urlscan.io logo urlscan.io
SecurityTrails logo

mobilecurlygzip.cosmico.repl.co Open in urlscan Pro
35.186.245.55  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://mobilecurlygzip.cosmico.repl.co/
Submission: On June 29 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 30 HTTP transactions. The main IP is 35.186.245.55, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is mobilecurlygzip.cosmico.repl.co.
TLS certificate: Issued by R3 on June 12th 2022. Valid for: 3 months.
This is the only time mobilecurlygzip.cosmico.repl.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
3 35.186.245.55 15169 (GOOGLE)
9 2a00:86c0:209... 40027 (NETFLIX-ASN)
5 2001:8f8:0:13... 8966 (ETISALAT-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a05:d018:76c... 16509 (AMAZON-02)
2 2a01:578:3::3... 16509 (AMAZON-02)
30 8
3    35.186.245.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.245.186.35.bc.googleusercontent.com
mobilecurlygzip.cosmico.repl.co
9    2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)
codex.nflxext.com
assets.nflxext.com
5    2001:8f8:0:13::87 (United Arab Emirates)

ASN8966 (ETISALAT-AS P.O. Box 1150, Dubai, U, AE)
occ-0-1190-2773.1.nflxso.net
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a02:26f0:3500:588::33c4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ae.nflximg.net
4    2a05:d018:76c:b685:3b38:679d:2640:1ced (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
www.netflix.com
2    2a01:578:3::364c:816e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ichnaea-web.netflix.com
Apex Domain
Subdomains		 Transfer
9 nflxext.com
codex.nflxext.com — Cisco Umbrella Rank: 15742
assets.nflxext.com — Cisco Umbrella Rank: 4589
2 MB
6 netflix.com
www.netflix.com — Cisco Umbrella Rank: 2014 Failed
ichnaea-web.netflix.com — Cisco Umbrella Rank: 3294
2 KB
5 nflxso.net
occ-0-1190-2773.1.nflxso.net
684 KB
3 repl.co
mobilecurlygzip.cosmico.repl.co
403 KB
2 nflximg.net
ae.nflximg.net — Cisco Umbrella Rank: 24935
4 KB
2 gstatic.com
www.gstatic.com
18 KB
30 6
Domain Requested by
5 occ-0-1190-2773.1.nflxso.net mobilecurlygzip.cosmico.repl.co
5 codex.nflxext.com mobilecurlygzip.cosmico.repl.co
codex.nflxext.com
4 www.netflix.com codex.nflxext.com
ae.nflximg.net
assets.nflxext.com
4 assets.nflxext.com mobilecurlygzip.cosmico.repl.co
codex.nflxext.com
3 mobilecurlygzip.cosmico.repl.co mobilecurlygzip.cosmico.repl.co
codex.nflxext.com
2 ichnaea-web.netflix.com ae.nflximg.net
2 ae.nflximg.net codex.nflxext.com
ae.nflximg.net
2 www.gstatic.com codex.nflxext.com
www.gstatic.com
30 8

This site contains no links.

Subject Issuer Validity Valid
cosmico.repl.co
R3		 2022-06-12 -
2022-09-10		 3 months crt.sh
*.1.nflxso.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2022-07-29		 a month crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
assets.nflxext.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-08 -
2023-03-11		 a year crt.sh
www.netflix.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-14 -
2023-01-14		 a year crt.sh
ichnaea-web.netflix.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-09 -
2023-02-09		 a year crt.sh

This page contains 3 frames:

Primary Page: https://mobilecurlygzip.cosmico.repl.co/
Frame ID: FEB2C4760DF571921A25BCD5A723DDBD
Requests: 22 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Frame ID: 05AEE15FDB885B6CA7997F29E53098B3
Requests: 2 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Frame ID: DA9DFD697915366ADE8EE39C35B83609
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • zip\.co

