/widgets/3929663660-widgets.js

142.250.74.105

200 OK

57 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/3929663660-widgets.js
IP
142.250.74.105:443
ASN
#15169 GOOGLE

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17
ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT

File type
JavaScript source, ASCII text, with very long lines (2230)
Size
57 kB (57177 bytes)
Hash
cf0afad9b87b0761cb6931741c8ce2fd
626ca93c0dcc2920cd94b4e6d92311aadf050ff8
2f1db4c265d15c67a56718b9521f0faff323d65af1d8bbc5a8fe0039cbdbe208

HTTP Headers

GET /static/v1/widgets/3929663660-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 57177
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 12:47:00 GMT
expires: Fri, 18 Apr 2025 12:47:00 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 01 Mar 2022 04:52:44 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 60986
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.blogger.com/static/v1/widgets/1938605287-css_bundle_v2.css

142.250.74.105

200 OK

8.0 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/1938605287-css_bundle_v2.css
IP
142.250.74.105:443
ASN
#15169 GOOGLE

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17
ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT

File type
ASCII text, with very long lines (37011)
Size
8.0 kB (7999 bytes)
Hash
3595533b94ff638c9ffe28fddffa0deb
8238b852178ead799dc55bf11752494f6dd75cc6
765601709b703cd426bea3c604efc4a3efcf22e886eb8b78f4521b5d5f8d0482

HTTP Headers

GET /static/v1/widgets/1938605287-css_bundle_v2.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 7999
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 09:39:28 GMT
expires: Fri, 18 Apr 2025 09:39:28 GMT
cache-control: public, max-age=31536000
age: 72238
last-modified: Wed, 27 Mar 2019 18:23:10 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assets.nflxext.com/ffe/siteui/login/images/FB-f-Logo__blue_57.png

45.57.91.1

200 OK

1.5 kB

URL GET HTTP/1.1
assets.nflxext.com/ffe/siteui/login/images/FB-f-Logo__blue_57.png
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint18:7D:90:F6:2C:3E:4D:C5:AB:50:81:D7:B4:51:90:80:69:91:A9:2A
ValiditySat, 23 Mar 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:45:32 GMT

File type
PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced
Size
1.5 kB (1455 bytes)
Hash
a33ca47ef110b6e3ec5086b8776407d3
dff5bbbe61b4920a23fb21a7fca69ca9e94dcb6c
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

HTTP Headers

GET /ffe/siteui/login/images/FB-f-Logo__blue_57.png HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: image/png
Content-Length: 1455
Connection: keep-alive
Content-MD5: ozykfvEQtuPsUIa4d2QH0w==
Last-Modified: Thu, 30 Jun 2016 17:48:49 GMT
Cache-Control: max-age=604801
Expires: Fri, 26 Apr 2024 05:43:27 GMT
Accept-Ranges: bytes

www.blogger.com/static/v1/widgets/1324390690-widget_css_bundle.css

142.250.74.105

200 OK

6.6 kB

URL GET HTTP/2
www.blogger.com/static/v1/widgets/1324390690-widget_css_bundle.css
IP
142.250.74.105:443
ASN
#15169 GOOGLE

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerGoogle Trust Services LLC
Subject*.blogger.com
Fingerprint5D:70:C7:7E:E0:07:E9:55:1A:FB:FE:80:60:2A:E6:A1:7B:C8:83:17
ValidityMon, 04 Mar 2024 06:32:21 GMT - Mon, 27 May 2024 06:32:20 GMT

File type
ASCII text, with very long lines (30707)
Size
6.6 kB (6648 bytes)
Hash
19c0afef35d79941ee24f56cdfb5da65
8e038ce1797f40be920cbd3f479fb053c488523a
2936f2b458305ba76d2cc0bbea050640bcb68a0c7adf470d024e8da0c4f9130d

HTTP Headers

GET /static/v1/widgets/1324390690-widget_css_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6648
date: Fri, 19 Apr 2024 05:43:26 GMT
expires: Sat, 19 Apr 2025 05:43:26 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Mar 2022 06:52:27 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/bootstrap.js,common%7Cbootstrap.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/bck/true/none

45.57.91.1

404 Not Found

146 B

URL GET HTTP/1.1
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/bootstrap.js,common%7Cbootstrap.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/bck/true/none
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint82:39:C1:29:85:98:B9:08:D6:75:03:2D:E8:0A:86:D5:AD:C8:ED:AB
ValidityFri, 22 Mar 2024 00:00:00 GMT - Sat, 27 Apr 2024 23:55:48 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/bootstrap.js,common%7Cbootstrap.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/bck/true/none HTTP/1.1
Host: codex.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

assets.nflxext.com/ffe/siteui/vlv3/03fdc4bf-72f6-4926-83a7-a76e6a1a5591/ab813249-819d-454c-b0af-0348984dd9df/VE-es-20211115-popsignuptwoweeks-perspective_alpha_website_medium.jpg

45.57.91.1

200 OK

209 kB

URL GET HTTP/1.1
assets.nflxext.com/ffe/siteui/vlv3/03fdc4bf-72f6-4926-83a7-a76e6a1a5591/ab813249-819d-454c-b0af-0348984dd9df/VE-es-20211115-popsignuptwoweeks-perspective_alpha_website_medium.jpg
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint82:39:C1:29:85:98:B9:08:D6:75:03:2D:E8:0A:86:D5:AD:C8:ED:AB
ValidityFri, 22 Mar 2024 00:00:00 GMT - Sat, 27 Apr 2024 23:55:48 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3
Size
209 kB (209119 bytes)
Hash
3b32d547906fedda26ea1b41e9008b72
730f723756daa86c6092ea75f582d28fd54e1b02
2989e09b6f4cda03a3436c6692a47f3debbf633914bec0b8a3ab2186036e45fc

