ancient-thunder-0448.chinnabhai944.workers.dev Open in urlscan Pro
2606:4700:3033::6815:5845 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Effective URL:
https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Submission: On March 02 via automatic, source openphish (March 2nd 2024, 1:34:35 am UTC) — Scanned from DE

Summary HTTP 36 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3033::6815:5845, located in United States and belongs to CLOUDFLARENET, US. The main domain is ancient-thunder-0448.chinnabhai944.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on January 16th 2024. Valid for: 3 months.

This is the only time ancient-thunder-0448.chinnabhai944.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3033::6815:5845	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
11	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:86c0:206... 2a00:86c0:2069:2069::172	2906 (AS-SSI) (AS-SSI)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:9ae::33c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a05:d018:76c... 2a05:d018:76c:b685:e8ab:afd3:af51:3aed	16509 (AMAZON-02) (AMAZON-02)
2	2a01:578:3::2... 2a01:578:3::22f6:82af	16509 (AMAZON-02) (AMAZON-02)
36	9

4 2606:4700:3033::6815:5845 (United States)

ASN13335 (CLOUDFLARENET, US)

ancient-thunder-0448.chinnabhai944.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:86c0:2069:2069::172 (New York, United States)

ASN2906 (AS-SSI, US)

occ-0-2706-2705.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:9ae::33c4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ae.nflximg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:76c:b685:e8ab:afd3:af51:3aed (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:578:3::22f6:82af (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ichnaea-web.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 5711	2 MB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 334	169 KB
4	netflix.com www.netflix.com — Cisco Umbrella Rank: 2487 ichnaea-web.netflix.com — Cisco Umbrella Rank: 3220	2 KB
4	workers.dev ancient-thunder-0448.chinnabhai944.workers.dev	326 KB
2	nflximg.net ae.nflximg.net — Cisco Umbrella Rank: 17505	6 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 541	295 B
1	nflxso.net occ-0-2706-2705.1.nflxso.net — Cisco Umbrella Rank: 45361	248 KB
36	7

	Domain	Requested by
12	assets.nflxext.com	ancient-thunder-0448.chinnabhai944.workers.dev
11	cdn.cookielaw.org	ancient-thunder-0448.chinnabhai944.workers.dev cdn.cookielaw.org
4	ancient-thunder-0448.chinnabhai944.workers.dev	ancient-thunder-0448.chinnabhai944.workers.dev assets.nflxext.com
2	ichnaea-web.netflix.com	ae.nflximg.net
2	www.netflix.com	ae.nflximg.net
2	ae.nflximg.net	assets.nflxext.com ae.nflximg.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	occ-0-2706-2705.1.nflxso.net	ancient-thunder-0448.chinnabhai944.workers.dev
36	8

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
media.netflix.com
ir.netflix.com
jobs.netflix.com
netflix.shop
fast.com
www.netflix.com
netflix.com
optout.aboutads.info
www.onetrust.com

Subject Issuer	Validity	Valid
chinnabhai944.workers.dev GTS CA 1P5	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2024-02-29` - `2024-04-04`	a month	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
assets.nflxext.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-13` - `2025-02-12`	a year	crt.sh
www.netflix.com DigiCert Secure Site ECC CA-1	`2023-10-25` - `2024-10-24`	a year	crt.sh
ichnaea-web.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-09` - `2025-02-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Frame ID: 1059AFEFA1496795282CB80707A58E5E
Requests: 30 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Frame ID: 0C68C16C1D15C81BD4CB9E5EFBA2D7A8
Requests: 2 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Frame ID: D755FA6BED4D92269705F8BCA6CC4056
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix - Watch TV Shows Online, Watch Movies OnlineBack ButtonFilter Button

Page URL History Show full URLs

http://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&moda... HTTP 307
https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&moda... Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

36
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2413 kB
Transfer

6563 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://help.netflix.com/support/412
Title: FAQ

Search URL Search Domain Scan URL

URL: https://help.netflix.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://media.netflix.com/
Title: Media Center

Search URL Search Domain Scan URL

URL: http://ir.netflix.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://jobs.netflix.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://netflix.shop/
Title: Netflix Shop

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/corpinfo
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://help.netflix.com/contactus
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://fast.com/
Title: Speed Test

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/notices
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.netflix.com/browse/genre/839338
Title: Only on Netflix

Search URL Search Domain Scan URL

URL: https://www.netflix.com/dnsspi
Title: Do Not Sell or Share My Personal Information

Search URL Search Domain Scan URL

URL: https://netflix.com/adchoices-us
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy#cookies
Title: cookies and similar technologies

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/
Title: here.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding HTTP 307
https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request websitedetect Show response
ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/
Redirect Chain

http://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding

421 KB
82 KB

1108ms
862ms

Document
text/html

2606:4700:3033::6815:5845
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:5845 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5155f3736b7dfbee207e532c2f9ad87850fa1f107661f33b78f874f26f8739a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85dda504c8c943f9-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 02 Mar 2024 01:34:29 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ryntjdg%2FnroklFoXPBieQP0gKIAZHzigMuez4Tw261AThkl2qeuZWfnQlDS4slBo1R3NOfIAOTD9ChkxcONz%2BIyenQdmSM5wvU4JC2mSu6p35BPJOqorxIag%2BJ%2FepQZJXiRRjlBnlVYBYbLPbh6UTzPrKUuNMbE%2BBPrhxoydkEl1RPvyXM157oyjw%2FNK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 2 i-043a1fc31ae264e37 (us-east-2)
x-b3-traceid: 65e282254cd903a4ca5e0a4a774a4f9c
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc
x-envoy-upstream-service-time: 265
x-frame-options: DENY
x-netflix.nfstatus: 1_1
x-netflix.proxy.execution-time: 276
x-netflix.zuul.netty.content.compressor.target: gzip
x-originating-url: http://www.netflix.com/
x-request-id: 4f960cb5-e148-49e8-a5c2-930d1ab3e15d
x-robots-tag: index
x-xss-protection: 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK nmhpFrameworkClient.js.8532807bd86ea9d7f81f.js Show response
assets.nflxext.com/web/ffe/wp/signup/nmhp/ 3 MB
599 KB 93ms
26ms Script
application/javascript 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.8532807bd86ea9d7f81f.js
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8cc210a2d7cc9a86f7f1a882f377713fa0261ee7bb30794630ceb834a41bc80d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2024 14:09:01 GMT
Server: nginx
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 612994
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET WebsiteDetect
ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/ 0
0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 99ms
34ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 69580
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Thu, 29 Feb 2024 07:34:38 GMT
server: cloudflare
etag: 0x8DC38F8E2821F64
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e72b3413-601e-0039-5185-6bc29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda50a7d299225-FRA

GET
H/1.1 200
OK nmhp.a1bcda71010575046231.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ 5 KB
2 KB 92ms
26ms Stylesheet
text/css 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.a1bcda71010575046231.css
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ab3b3f1c5c419cc52904a972ecdda71f7270196b884b06597ebe0590e0cd91bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Feb 2024 14:09:01 GMT
Server: nginx
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1340
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK nmhp-reskin.6a003302aa4c93b29722.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ 523 B
858 B 87ms
24ms Stylesheet
text/css 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp-reskin.6a003302aa4c93b29722.css
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: bcf36fe4e5ddd746faff3173d643fb713f0056a92b4b5e24462865f989c0bac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Thu, 27 Jul 2023 20:30:51 GMT
Server: nginx
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 523
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK US-en-20240226-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/93da5c27-be66-427c-8b72-5cb39d275279/fa6f97d9-245e-43d7-bb56-af27cbf6d656/ 298 KB
298 KB 29ms
29ms Image
image/jpeg 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/93da5c27-be66-427c-8b72-5cb39d275279/fa6f97d9-245e-43d7-bb56-af27cbf6d656/US-en-20240226-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: bd2296e1c2632933c4cd53070cbfeab21bbcd26a364cc185ef4beebe85b4cfda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 28 Feb 2024 14:54:03 GMT
Server: nginx
Content-MD5: wb5HpLLL2XQ0bEQ2iF9LdA==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 304893
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 30ms
30ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 30ms
30ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK AAAABejKYujIIDQciqmGJJ8BtXkYKKTi5jiqexltvN1YmvXYIfX8B9CYwooUSIzOKneblRFthZAFsYLMgKMyNfeHwk16DmEkpIIcb6A3.png
occ-0-2706-2705.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ 247 KB
248 KB 372ms
127ms Image
image/png 2a00:86c0:2069:2069::172
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://occ-0-2706-2705.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/AAAABejKYujIIDQciqmGJJ8BtXkYKKTi5jiqexltvN1YmvXYIfX8B9CYwooUSIzOKneblRFthZAFsYLMgKMyNfeHwk16DmEkpIIcb6A3.png?r=f55
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2069:2069::172 New York, United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: eea9de1cdc682d9ea1d1e395e35baa6e35a6d685664bd636e8bf2900158134d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:30 GMT
Last-Modified: Thu, 01 Jun 2023 20:52:44 GMT
Server: nginx
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "bac31463a9cffbfeed00e05c47a46595"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public, s-maxage=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 253151

GET
H/1.1 200
OK mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 48 KB
49 KB 34ms
34ms Image
image/jpeg 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 14 Aug 2019 17:59:05 GMT
Server: nginx
Content-MD5: pIMz1DwZYS7WGYf6Xb/zxQ==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49614
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 20 KB
20 KB 29ms
29ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/boxshot.png
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 14 Nov 2018 18:48:14 GMT
Server: nginx
Content-MD5: WH4EDyAll5IJSQHKlzlmng==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20506
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK transparent_1x1.png
assets.nflxext.com/ffe/siteui/acquisition/common/ 272 B
591 B 31ms
30ms Image
image/png 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/common/transparent_1x1.png
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e43a8bb3f972ef0b96dc5e7b24340934646fb8932bda39a8feea67cbbe3e145

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 01 Jul 2020 17:38:24 GMT
Server: nginx
Content-MD5: X+USZj4auAKkdpQanOb1tQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H3 200 WebsiteDetect Show response
ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/ 421 KB
81 KB 519ms
519ms XHR
text/html 2606:4700:3033::6815:5845
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=nmLanding

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5845 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b3142e01691cf0b0cc08804a0c998582328cc7f83b142760d9358fdae6fa95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 01:34:30 GMT
via: 2 i-046f886e11ff65d8d (us-east-2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: lo_svc
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
x-b3-traceid: 65e282268830b3da4472b759e3ea3f62
content-encoding: br
x-netflix.proxy.execution-time: 226
x-envoy-upstream-service-time: 220
alt-svc: h3=":443"; ma=86400
x-netflix.zuul.netty.content.compressor.target: gzip
x-xss-protection: 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
x-request-id: 283330b3-6f62-4d1d-993e-6d1a301dcd4a
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
server: cloudflare
x-netflix.nfstatus: 1_1
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E772rd2iayj9e9nn51g70O%2BTt94hxUdcLorIzcKfIzqKLKug5xhWQKnLJywQ8aS4NPn1AKvKpe2gjmQqjoCD5dghJN%2BvbEX9dfzOC97PIKxOilPXeJ1ZyFJciIiJ0rYPKL5IKDNqfGMTqCNF1Ed0zpLfMEOze05ATYG67pQiPBeOYWWYnrUGixdvmD2C"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
x-originating-url: http://www.netflix.com/
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-ray: 85dda50d58c27298-EWR
x-robots-tag: index
expires: 0

GET
H3 200 WebsiteScreen Show response
ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/ 421 KB
81 KB 878ms
878ms XHR
text/html 2606:4700:3033::6815:5845
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5845 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7570be5a88a0c79098619722da16cda1c4af7f5c969581c7c0459f29dc5669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 01:34:30 GMT
via: 2 i-0c345a38ba1b8f29c (us-east-2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: lo_svc
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
x-b3-traceid: 65e28226f215a5871b166c2efc92dd21
content-encoding: br
x-netflix.proxy.execution-time: 295
x-envoy-upstream-service-time: 289
alt-svc: h3=":443"; ma=86400
x-netflix.zuul.netty.content.compressor.target: gzip
x-xss-protection: 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
x-request-id: 61081a74-c8c4-40dc-9304-51870b1f4f2f
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
server: cloudflare
x-netflix.nfstatus: 1_1
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ%2F6evleOstJEK8pGZ01CD1%2Fqo4NEPbY3kDo3YHTawyYSOjuAD%2B380OriDIVqrpRX0LvmP5jesn1J21bxNqymb%2FXm8rc4sZeNqRQwMCStSLuC5DEUoNZL2l1sb96ExcvEMlmD4zOJAIQGhuvJOYxOhUK4PBL1SQIJ9zfDkVwgxPfEIO3ngsR3MsRpJ61"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
x-originating-url: http://www.netflix.com/
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-ray: 85dda50d58c37298-EWR
x-robots-tag: index
expires: 0

GET
H2 200 87b6a5c0-0104-4e96-a291-092c11350111.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ 7 KB
3 KB 151ms
91ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99fc4b066b92ee3334d6e49a98d6fbd8195471df697a58df5436dc0b55271cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: iLcgizogFABY7I2ni4oXFg==
content-length: 2015
x-ms-lease-status: unlocked
last-modified: Mon, 12 Feb 2024 16:45:09 GMT
server: cloudflare
etag: 0x8DC2BE9F9B03ABE
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 71dbe41e-c01e-0052-4b73-68456b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda50d7eb5bb9e-FRA
expires: Sun, 03 Mar 2024 01:34:30 GMT

GET
H/1.1 200
OK download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 22 KB
22 KB 27ms
27ms Image
image/gif 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/download-icon.gif
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Mon, 12 Nov 2018 22:40:57 GMT
Server: nginx
Content-MD5: 3Ty3jbeMPgoTybd+4Z3u5g==
Content-Type: image/gif
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22171
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 206
Partial Content video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 264 KB
264 KB 26ms
25ms Media
video/x-m4v 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049

Request headers

Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: PLEtt8Zyszc1AGSApFXscg==
Content-Type: video/x-m4v
Content-Range: bytes 0-270045/270046
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 270046
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H/1.1 206
Partial Content video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 260 KB
260 KB 30ms
27ms Media
video/x-m4v 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by: Host: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71

Request headers

Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 02 Mar 2024 01:34:29 GMT
Last-Modified: Wed, 09 Jan 2019 20:47:49 GMT
Server: nginx
Content-MD5: PlXFYgWonIWf7QBa4XKfqg==
Content-Type: video/x-m4v
Content-Range: bytes 0-266159/266160
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 266160
Expires: Sat, 09 Mar 2024 01:34:30 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 117ms
44ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 01:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85dda50f4f86912e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/ 429 KB
105 KB 37ms
37ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

619961cc5419607d2024e330d6c57c6574bf7610260fb43362fbbcc800854d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: S1Y6/40RYuKp4yHMipHDTg==
age: 60512
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 106707
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 03:25:08 GMT
server: cloudflare
etag: 0x8DC367A88B71ACE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9c2ae3a7-001e-0072-3a8f-683ecc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda50f9e1b9225-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/bb72f804-6254-4555-9726-5d04b8878bdc/ 54 KB
15 KB 108ms
108ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/bb72f804-6254-4555-9726-5d04b8878bdc/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cee63a900843c8f205f8a52f1bd9362ae118f32d325054f384447f91f4b5f2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: aQfmvu9C27DErPgyolIXvg==
content-length: 15473
x-ms-lease-status: unlocked
last-modified: Mon, 12 Feb 2024 16:45:22 GMT
server: cloudflare
etag: 0x8DC2BEA0156CBBD
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0ddac5b8-401e-0011-6611-6ba337000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda5101ff9bb9e-FRA
expires: Sun, 03 Mar 2024 01:34:30 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 13 KB
3 KB 50ms
50ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dEXtQ1jHQn9CULgzadH0PQ==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3041
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 03:25:02 GMT
server: cloudflare
etag: 0x8DC367A852356FA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 89bcdb60-d01e-0071-5b01-6bdfa8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda510c886bb9e-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/ 63 KB
13 KB 54ms
53ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1jrazjAE7ub00sUl433JbA==
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13587
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 03:25:05 GMT
server: cloudflare
etag: 0x8DC367A86A37CFA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 07d79b31-101e-0051-024d-6aa40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda510c887bb9e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/ 21 KB
4 KB 51ms
50ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 03:25:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 91d76e1b-001e-003f-1c01-6bf120000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85dda510c888bb9e-FRA

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 37ms
36ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 77682
x-ms-lease-status: unlocked
last-modified: Wed, 28 Feb 2024 16:21:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 88fa0b90-d01e-0071-6acb-6adfa8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85dda5113eb89225-FRA

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 52ms
51ms Fetch
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status: unlocked
last-modified: Thu, 29 Feb 2024 07:34:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 003d5be7-701e-000a-5316-6b9d34000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85dda51148eabb9e-FRA

GET
H2 200 Netflix_Logo_PMS.png
cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/ 16 KB
16 KB 35ms
35ms Image
application/octet-stream 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3MQJRwmi3BSvKIhEVW/5tw==
age: 76546
content-length: 16386
x-ms-lease-status: unlocked
last-modified: Mon, 18 May 2020 21:10:31 GMT
server: cloudflare
etag: 0x8D7FB6FE5CFC000
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 88f1f34d-a01e-0044-70e6-1db3bc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85dda5115ec19225-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 35ms
34ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Mar 2024 01:34:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 68286
x-ms-lease-status: unlocked
last-modified: Thu, 29 Feb 2024 07:34:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: e73d2e92-601e-0039-3b8c-6bc29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85dda5115ec39225-FRA

GET
H/1.1 200
OK adtech_iframe_target_05.html Show response
ae.nflximg.net/monet/scripts/ Frame 0C68 4 KB
2 KB 99ms
28ms Document
text/html 2a02:26f0:480:9ae::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.8532807bd86ea9d7f81f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:480:9ae::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 46906a172b230be72a609fb98f3689e0baaa3292de25181121d75df0f84bf644

Request headers

Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1504
Content-MD5: wAdYtW1y2pnz8A4F9t+2hg==
Content-Type: text/html
Date: Sat, 02 Mar 2024 01:34:30 GMT
ETag: "c00758b56d72da99f3f00e05f6dfb686:1667228899.15889"
Last-Modified: Mon, 31 Oct 2022 15:08:11 GMT
Server: AkamaiNetStorage
Timing-Allow-Origin: *
Vary: Accept-Encoding

OPTIONS
H2 200 log
www.netflix.com/ichnaea/ Frame 0
0 217ms
62ms Preflight 2a05:d018:76c:b685:e8ab:afd3:af51:3aed
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:76c:b685:e8ab:afd3:af51:3aed Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

singleingestcl-secure e341e283-3445-4336-a289-32a766c68150 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://ae.nflximg.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Content-Encoding,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ae.nflximg.net
allow: GET, POST, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sat, 02 Mar 2024 01:34:30 GMT
expires: 0
pragma: no-cache
server: singleingestcl-secure e341e283-3445-4336-a289-32a766c68150
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 2 i-099f9c2caee3049a7 (eu-west-1)
x-b3-traceid: 65e2822649dd53901512acaa5f66c6e9
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-netflix.nfstatus: 1_1
x-netflix.proxy.execution-time: 11
x-originating-url: http://www.netflix.com/ichnaea/log
x-request-id: 35626ed4-6681-48a5-836d-b88713126cf1
x-xss-protection: 0

POST
H2 200 log Show response
www.netflix.com/ichnaea/ Frame 0C68 0
1 KB 175ms
63ms XHR
text/plain 2a05:d018:76c:b685:e8ab:afd3:af51:3aed
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:76c:b685:e8ab:afd3:af51:3aed Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

singleingestcl-secure 8856a1c2-d29b-4aed-bae9-1d89cdb31954 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 01:34:30 GMT
x-envoy-decorator-operation: lo_svc_http
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 2 i-0cdbce7c9f3706a80 (eu-west-1)
x-b3-traceid: 65e2822788a7bc1328a1e1bcd28db65f
x-netflix.proxy.execution-time: 7
x-envoy-upstream-service-time: 1
content-length: 0
x-xss-protection: 0
x-request-id: b6bc7918-ae31-4b08-9114-48770c24246f
pragma: no-cache
server: singleingestcl-secure 8856a1c2-d29b-4aed-bae9-1d89cdb31954
x-netflix.nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
x-originating-url: http://www.netflix.com/ichnaea/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-frame-options: DENY
x-ichnaea: ~0=true~RL=268
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Content-Encoding,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

GET
H/1.1 200
OK netflix_tag_05.html Show response
ae.nflximg.net/monet/scripts/ Frame D755 14 KB
4 KB 26ms
26ms Document
text/html 2a02:26f0:480:9ae::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Requested by: Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:480:9ae::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4390c9001cd92c3f99fb6b8b52a6954555481ed76703322aef3bb98f5d0462ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3568
Content-MD5: 6oE3tQFy19gIyzfqFaVwIw==
Content-Type: text/html
Date: Sat, 02 Mar 2024 01:34:30 GMT
ETag: "ea8137b50172d7d808cb37ea15a57023:1708637639.011648"
Last-Modified: Thu, 22 Feb 2024 21:33:49 GMT
Server: AkamaiNetStorage
Timing-Allow-Origin: *
Vary: Accept-Encoding

POST
H/1.1 200
OK log Show response
ichnaea-web.netflix.com/ Frame D755 0
1 KB 218ms
57ms XHR
text/plain 2a01:578:3::22f6:82af
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22US%22%2C%22region_code%22%3A%22NJ%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::22f6:82af Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

singleingestcl-secure f772c353-4e53-480b-b226-3ae13da30b2e /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer: https://ae.nflximg.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 01:34:30 GMT
Via: 1.1 i-0603891a685c3f880 (eu-west-1)
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-b3-traceid: 65e28227d0bce8a185a7a00a2713d62d
X-Netflix.proxy.execution-time: 4
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 0
x-xss-protection: 0
x-request-id: 00d89571-2f0d-4f30-9bd5-5b36dabb651b
pragma: no-cache
Server: singleingestcl-secure f772c353-4e53-480b-b226-3ae13da30b2e
X-Netflix.nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-frame-options: DENY
x-ichnaea: ~0=true~RL=357
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Content-Encoding,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

OPTIONS
H/1.1 200
OK log
ichnaea-web.netflix.com/ Frame 0
0 273ms
59ms Preflight 2a01:578:3::22f6:82af
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::22f6:82af Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

singleingestcl-secure 9a9fc371-4fde-4b1b-9bf0-7c7c61e43766 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://ae.nflximg.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Server: singleingestcl-secure 9a9fc371-4fde-4b1b-9bf0-7c7c61e43766
Via: 1.1 i-06d76d75c0502bed5 (eu-west-1)
X-Netflix.nfstatus: 1_1
X-Netflix.proxy.execution-time: 3
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Content-Encoding,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ae.nflximg.net
allow: GET, POST, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
date: Sat, 02 Mar 2024 01:34:30 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-b3-traceid: 65e28227dc472dba99ec00251934cc63
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 0
x-frame-options: DENY
x-request-id: e522fa22-310d-4bdc-80ac-06da3be3a001
x-xss-protection: 0

POST
H3 200 cl2 Show response
ancient-thunder-0448.chinnabhai944.workers.dev/personalization/ 421 KB
81 KB 467ms
466ms XHR
text/html 2606:4700:3033::6815:5845
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2

Requested by

Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.8532807bd86ea9d7f81f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5845 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a848ec68e538fef86bac8ac9b836eb834b84cd3f030731799ed9680d2ed64e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Request headers

Referer: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Netflix.Client.Request.Name: ui/cl
Content-Type: application/json

Response headers

date: Sat, 02 Mar 2024 01:34:31 GMT
via: 2 i-004d5740557f90710 (us-east-2)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-envoy-decorator-operation: lo_svc
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
x-b3-traceid: 65e282264b722449fabfa74e9478079e
content-encoding: br
x-netflix.proxy.execution-time: 211
x-envoy-upstream-service-time: 199
alt-svc: h3=":443"; ma=86400
x-netflix.zuul.netty.content.compressor.target: gzip
x-xss-protection: 1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport
x-request-id: 0768cc9d-7acd-4e40-a69d-e3a0a1bb21d1
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
server: cloudflare
x-netflix.nfstatus: 1_1
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBWm9tHULmUtOdE9YVy8rkt2eR3VNorlWHwxtniEb1x9Gcbhgzy2XH1LVtI3IzIf1eTqExOptYnCoDlZTi5fNM%2BTBno2SmUZ%2FNgtRlzP1xkdojGLHAF8gpZlaMM3m8x8VAZ6s2kYwnDmllecXfiDMDlBDgcqcmO512FRGAk2ZSzXmkUsfnaBkGmMXUXi"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
x-originating-url: http://www.netflix.com/
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
cf-ray: 85dda512aeed7298-EWR
x-robots-tag: index
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ancient-thunder-0448.chinnabhai944.workers.dev
URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/websitedetect?source=wwwhead&fetchtype=css&modalview=nmlanding Message: Refused to apply style from 'https://ancient-thunder-0448.chinnabhai944.workers.dev/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding' because its MIME type ('text/html') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://www.netflix.com/ichnaea/log/freeform/xssreport

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.nflximg.net
ancient-thunder-0448.chinnabhai944.workers.dev
assets.nflxext.com
cdn.cookielaw.org
geolocation.onetrust.com
ichnaea-web.netflix.com
occ-0-2706-2705.1.nflxso.net
www.netflix.com
ancient-thunder-0448.chinnabhai944.workers.dev
2606:4700:3033::6815:5845
2606:4700:4400::ac40:9b77
2606:4700::6812:82ec
2a00:86c0:2069:2069::172
2a00:86c0:2090::1
2a01:578:3::22f6:82af
2a02:26f0:480:9ae::33c4
2a05:d018:76c:b685:e8ab:afd3:af51:3aed
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
4390c9001cd92c3f99fb6b8b52a6954555481ed76703322aef3bb98f5d0462ec
46906a172b230be72a609fb98f3689e0baaa3292de25181121d75df0f84bf644
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049
4cee63a900843c8f205f8a52f1bd9362ae118f32d325054f384447f91f4b5f2e
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
619961cc5419607d2024e330d6c57c6574bf7610260fb43362fbbcc800854d5e
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6e43a8bb3f972ef0b96dc5e7b24340934646fb8932bda39a8feea67cbbe3e145
7a7570be5a88a0c79098619722da16cda1c4af7f5c969581c7c0459f29dc5669
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
8cc210a2d7cc9a86f7f1a882f377713fa0261ee7bb30794630ceb834a41bc80d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
99fc4b066b92ee3334d6e49a98d6fbd8195471df697a58df5436dc0b55271cf9
a848ec68e538fef86bac8ac9b836eb834b84cd3f030731799ed9680d2ed64e22
ab3b3f1c5c419cc52904a972ecdda71f7270196b884b06597ebe0590e0cd91bd
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
b6b3142e01691cf0b0cc08804a0c998582328cc7f83b142760d9358fdae6fa95
bcf36fe4e5ddd746faff3173d643fb713f0056a92b4b5e24462865f989c0bac9
bd2296e1c2632933c4cd53070cbfeab21bbcd26a364cc185ef4beebe85b4cfda
d18f313f2489ed91cd15cf94a1e5668b8b0da8318f593d980228000a1757702f
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d5155f3736b7dfbee207e532c2f9ad87850fa1f107661f33b78f874f26f8739a
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eea9de1cdc682d9ea1d1e395e35baa6e35a6d685664bd636e8bf2900158134d1
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112

ancient-thunder-0448.chinnabhai944.workers.dev Open in urlscan Pro 2606:4700:3033::6815:5845 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

2413 kBTransfer

6563 kBSize

0 Cookies

18 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ancient-thunder-0448.chinnabhai944.workers.dev Open in urlscan Pro
2606:4700:3033::6815:5845 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2413 kB
Transfer

6563 kB
Size

0
Cookies

36 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!