Page Statistics

30
Requests

90 %
HTTPS

86 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

2906 kB
Transfer

7426 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mobilecurlygzip.cosmico.repl.co/ 		369 KB
369 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mobilecurlygzip.cosmico.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6ba2d679e822ec1c2116a4be52bb11d9bb9530d34d2277ac71a796f791f8e464
Security Headers
Name Value
Strict-Transport-Security max-age=7767992; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
377398
content-type
text/html; charset=utf-8
date
Wed, 29 Jun 2022 13:21:09 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster
global
strict-transport-security
max-age=7767992; includeSubDomains
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Ccore%7Cerror-page.less/1/a0DxK4Itw9CHJ/none/true/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Ccore%7Cerror-page.less/1/a0DxK4Itw9CHJ/none/true/none
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=16070400
req_id
e911247a-419d-4318-b1e6-17bf779c9d7f
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
2595
Expires
Sun, 01 Jan 2023 13:21:09 GMT
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Cpages%7CakiraClient.less/1/a0DxK4Itw9CHJ/none/true/ 		679 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Cpages%7CakiraClient.less/1/a0DxK4Itw9CHJ/none/true/none
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
eaa24899d90476e368834932757340ea3b695becb2d380d8755912da676db3a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=16070400
req_id
0b42af9e-cb0d-4823-a236-014d33be0260
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Sun, 01 Jan 2023 13:21:09 GMT
cadmium-playercore-6.0031.224.911.js
assets.nflxext.com/en_us/ffe/player/html/ 		2 MB
654 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/en_us/ffe/player/html/cadmium-playercore-6.0031.224.911.js
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1d8a63dc379fa7dbe4c0834907e2993199af776a86ba7423571d111606c691f1

Request headers

Referer
https://mobilecurlygzip.cosmico.repl.co/
Origin
https://mobilecurlygzip.cosmico.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Jun 2021 13:43:52 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Wed, 06 Jul 2022 13:21:11 GMT
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/bootstrap.js,common%7Cbootstrap.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/bck/true/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/bootstrap.js,common%7Cbootstrap.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/bck/true/none
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
09d25cecd18a76aab3fa11b3c894dd6d7989b907ed06c68d8a8a3fd083448f52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=16070400
req_id
f23206db-d4d3-4739-b898-00b5f607ee8f
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Content-Length
3629
Expires
Sun, 01 Jan 2023 13:21:10 GMT
none
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/akira%7CakiraClient.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/l/true/ 		3 MB
830 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/akira%7CakiraClient.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/l/true/none
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
ea311656dd81470123fd812238d3a0fcd49811605ad4c456187ddef70c07075e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mobilecurlygzip.cosmico.repl.co/
Origin
https://mobilecurlygzip.cosmico.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=16070400
req_id
ef64e991-eb4b-4cbb-b2f4-538f140eb02d
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Sun, 01 Jan 2023 13:21:10 GMT
AAAABTzQndLIMejbjN7Yj6nzQHf0AffS5Whagu7Q4pYGeKpPxuO2brcmZvB729F3MQpEw6V4T1_vDzftgFBGpHFh18J9BEng.png
occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/AAAABTzQndLIMejbjN7Yj6nzQHf0AffS5Whagu7Q4pYGeKpPxuO2brcmZvB729F3MQpEw6V4T1_vDzftgFBGpHFh18J9BEng.png?r=f79
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:8f8:0:13::87 , United Arab Emirates, ASN8966 (ETISALAT-AS P.O. Box 1150, Dubai, U, AE),
Reverse DNS
Software
nginx /
Resource Hash
ada9a9d619cee973b0d1319c3f1770557465a66bf8d8474d800c3db72f84ab7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Sun, 05 Jun 2022 18:05:27 GMT
Accept-CH
Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag
"0fa04dd0fd120ed0aa5ff9fcf52f5d44"
X-Cache-Status
MISS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000, public, s-maxage=604800
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
62726
Server
nginx
AAAABfa3LKkxA4ia-vJaRgt6sUtAhXQsp73siYB86eGVbHj1CeHSsn0N9KxMmkJfRCwFFbR95-2u_kquoSLnjcnwi4PNIy-L.png
occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/ 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/AAAABfa3LKkxA4ia-vJaRgt6sUtAhXQsp73siYB86eGVbHj1CeHSsn0N9KxMmkJfRCwFFbR95-2u_kquoSLnjcnwi4PNIy-L.png?r=c65
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:8f8:0:13::87 , United Arab Emirates, ASN8966 (ETISALAT-AS P.O. Box 1150, Dubai, U, AE),
Reverse DNS
Software
nginx /
Resource Hash
4cbaa25e2d80416f448f173958d7b5c7d6d5b608eb354718c40e4d525e9a88a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Sat, 21 May 2022 04:29:02 GMT
Accept-CH
Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag
"d9cd7e2228a8a64bea28a2cc6eabcb32"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000, public, s-maxage=604800
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, : *
Content-Length
165389
Server
nginx
AAAABRjzeBJgmcflwzvR95Ct6Np0CBj2YKpupql7TAby47qHo0vPhwLPUp0SrocNcKU35UbkJD8-bP9KOzuNl3q9MgzIEHDm.png
occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/AAAABRjzeBJgmcflwzvR95Ct6Np0CBj2YKpupql7TAby47qHo0vPhwLPUp0SrocNcKU35UbkJD8-bP9KOzuNl3q9MgzIEHDm.png?r=893
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:8f8:0:13::87 , United Arab Emirates, ASN8966 (ETISALAT-AS P.O. Box 1150, Dubai, U, AE),
Reverse DNS
Software
nginx /
Resource Hash
41ab046d5db23fc6ac4f1b1913150e3f1e2cc57596127017aa8927e39276811c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Sat, 04 Jun 2022 19:43:51 GMT
Accept-CH
Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag
"3ea98d328c7e47b85afe6ca7f5129d7d"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000, public, s-maxage=604800
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
159401
Server
nginx
AAAABXYGYCun9Sa2P1_GTaVtADVKfP2uC9e206A3KM1eABgccajzvO4PAR5XMPRiqqrY7SvvY_lneVww04vkQaDMuQ6I-wzm.png
occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/AAAABXYGYCun9Sa2P1_GTaVtADVKfP2uC9e206A3KM1eABgccajzvO4PAR5XMPRiqqrY7SvvY_lneVww04vkQaDMuQ6I-wzm.png?r=c71
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:8f8:0:13::87 , United Arab Emirates, ASN8966 (ETISALAT-AS P.O. Box 1150, Dubai, U, AE),
Reverse DNS
Software
nginx /
Resource Hash
afe6bab038addf642fd4f222e181af0ee4e8f087704d869f9d276a318740219a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Sat, 21 May 2022 03:44:40 GMT
Accept-CH
Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag
"012bc4577337c16614bef36d550c01f0"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000, public, s-maxage=604800
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
105359
Server
nginx
AAAABcXiTXD1E0N1XgPat2lQLnerpON8oTVaLc7zS7TfndmQLNmHUMRV0nvzhLkToIsUsjn5tyPf6GpLM1hZyFM3iJgkhO2sQ2Mi_BuKlWmE9yyRTqZzkN8V-9IxwNvmVP4ACOn-Q95VXQU.png
occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://occ-0-1190-2773.1.nflxso.net/dnm/api/v6/K6hjPJd6cR6FpVELC5Pd6ovHRSk/AAAABcXiTXD1E0N1XgPat2lQLnerpON8oTVaLc7zS7TfndmQLNmHUMRV0nvzhLkToIsUsjn5tyPf6GpLM1hZyFM3iJgkhO2sQ2Mi_BuKlWmE9yyRTqZzkN8V-9IxwNvmVP4ACOn-Q95VXQU.png?r=a48
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:8f8:0:13::87 , United Arab Emirates, ASN8966 (ETISALAT-AS P.O. Box 1150, Dubai, U, AE),
Reverse DNS
Software
nginx /
Resource Hash
6f72767f82acdfca5d9ac2b2e46fa33d1ef624c79fc3d4ff9446f46cf336e5c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Tue, 31 May 2022 17:00:57 GMT
Accept-CH
Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag
"a5e54536e466a2908d0fafa33bb3338b"
X-Cache-Status
HIT
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31104000, public, s-maxage=604800
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, : *
Content-Length
205278
Server
nginx
nav-shadow.png
assets.nflxext.com/en_us/akira/jawBone/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.nflxext.com/en_us/akira/jawBone/nav-shadow.png
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Cpages%7CakiraClient.less/1/a0DxK4Itw9CHJ/none/true/none
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d22def10117c1bd21e1484d4c78a7f8a54e1601e83eb153e58e5bf683a2e9ad8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://codex.nflxext.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Wed, 17 Dec 2014 00:46:46 GMT
Server
nginx
Content-MD5
Hi9fAR5l5hLPGispMZVVKw==
ETag
"1e2f5f011e65e612cf1a2b293195552b:1418777532"
Content-Type
image/png
Cache-Control
max-age=14401
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10724
Expires
Wed, 29 Jun 2022 17:21:11 GMT
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Cpages%7CakiraClient.less/1/a0DxK4Itw9CHJ/none/true/none
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer
https://codex.nflxext.com/
Origin
https://mobilecurlygzip.cosmico.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73572
Expires
Wed, 06 Jul 2022 13:21:11 GMT
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-shakti-css-vf54cd056/css/css/less%7Ccore%7Cerror-page.less/1/a0DxK4Itw9CHJ/none/true/none
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

Referer
https://codex.nflxext.com/
Origin
https://mobilecurlygzip.cosmico.repl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:10 GMT
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
Content-MD5
C/MXfx/tbZUxeCIfukPH6A==
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53304
Expires
Wed, 06 Jul 2022 13:21:11 GMT
DebugEvent
mobilecurlygzip.cosmico.repl.co/personalization/cl2/freeform/ 		17 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mobilecurlygzip.cosmico.repl.co/personalization/cl2/freeform/DebugEvent?source=www&type=ServiceWorkerFailure&message=Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https%3A%2F%2Fmobilecurlygzip.cosmico.repl.co%2F%27)%20with%20script%20(%27https%3A%2F%2Fmobilecurlygzip.cosmico.repl.co%2Fservice-worker.js%27)%3A%20A%20bad%20HTTP%20response%20code%20(404)%20was%20received%20when%20fetching%20the%20script.
Requested by
Host: mobilecurlygzip.cosmico.repl.co
URL: https://mobilecurlygzip.cosmico.repl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c8b7555aec027a2adddfd46c3efd04a146c8d537acf9e0ec5a397b52303e8d9a
Security Headers
Name Value
Strict-Transport-Security max-age=7767991; includeSubDomains

Request headers

Referer
https://mobilecurlygzip.cosmico.repl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Netflix.Client.Request.Name
ui/cl

Response headers

strict-transport-security
max-age=7767991; includeSubDomains
replit-cluster
global
date
Wed, 29 Jun 2022 13:21:10 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=utf-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/akira%7CakiraClient.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/l/true/none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 13:21:13 GMT
adtech_iframe_target_05.html
ae.nflximg.net/monet/scripts/ Frame 05AE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/akira%7CakiraClient.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/l/true/none
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:588::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
33453d6e2431ccd0b867d3b7ac3da2b6012f1b232a6d01e8bc66bb49c04dae5a

Request headers

Referer
https://mobilecurlygzip.cosmico.repl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1283
Content-MD5
2tiC8L4hXEQfExrWl5WOaw==
Content-Type
text/html
Date
Wed, 29 Jun 2022 13:21:11 GMT
ETag
"dad882f0be215c441f131ad697958e6b:1572563658.405897"
Last-Modified
Thu, 31 Oct 2019 23:14:09 GMT
Server
AkamaiNetStorage
Timing-Allow-Origin
*
Vary
Accept-Encoding
pathEvaluator
www.netflix.com/nq/website/memberapi/vf54cd056/ 		0
0
pathEvaluator
www.netflix.com/nq/website/memberapi/vf54cd056/ 		0
0
pathEvaluator
www.netflix.com/nq/website/memberapi/vf54cd056/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&method=call&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:76c:b685:3b38:679d:2640:1ced Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nq_website_memberapi-prod-vf54cd056 UNKNOWN /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Accept
*/*
Access-Control-Request-Headers
x-netflix.browsername,x-netflix.browserversion,x-netflix.client.request.name,x-netflix.clienttype,x-netflix.esn,x-netflix.esnprefix,x-netflix.nq.stack,x-netflix.osfullname,x-netflix.osname,x-netflix.osversion,x-netflix.playerthroughput,x-netflix.playerthroughputniqr,x-netflix.request.client.user.guid,x-netflix.uiversion
Access-Control-Request-Method
POST
Origin
https://mobilecurlygzip.cosmico.repl.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Content-Encoding,Accept,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.originating.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,X-Netflix.Request.Routing,X-NETFLIX-PREAPP-PARTNER-ID, X-NETFLIX-PREAPP-INTEGRITY-VALUE, X-Netflix.Request.Priority,X-Netflix.Retry.Client.Policy,X-Netflix.Client.Request.Name,X-Netflix.Request.Retry.Policy,X-Netflix.Request.Retry.Policy.Default,X-Netflix.request.client.user.guid,X-Netflix.Request.NonJson.Headers,X-Netflix.esnPrefix,X-Netflix.browserName,X-Netflix.browserVersion,X-Netflix.osName,X-Netflix.osVersion,X-Netflix.uiVersion,X-Netflix.clientType,X-NETFLIX-PERSONALIZATION-ID,X-NETFLIX-DET-TOKEN,X-NETFLIX-DET-PARTNER-PAI,X-NETFLIX-RESPONSE-OVERRIDDEN,X-NETFLIX-DET-DEPRECATION,X-Netflix.context.locales,X-Netflix.context.ui-flavor,X-Netflix.context.app-version,X-Netflix.context.schema-variant
access-control-allow-methods
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT
access-control-allow-origin
*
access-control-expose-headers
X-Netflix.Retry.Server.Policy,X-Netflix.Response.Tag,X-Netflix.Geo.Info,X-Netflix.request.inbound.identity.changed,Via,X-Netflix.Retry.Server.Policy.retryAfterSeconds,X-Netflix.Retry.Server.Policy.maxRetries,X-Ftl-Error,X-Netflix.uiVersion
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT
content-length
0
server
nq_website_memberapi-prod-vf54cd056 UNKNOWN
strict-transport-security
max-age=31536000; includeSubDomains
via
2 i-0edd85429512b414a (eu-west-1)
x-content-type-options
nosniff
x-netflix_nfstatus
1_1
x-netflix_proxy_execution-time
11
x-originating-url
http://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?usePreviewModal=true&routeAPIRequestsThroughFTL=false&method=call&materialize=true&hasVideoMerchInJaw=true&isTop10Supported=true&drmSystem=widevine&falcor_server=0.1.0&infoDensityToggle=false&hasVideoMerchInBob=true&withSize=true&webp=true&isVolatileBillboardsEnabled=true&contextAwareImages=true&enableMultiLanguageCatalog=false&persoInfoDensity=false&isTop10KidsSupported=false&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
x-xss-protection
1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
pathEvaluator
www.netflix.com/nq/website/memberapi/vf54cd056/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:76c:b685:3b38:679d:2640:1ced Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nq_website_memberapi-prod-vf54cd056 UNKNOWN /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Accept
*/*
Access-Control-Request-Headers
x-netflix.browsername,x-netflix.browserversion,x-netflix.client.request.name,x-netflix.clienttype,x-netflix.esn,x-netflix.esnprefix,x-netflix.nq.stack,x-netflix.osfullname,x-netflix.osname,x-netflix.osversion,x-netflix.playerthroughput,x-netflix.playerthroughputniqr,x-netflix.request.client.user.guid,x-netflix.uiversion
Access-Control-Request-Method
POST
Origin
https://mobilecurlygzip.cosmico.repl.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Content-Encoding,Accept,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.esn,X-Netflix.device.type,X-Netflix.certification.version,X-Netflix.request.uuid,X-Netflix.originating.request.uuid,X-Netflix.user.id,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.ichnaea.request.type,X-Netflix.Request.Routing,X-NETFLIX-PREAPP-PARTNER-ID, X-NETFLIX-PREAPP-INTEGRITY-VALUE, X-Netflix.Request.Priority,X-Netflix.Retry.Client.Policy,X-Netflix.Client.Request.Name,X-Netflix.Request.Retry.Policy,X-Netflix.Request.Retry.Policy.Default,X-Netflix.request.client.user.guid,X-Netflix.Request.NonJson.Headers,X-Netflix.esnPrefix,X-Netflix.browserName,X-Netflix.browserVersion,X-Netflix.osName,X-Netflix.osVersion,X-Netflix.uiVersion,X-Netflix.clientType,X-NETFLIX-PERSONALIZATION-ID,X-NETFLIX-DET-TOKEN,X-NETFLIX-DET-PARTNER-PAI,X-NETFLIX-RESPONSE-OVERRIDDEN,X-NETFLIX-DET-DEPRECATION,X-Netflix.context.locales,X-Netflix.context.ui-flavor,X-Netflix.context.app-version,X-Netflix.context.schema-variant
access-control-allow-methods
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT
access-control-allow-origin
*
access-control-expose-headers
X-Netflix.Retry.Server.Policy,X-Netflix.Response.Tag,X-Netflix.Geo.Info,X-Netflix.request.inbound.identity.changed,Via,X-Netflix.Retry.Server.Policy.retryAfterSeconds,X-Netflix.Retry.Server.Policy.maxRetries,X-Ftl-Error,X-Netflix.uiVersion
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, SCRIPT
content-length
0
server
nq_website_memberapi-prod-vf54cd056 UNKNOWN
strict-transport-security
max-age=31536000; includeSubDomains
via
2 i-0edd85429512b414a (eu-west-1)
x-content-type-options
nosniff
x-netflix_nfstatus
1_1
x-netflix_proxy_execution-time
12
x-originating-url
http://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?usePreviewModal=true&routeAPIRequestsThroughFTL=false&materialize=true&hasVideoMerchInJaw=true&isTop10Supported=true&drmSystem=widevine&falcor_server=0.1.0&infoDensityToggle=false&hasVideoMerchInBob=true&withSize=true&webp=true&isVolatileBillboardsEnabled=true&contextAwareImages=true&enableMultiLanguageCatalog=false&persoInfoDensity=false&isTop10KidsSupported=false&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
x-xss-protection
1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
log
www.netflix.com/ichnaea/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.netflix.com/ichnaea/log
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:76c:b685:3b38:679d:2640:1ced Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
clingest-secure i-06f814401c6844eba /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method
POST
Origin
https://ae.nflximg.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ae.nflximg.net
allow
GET, POST, OPTIONS
content-length
0
date
Wed, 29 Jun 2022 13:21:11 GMT
server
clingest-secure i-06f814401c6844eba
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
2 i-0edd85429512b414a (eu-west-1)
x-b3-traceid
8089559450f67f08
x-content-type-options
nosniff
x-envoy-decorator-operation
lo_svc_http
x-envoy-upstream-service-time
2
x-netflix_nfstatus
1_1
x-netflix_proxy_execution-time
14
x-originating-url
http://www.netflix.com/ichnaea/log
x-request-id
8610b041-d687-4085-b653-980b31d2287c
x-xss-protection
1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
log
www.netflix.com/ichnaea/ Frame 05AE 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.netflix.com/ichnaea/log
Requested by
Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d018:76c:b685:3b38:679d:2640:1ced Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
clingest-secure i-04cc117ee75e10cd7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Netflix.ichnaea.request.type
IchnaeaRequest
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Jun 2022 13:21:11 GMT
x-envoy-decorator-operation
lo_svc_http
x-content-type-options
nosniff
x-b3-traceid
15f765d9eaa2540f
access-control-allow-origin
https://ae.nflximg.net
x-netflix_proxy_execution-time
14
x-envoy-upstream-service-time
6
content-length
0
x-xss-protection
1; mode=block
x-request-id
97d1d987-a5b6-4fa6-b38f-a99fceb2b8ba
pragma
no-cache
allow
GET, POST, OPTIONS
server
clingest-secure i-04cc117ee75e10cd7
x-frame-options
DENY
x-netflix_nfstatus
1_1
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
x-originating-url
http://www.netflix.com/ichnaea/log
via
2 i-0daf4c72bf3330f50 (eu-west-1)
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-ichnaea
~0=true~RL=0
access-control-allow-headers
Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires
0
netflix_tag_05.html
ae.nflximg.net/monet/scripts/ Frame DA9D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Requested by
Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:588::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2111a5f2a5ebaff7b64a555cb2a4ca5c8567f8b2e852757a10095f51f7d678dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1488
Content-MD5
CYVzSALev2SVwpupPEhVyQ==
Content-Type
text/html
Date
Wed, 29 Jun 2022 13:21:11 GMT
ETag
"0985734802debf6495c29ba93c4855c9:1642093938.169142"
Last-Modified
Thu, 13 Jan 2022 17:12:01 GMT
Server
AkamaiNetStorage
Timing-Allow-Origin
*
Vary
Accept-Encoding
probe
www.netflix.com/api/ftl/ 		0
0
log
ichnaea-web.netflix.com/ Frame DA9D 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ichnaea-web.netflix.com/log
Requested by
Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22CURRENT_MEMBER%22%2C%22country%22%3A%22AE%22%2C%22region_code%22%3A%22SH%22%2C%22is_member%22%3A%22current%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22homeScreen%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::364c:816e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
clingest-secure i-02cba9e93f427df76 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

X-Netflix.ichnaea.request.type
IchnaeaRequest
Referer
https://ae.nflximg.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Jun 2022 13:21:11 GMT
Via
1.1 i-0b1997b93e4647985 (eu-west-1)
x-content-type-options
nosniff
x-envoy-decorator-operation
lo_svc_http
x-b3-traceid
f3091358a7b3e307
X-Netflix_proxy_execution-time
3
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
0
x-xss-protection
1; mode=block
x-request-id
24b668e3-2ebc-467a-bb63-df9edff91c6c
pragma
no-cache
Server
clingest-secure i-02cba9e93f427df76
x-frame-options
DENY
X-Netflix_nfstatus
1_1
allow
GET, POST, OPTIONS
access-control-allow-methods
GET, POST, OPTIONS
X-Originating-URL
https://ichnaea-web.netflix.com/log
access-control-allow-origin
https://ae.nflximg.net
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
x-ichnaea
~0=true~RL=0
access-control-allow-headers
Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires
0
log
ichnaea-web.netflix.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ichnaea-web.netflix.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:578:3::364c:816e Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
clingest-secure i-0723c774c30e315b1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method
POST
Origin
https://ae.nflximg.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Server
clingest-secure i-0723c774c30e315b1
Via
1.1 i-01ed996aa1aa644fa (eu-west-1)
X-Netflix_nfstatus
1_1
X-Netflix_proxy_execution-time
7
X-Originating-URL
https://ichnaea-web.netflix.com/log
access-control-allow-credentials
true
access-control-allow-headers
Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ae.nflximg.net
allow
GET, POST, OPTIONS
date
Wed, 29 Jun 2022 13:21:11 GMT
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-b3-traceid
4be1d5a9a61619de
x-envoy-decorator-operation
lo_svc_http
x-envoy-upstream-service-time
0
x-request-id
82c744c6-f295-431e-8ff4-38a5305f94f3
cast_sender.js
www.gstatic.com/eureka/clank/103/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 09:11:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14991
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 30 Jun 2022 09:11:22 GMT
8u,8y,05
codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/aX/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/a/true/ 		285 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/aX/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/a/true/8u,8y,05
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/bootstrap.js,common%7Cbootstrap.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/bck/true/none
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9357acc056b2748f2ea5c6422930f7993e6f201c6169aa6ed58cabc847b3b433
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mobilecurlygzip.cosmico.repl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 13:21:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=16070400
req_id
82830445-9a9e-48e1-920f-8295a2f4eac7
Connection
keep-alive
Timing-Allow-Origin
https://www.netflix.com
Expires
Sun, 01 Jan 2023 13:21:13 GMT
cl2
mobilecurlygzip.cosmico.repl.co/personalization/ 		17 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mobilecurlygzip.cosmico.repl.co/personalization/cl2
Requested by
Host: codex.nflxext.com
URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/akira%7CakiraClient.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/l/true/none
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c8b7555aec027a2adddfd46c3efd04a146c8d537acf9e0ec5a397b52303e8d9a
Security Headers
Name Value
Strict-Transport-Security max-age=7767985; includeSubDomains

Request headers

Referer
https://mobilecurlygzip.cosmico.repl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-Netflix.Client.Request.Name
ui/cl
Content-Type
application/json

Response headers

strict-transport-security
max-age=7767985; includeSubDomains
replit-cluster
global
date
Wed, 29 Jun 2022 13:21:16 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.netflix.com
URL
https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&method=call&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
Domain
www.netflix.com
URL
https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
Domain
www.netflix.com
URL
https://www.netflix.com/api/ftl/probe?monotonic=false&device=web&iter=0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| netflix string| freeformUrl object| Codex object| C object| global object| process function| a000 object| ASN1 object| _cad_global boolean| DEBUG function| applyFocusVisiblePolyfill object| pathEvaluator function| __onGCastApiAvailable object| reactApp

0 Cookies

10 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
network error URL: https://mobilecurlygzip.cosmico.repl.co/personalization/cl2/freeform/DebugEvent?source=www&type=ServiceWorkerFailure&message=Failed%20to%20register%20a%20ServiceWorker%20for%20scope%20(%27https%3A%2F%2Fmobilecurlygzip.cosmico.repl.co%2F%27)%20with%20script%20(%27https%3A%2F%2Fmobilecurlygzip.cosmico.repl.co%2Fservice-worker.js%27)%3A%20A%20bad%20HTTP%20response%20code%20(404)%20was%20received%20when%20fetching%20the%20script.
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://mobilecurlygzip.cosmico.repl.co/
Message:
Access to XMLHttpRequest at 'https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&method=call&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator' from origin 'https://mobilecurlygzip.cosmico.repl.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&method=call&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://mobilecurlygzip.cosmico.repl.co/
Message:
Access to XMLHttpRequest at 'https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator' from origin 'https://mobilecurlygzip.cosmico.repl.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://www.netflix.com/nq/website/memberapi/vf54cd056/pathEvaluator?webp=true&drmSystem=widevine&isVolatileBillboardsEnabled=true&routeAPIRequestsThroughFTL=false&isTop10Supported=true&isTop10KidsSupported=false&hasVideoMerchInBob=true&hasVideoMerchInJaw=true&persoInfoDensity=false&infoDensityToggle=false&contextAwareImages=true&enableMultiLanguageCatalog=false&usePreviewModal=true&falcor_server=0.1.0&withSize=true&materialize=true&original_path=%2Fshakti%2Fvf54cd056%2FpathEvaluator
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://codex.nflxext.com/%5E3.0.0/truthBundle/webui/1.22.5-akira-js-vf54cd056/js/js/akira%7CakiraClient.js/2/082-2J032D2N2_050i00302M2W062G2P2K2V2E2O2X0J/l/true/none(Line 8)
Message:
WebSocket connection to 'wss://push.prod.netflix.com/ws' failed: Error during WebSocket handshake: Unexpected response code: 400
javascript error URL: https://mobilecurlygzip.cosmico.repl.co/
Message:
Access to XMLHttpRequest at 'https://www.netflix.com/api/ftl/probe?monotonic=false&device=web&iter=0' from origin 'https://mobilecurlygzip.cosmico.repl.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.netflix.com/api/ftl/probe?monotonic=false&device=web&iter=0
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://mobilecurlygzip.cosmico.repl.co/personalization/cl2
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=7767992; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.nflximg.net
assets.nflxext.com
codex.nflxext.com
ichnaea-web.netflix.com
mobilecurlygzip.cosmico.repl.co
occ-0-1190-2773.1.nflxso.net
www.gstatic.com
www.netflix.com
www.netflix.com
2001:8f8:0:13::87
2a00:1450:4001:800::2003
2a00:86c0:2090::1
2a01:578:3::364c:816e
2a02:26f0:3500:588::33c4
2a05:d018:76c:b685:3b38:679d:2640:1ced
35.186.245.55
09d25cecd18a76aab3fa11b3c894dd6d7989b907ed06c68d8a8a3fd083448f52
1d8a63dc379fa7dbe4c0834907e2993199af776a86ba7423571d111606c691f1
2111a5f2a5ebaff7b64a555cb2a4ca5c8567f8b2e852757a10095f51f7d678dd
33453d6e2431ccd0b867d3b7ac3da2b6012f1b232a6d01e8bc66bb49c04dae5a
41ab046d5db23fc6ac4f1b1913150e3f1e2cc57596127017aa8927e39276811c
4cbaa25e2d80416f448f173958d7b5c7d6d5b608eb354718c40e4d525e9a88a5
6ba2d679e822ec1c2116a4be52bb11d9bb9530d34d2277ac71a796f791f8e464
6f72767f82acdfca5d9ac2b2e46fa33d1ef624c79fc3d4ff9446f46cf336e5c6
9357acc056b2748f2ea5c6422930f7993e6f201c6169aa6ed58cabc847b3b433
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
ada9a9d619cee973b0d1319c3f1770557465a66bf8d8474d800c3db72f84ab7f
afe6bab038addf642fd4f222e181af0ee4e8f087704d869f9d276a318740219a
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c8b7555aec027a2adddfd46c3efd04a146c8d537acf9e0ec5a397b52303e8d9a
d22def10117c1bd21e1484d4c78a7f8a54e1601e83eb153e58e5bf683a2e9ad8
d9bac1aefff045998fd064ed279defcd96c37a53ee0ee3816d1ebab19c1ff739
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea311656dd81470123fd812238d3a0fcd49811605ad4c456187ddef70c07075e
eaa24899d90476e368834932757340ea3b695becb2d380d8755912da676db3a0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f