HTTP Headers

GET /ffe/siteui/vlv3/03fdc4bf-72f6-4926-83a7-a76e6a1a5591/ab813249-819d-454c-b0af-0348984dd9df/VE-es-20211115-popsignuptwoweeks-perspective_alpha_website_medium.jpg HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: image/jpeg
Content-Length: 209119
Connection: keep-alive
Accept-Ranges: bytes
Content-MD5: OzLVR5Bv7dom6htB6QCLcg==
Last-Modified: Wed, 17 Nov 2021 13:51:31 GMT
Cache-Control: max-age=604801
Expires: Fri, 26 Apr 2024 05:43:27 GMT

codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/components%7Clogin%7CloginControllerClient.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/l/true/none

45.57.91.1

404 Not Found

146 B

URL GET HTTP/1.1
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/components%7Clogin%7CloginControllerClient.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/l/true/none
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint18:7D:90:F6:2C:3E:4D:C5:AB:50:81:D7:B4:51:90:80:69:91:A9:2A
ValiditySat, 23 Mar 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:45:32 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /%5E3.0.0/truthBundle/webui/1.22.5-shakti-js-vafe38bd5/js/js/components%7Clogin%7CloginControllerClient.js/2/0c3d022T2M052J2Y3c070m003e2X38092Q2_2V372N2Z302G0139/l/true/none HTTP/1.1
Host: codex.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.png

45.57.91.1

200 OK

1.8 kB

URL GET HTTP/1.1
assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.png
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint82:39:C1:29:85:98:B9:08:D6:75:03:2D:E8:0A:86:D5:AD:C8:ED:AB
ValidityFri, 22 Mar 2024 00:00:00 GMT - Sat, 27 Apr 2024 23:55:48 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1755 bytes)
Hash
3d194514babc5d7d010308a0f808ca51
867e51e9b4a474c19da52d6454076c007a9d01f2
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a

HTTP Headers

GET /us/ffe/siteui/common/icons/nficon2016.png HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: image/png
Content-Length: 1755
Connection: keep-alive
Content-MD5: PRlFFLq8XX0BAwig+AjKUQ==
Last-Modified: Tue, 21 Jun 2016 22:29:33 GMT
Cache-Control: max-age=604801
Expires: Fri, 26 Apr 2024 05:43:27 GMT
Accept-Ranges: bytes

assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.ico

45.57.91.1

200 OK

17 kB

URL GET HTTP/1.1
assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.ico
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint18:7D:90:F6:2C:3E:4D:C5:AB:50:81:D7:B4:51:90:80:69:91:A9:2A
ValiditySat, 23 Mar 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:45:32 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

HTTP Headers

GET /us/ffe/siteui/common/icons/nficon2016.ico HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 05:43:26 GMT
Content-Type: image/x-icon
Content-Length: 16958
Connection: keep-alive
Content-MD5: QbRf3OCb1qzQfHqJSdpnXg==
Last-Modified: Tue, 21 Jun 2016 21:54:27 GMT
Cache-Control: max-age=604801
Expires: Fri, 26 Apr 2024 05:43:27 GMT
Accept-Ranges: bytes

www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1620 bytes)
Hash
f6536498ff923253f54d4c21f723310b
57c17df6c97c2d58950f7bf2aca9c760104306ed
c0855f5bbc774b268fd2d74d815b7ef279ddee729a8876cb8833916844dca2a5

HTTP Headers

GET /recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 05:43:26 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__es_419.js

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__es_419.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1625 bytes)
Hash
e17045887b73d74138b6bba928421235
213831a78a6a20d39ed27706003b85a9e4f0457c
2fbe0c03ab98d7a4c580205aa47d5e8fb11ddcee64b15fb2ea4ffdfe97310ba5

HTTP Headers

GET /recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__es_419.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Fri, 19 Apr 2024 05:43:26 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x

142.250.74.164

200 OK

45 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06
ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT

File type
HTML document, ASCII text, with very long lines (36124)
Size
45 kB (45035 bytes)
Hash
77d312ee7696bf0c191f7bb716632861
c997cbdb5530b6ce610b935b8c13807080534aea
d00adae1f0a57f48cff73bdf0eaad9fb6bca106c8b4e0cc7d240ccc60dc69f2b

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR&co=aHR0cHM6Ly93d3cubmV0ZmxpeC5jb206NDQz&hl=es-419&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&cb=pj9uadl7yr2x HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 05:43:26 GMT
content-security-policy: script-src 'nonce-mBzUdcwoMdZBNRYR12WQsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unpkg.com/vue@next

104.17.245.203

404 Not Found

0 B

URL GET HTTP/2
unpkg.com/vue@next
IP
104.17.245.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://netflixclone.azurewebsites.net/
Certificate
IssuerGoogle Trust Services LLC
Subjectunpkg.com
Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3
ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vue@next HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://netflixclone.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 05:43:25 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
content-encoding: br
etag: W/"1c-sVVXpjtGC8PQTRTKVtzRAMGF6uU"
via: 1.1 fly.io
fly-request-id: 01HVTE32W8FJTKKR83NEZZ9NH0-arn
cf-cache-status: EXPIRED
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 876a93b25aad56c6-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML