{"report_id":"6ec06b14-41e5-46a1-b3e4-d70841a35c60","version":6,"status":"done","tags":["netflix","phishing"],"date":"2026-03-01T00:28:45Z","url":{"schema":"http","addr":"netfdel.com","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"netfdel.com/","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"title":"Netflix","dom":{"size":612,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"c29cfad393d2e361a9bcf7ab33b094cd","sha1":"dcbc1ffae0ded9427f0c8fa56891fd67cf115aa6","sha256":"7501300c67a3f2ec6530a5f6cf29b7a136aa2b92d7a1b5aa7a91f5dfb9c0d820","sha512":"c02499805c87c62d657ac92daad84ab09f2c2e0fc9fc49c30ff66b64e0b3ee42a688249a4076b5af50f1c3548bef15a38ff30dbd259fae4bf5167597a87d260a","ssdeep":"","tlshash":"79f0d807da400a27d27706947d91ea0c25c6db08c3429e0016bbd0e819dced2cc9b5a8","dom_hash":"domhashe515461a4e04d701fb830f42c63ff721","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"netfdel.com","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-05T00:28:45Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"summary":[{"fqdn":"netfdel.com","ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-12-30","domain_rank":0,"first_seen":"2026-03-01T00:03:16.787044Z","last_seen":"2026-03-01T00:03:16.787044Z","alert_count":4,"request_count":4,"received_data":492455,"sent_data":1757,"comment":"","tags":null,"fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":4074,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":2,"received_data":65886,"sent_data":1072,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"netfdel.com/assets/index-DAUy_0er.js","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"c1c86ea759fc4f026e5a8af1bc2b9b8e","sha1":"748176297e0fb218001c8cf5f560ebad1ed29be9","sha256":"00992883a0c251e11c9e5ecbb291b34e8d0440a4b2665b619506a95d52c2aa52","sha512":"074ea7761db27c4914cbef40313534b39f52c12d5d7a25a52b65bac406ba9f4b6310905d7bcf512184517812b740cfe5d5b7a92e69a4b5a1a365efe7e5a2826c","ssdeep":"6144:wZpilEgd3grjK9sB71n+bJQPn5eGz/suaFhFEbKGR9tVsP7yVjAI9loLmr:wZpGd3grasbvOStMwziE","tlshash":"45a45dd832aab5224be646e5507b0103b33d1826340c8478f66cedea79b584561bfffd","size":483143,"data":"","first_seen":"2026-03-01T00:03:22.565809Z","last_seen":"2026-03-01T20:01:37.083767Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"netfdel.com/assets/index-UCbbsWBB.css","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://netfdel.com/","date":"2026-03-01T00:28:23.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"netfdel.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 00:26:33 GMT","end":"Fri, 29 May 2026 00:26:32 GMT"},"fingerprint":{"sha1":"3E:67:9C:A0:D1:E4:23:DF:15:51:BF:C6:B8:7C:2A:41:B4:A7:9C:8F","sha256":"06:D8:04:40:8E:22:3A:BB:6E:46:DB:8C:61:A1:13:3D:54:54:CF:33:4D:E1:3E:89:CC:7A:7B:C5:43:CB:8A:58"}}},"request":{"raw":"GET /assets/index-UCbbsWBB.css HTTP/1.1\r\nHost: netfdel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netfdel.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 1542\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 00:28:23 GMT\r\netag: \"7f0eac07cb78e50ff396a08c0c010461-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJKCQPY8FATNZRYBG2QDJY7M\r\ncontent-length: 1727\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5610,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (5609)","md5":"fc2749e96e8b70f0fbf27f48756463b3","sha1":"fc18f7c50dbc37c8ffefae4ac328cb44bb02e4d0","sha256":"047ab6b6efaabb037a9e553146e678f38ceb49d228fc7e0ae157d3e6fe0382ba","sha512":"3b065fc551b816f5214e8c9e96c83175dac4dceddec9c02b400f6f66958768eccfaaf0c3837d8c5be55cc74898a153b1d87553b910975478be4ad91486e13563","ssdeep":"48:2ugLKHCexTq9LzZwg2/8XsNAizWVJb/EJBB4a+X/ZFfnTVpz6bZyzGFfUMFzQSJl:2uyCCeyarS9VJ6Y5ObdkSgPCN3GOhB","tlshash":"f0c19675fa445029f023c1a5b6e0aadd66285452d4274fafbda7e4b4cac72e70632f0c","first_seen":"2026-03-01T00:03:22.574301Z","last_seen":"2026-04-08T20:49:50.810112Z","times_seen":7,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"netfdel.com/assets/index-DAUy_0er.js","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://netfdel.com/","date":"2026-03-01T00:28:23.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"netfdel.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 00:26:33 GMT","end":"Fri, 29 May 2026 00:26:32 GMT"},"fingerprint":{"sha1":"3E:67:9C:A0:D1:E4:23:DF:15:51:BF:C6:B8:7C:2A:41:B4:A7:9C:8F","sha256":"06:D8:04:40:8E:22:3A:BB:6E:46:DB:8C:61:A1:13:3D:54:54:CF:33:4D:E1:3E:89:CC:7A:7B:C5:43:CB:8A:58"}}},"request":{"raw":"GET /assets/index-DAUy_0er.js HTTP/1.1\r\nHost: netfdel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netfdel.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 1542\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 00:28:23 GMT\r\netag: \"70058d4f24f87bca247367c369eb07d3-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJKCQPY8V7M35ZQ4G6HXY4XD\r\ncontent-length: 145301\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":483143,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (33671)","md5":"c1c86ea759fc4f026e5a8af1bc2b9b8e","sha1":"748176297e0fb218001c8cf5f560ebad1ed29be9","sha256":"00992883a0c251e11c9e5ecbb291b34e8d0440a4b2665b619506a95d52c2aa52","sha512":"074ea7761db27c4914cbef40313534b39f52c12d5d7a25a52b65bac406ba9f4b6310905d7bcf512184517812b740cfe5d5b7a92e69a4b5a1a365efe7e5a2826c","ssdeep":"6144:wZpilEgd3grjK9sB71n+bJQPn5eGz/suaFhFEbKGR9tVsP7yVjAI9loLmr:wZpGd3grasbvOStMwziE","tlshash":"45a45dd832aab5224be646e5507b0103b33d1826340c8478f66cedea79b584561bfffd","first_seen":"2026-03-01T00:03:22.565809Z","last_seen":"2026-03-01T20:01:37.083767Z","times_seen":5,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":86,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Outfit:wght@300;400;600;700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://netfdel.com/","date":"2026-03-01T00:28:23.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css2?family=Outfit:wght@300;400;600;700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netfdel.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Mar 2026 00:28:24 GMT\r\ndate: Sun, 01 Mar 2026 00:28:24 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3388,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"156531602f19bb575e3a101be8678cbd","sha1":"9fbaf18bfe689c32bcd6a97b249cca3e6669d8ed","sha256":"b33da2ce9fba79d201d0a84f5ea5ce2e630afbe3f9db016ac027f943daaa8c05","sha512":"d853cd1040aa3a430454a3dd7f6e8d9580471f5633cc6d2a07f6ab81e0b9a4023e048c47067d63e0b4fe842449a422b4ad8a14ef416d03aad9f2f1aeee935f20","ssdeep":"","tlshash":"6061dca1042ba144df970cc222ce7e33ef5f62516444d934affe1899ac6bd5a835770d","first_seen":"2025-11-11T14:27:20.977987Z","last_seen":"2026-06-06T16:16:27.056435Z","times_seen":77,"resource_available":false,"data":null}},"time_used":457,"timings":{"blocked":210,"dns":0,"connect":20,"send":0,"wait":32,"receive":0,"ssl":193},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://netfdel.com/","date":"2026-03-01T00:28:24.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://netfdel.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 08:42:15 GMT\r\nexpires: Fri, 26 Feb 2027 08:42:15 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nage: 229569\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-06-07T05:26:46.524433Z","times_seen":20615,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":112,"dns":1,"connect":21,"send":0,"wait":22,"receive":22,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://netfdel.com/","date":"2026-03-01T00:28:24.362Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtqUYTkntBJ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://netfdel.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32108\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 08:42:15 GMT\r\nexpires: Fri, 26 Feb 2027 08:42:15 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:18:28 GMT\r\ncontent-type: font/woff2\r\nage: 229569\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32108,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32108, version 1.0","md5":"e414fe5664f376c8f145acd792939183","sha1":"5b69d46adc3a06af762193adb2dddbc359b2e786","sha256":"fa31c7981483e52cbb8b8bc1eb0dc6326f160b8699cc0899349f977f0517a9df","sha512":"51c251910e5cce616b3c336bcb63853f83c306e16e9b79e0a18f924a738ba06b3e2cb8132ff9bc6e720527234eb80e90be2625b860e1728b66d4fe86ac9bafe5","ssdeep":"768:gUX6jLkDeuAkZHs27nAflEFIapAgCauwIFPo3zjERcgmcjz:3X6tkpNAf6FIapAgCaMFozInjz","tlshash":"6ee2e14f8beb009ef3828a7812c46b3195b305d569cbfa901eef85d76b5c247c1474a8","first_seen":"2025-09-05T02:25:45.343777Z","last_seen":"2026-06-07T05:26:46.524433Z","times_seen":20615,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":153,"dns":1,"connect":21,"send":0,"wait":21,"receive":8,"ssl":128},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"netfdel.com/vite.svg","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://netfdel.com/","date":"2026-03-01T00:28:24.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"netfdel.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 00:26:33 GMT","end":"Fri, 29 May 2026 00:26:32 GMT"},"fingerprint":{"sha1":"3E:67:9C:A0:D1:E4:23:DF:15:51:BF:C6:B8:7C:2A:41:B4:A7:9C:8F","sha256":"06:D8:04:40:8E:22:3A:BB:6E:46:DB:8C:61:A1:13:3D:54:54:CF:33:4D:E1:3E:89:CC:7A:7B:C5:43:CB:8A:58"}}},"request":{"raw":"GET /vite.svg HTTP/1.1\r\nHost: netfdel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://netfdel.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 1542\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; hit\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\ndate: Sun, 01 Mar 2026 00:28:24 GMT\r\netag: \"4ce8f387b133dd44fc987dbd756cb65a-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KJKCQQKTN65XGMC1T2128SG1\r\ncontent-length: 715\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1497,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"8e3a10e157f75ada21ab742c022d5430","sha1":"f7f39d7237b791a945d52a5cd7a8fb365f313366","sha256":"4a748afd443918bb16591c834c401dae33e87861ab5dbad0811c3a3b4a9214fb","sha512":"fbf065e26d907454cb432a17d831f448e1c3df0f33cd681ccc52b63e5bc26bc9e4de08591a2de579e5b05219fcffd3b4d4261ada6fa55299e731343df860488d","ssdeep":"","tlshash":"2031451fda7fd4fec0a6cb48e612b047962c30d95e41c5b4d9845f0e64a19f17c0aa64","first_seen":"2023-05-18T16:20:30Z","last_seen":"2026-06-07T04:51:49.092684Z","times_seen":5418,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"netfdel.com/","fqdn":"netfdel.com","domain":"netfdel.com","tld":"com"},"ip":{"addr":"63.176.8.218","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-01T00:28:23.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"netfdel.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sat, 28 Feb 2026 00:26:33 GMT","end":"Fri, 29 May 2026 00:26:32 GMT"},"fingerprint":{"sha1":"3E:67:9C:A0:D1:E4:23:DF:15:51:BF:C6:B8:7C:2A:41:B4:A7:9C:8F","sha256":"06:D8:04:40:8E:22:3A:BB:6E:46:DB:8C:61:A1:13:3D:54:54:CF:33:4D:E1:3E:89:CC:7A:7B:C5:43:CB:8A:58"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: netfdel.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 00:28:23 GMT\r\netag: \"4bf210febf26307f088f092fd034053e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KJKCQPNJ76AHMGQQSB9QR01C\r\ncontent-length: 434\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":434,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"7391c483d14fd94b477856936c42d6b2","sha1":"ec1adb3028f0316e61a9c56a1ea7951671c929eb","sha256":"5892a41f27318caf2dad963af2c4f291291914b0740f8f862c1290f43e2c2143","sha512":"7c2c9bfa02840f27f7b3392d8edefa08d32ad875514351b4294a610295932613c4fb2f6d1c9905c5d6874997a9ecf7548d32237f62132beffe4a331ea4b7e8fc","ssdeep":"","tlshash":"e4e05546c800891ac23007786e81e508918bea948789ae4466eba07d5884785cebf9f8","first_seen":"2026-03-01T00:03:22.563139Z","last_seen":"2026-03-01T20:01:37.082175Z","times_seen":5,"resource_available":false,"data":null}},"time_used":545,"timings":{"blocked":200,"dns":22,"connect":28,"send":0,"wait":144,"receive":0,"ssl":148},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Netflix","verdict":"phishing","severity":"medium","comment":"Associated with Netflix phishing","tags":["netflix","phishing"],"meta":null}]}}]}