netflix-clone-2a427.firebaseapp.com Open in urlscan Pro
2620:0:890::100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://netflix-clone-2a427.firebaseapp.com/
Effective URL:
https://netflix-clone-2a427.firebaseapp.com/
Submission: On February 05 via api (February 5th 2024, 6:52:24 am UTC) from BY — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is netflix-clone-2a427.firebaseapp.com.
TLS certificate: Issued by GTS CA 1D4 on January 17th 2024. Valid for: 3 months.

This is the only time netflix-clone-2a427.firebaseapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	2600:9000:25a... 2600:9000:25a2:da00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:50c0:800... 2606:50c0:8001::154	54113 (FASTLY) (FASTLY)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	44.238.119.32 44.238.119.32	16509 (AMAZON-02) (AMAZON-02)
14	6

4 2620:0:890::100 (United States) 1 redirects

ASN54113 (FASTLY, US)

netflix-clone-2a427.firebaseapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:da00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.119.32 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-119-32.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	167 KB
4	firebaseapp.com 1 redirects netflix-clone-2a427.firebaseapp.com	202 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4387	305 KB
1	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3705	18 KB
14	5

	Domain	Requested by
4	netflix-clone-2a427.firebaseapp.com	1 redirects netflix-clone-2a427.firebaseapp.com
3	q.stripe.com	netflix-clone-2a427.firebaseapp.com
3	js.stripe.com	netflix-clone-2a427.firebaseapp.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	m.stripe.com	m.stripe.network
1	raw.githubusercontent.com	netflix-clone-2a427.firebaseapp.com
1	images.ctfassets.net	netflix-clone-2a427.firebaseapp.com
14	7

This site contains no links.

Subject Issuer	Validity	Valid
firebaseapp.com GTS CA 1D4	`2024-01-17` - `2024-04-16`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
images.ctfassets.net Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://netflix-clone-2a427.firebaseapp.com/
Frame ID: 6DED313D264A6465D646A5E7141A51F2
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8FE4F53CC66A31D5AB10862CFC033AC6
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CD742DE48D64A614253CF1B4DF4ADDD1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix-clone

Page URL History Show full URLs

http://netflix-clone-2a427.firebaseapp.com/ HTTP 301
https://netflix-clone-2a427.firebaseapp.com/ Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

708 kB
Transfer

1914 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://netflix-clone-2a427.firebaseapp.com/ HTTP 301
https://netflix-clone-2a427.firebaseapp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
netflix-clone-2a427.firebaseapp.com/
Redirect Chain

http://netflix-clone-2a427.firebaseapp.com/
https://netflix-clone-2a427.firebaseapp.com/

648 B
619 B

312ms
194ms

Document
text/html

2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-clone-2a427.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4b88d885e0db8cce86077cc9e50b1ec340220081f526916151fbbae0f4f3cab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 251
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 06:52:18 GMT
etag: "9b827ebac45d7a9fc431847fc21d79dd92adca810d49babce1ddf44aa0905080-br"
last-modified: Fri, 15 Sep 2023 01:42:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-sof1510037-SOF
x-timer: S1707115938.431680,VS0,VE135

Redirect headers

Accept-Ranges: bytes
Connection: close
Content-Length: 0
Date: Mon, 05 Feb 2024 06:52:18 GMT
Location: https://netflix-clone-2a427.firebaseapp.com/
Retry-After: 0
Server: Varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Served-By: cache-sof1510034-SOF
X-Timer: S1707115938.255080,VS0,VE0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

GET
H2 200 main.ed6f4bb2.js Show response
netflix-clone-2a427.firebaseapp.com/static/js/ 911 KB
200 KB 351ms
350ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-clone-2a427.firebaseapp.com/static/js/main.ed6f4bb2.js

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d68460a24766aea8036b972d7be0b3f2922efe03f078dcd35ed68473267a783d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-clone-2a427.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sof1510037-SOF
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Mon, 05 Feb 2024 06:52:18 GMT
last-modified: Fri, 15 Sep 2023 01:42:17 GMT
x-timer: S1707115939.628209,VS0,VE288
etag: "4fb9e91789e58a2a0c2f3dc9d24798ab5fe5c9c8bbb8c83451d395f4109d29a7-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 204232
x-cache-hits: 0

GET
H2 200 main.e42046f7.css
netflix-clone-2a427.firebaseapp.com/static/css/ 5 KB
1 KB 210ms
210ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://netflix-clone-2a427.firebaseapp.com/static/css/main.e42046f7.css

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e74ab279abe1ec3aba99fe044aecb19d80ab92fddce8f20b39c3f9a6abe1d4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-clone-2a427.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-served-by: cache-sof1510037-SOF
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Mon, 05 Feb 2024 06:52:18 GMT
last-modified: Fri, 15 Sep 2023 01:42:17 GMT
x-timer: S1707115939.628226,VS0,VE151
etag: "1212cfd1da3bc47434946c108461548c5147d45a6f1f9bdd10c266525db03cf9-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1350
x-cache-hits: 0

GET
H2 200 v3 Show response
js.stripe.com/ 587 KB
163 KB 129ms
39ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/static/js/main.ed6f4bb2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

466ae3288a2b125b1425bf26ebeb027b06e5fb7f710a9dc989aecf5d6a6b36db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-clone-2a427.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 06:52:19 GMT
via: 1.1 varnish
age: 54
x-cache: HIT
content-length: 166610
x-request-id: bfdba5c7-edf7-4514-bf5e-04b958b14e9c
x-served-by: cache-fra-etou8220036-FRA
last-modified: Fri, 02 Feb 2024 21:40:10 GMT
server: Fastly
etag: "f1ae5b8d9ed757397eb18b9b308d5912"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 Netflix-Brand-Logo.png
images.ctfassets.net/4cd45et68cgf/7LrExJ6PAj6MSIPkDyCO86/542b1dfabbf3959908f69be546879952/ 17 KB
18 KB 166ms
50ms Image
image/png 2600:9000:25a2:da00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/4cd45et68cgf/7LrExJ6PAj6MSIPkDyCO86/542b1dfabbf3959908f69be546879952/Netflix-Brand-Logo.png?w=700&h=456
Requested by: Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:da00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c60f5da7d1685352e329f7306330e9ea1a71fac3cd3dd9b86018084b58b40d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-clone-2a427.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 08:09:17 GMT
via: 1.1 c7311454ce938e04f3523616a5b033da.cloudfront.net (CloudFront)
last-modified: Wed, 24 Jan 2024 09:29:01 GMT
server: Contentful Images API
x-amz-cf-pop: ZRH55-P1
age: 81782
etag: "f36207b68fdbc77038cc3fe1556bf934"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 17831
x-amz-cf-id: ISmQ5HTeusM3zcohs9z29V-nrCkv5IS2wTWj67042ka6WZCSh-QIuQ==

GET
H2 200 banner.jpg
raw.githubusercontent.com/thatanjan/netflix-clone-yt/youtube/media/ 305 KB
305 KB 394ms
274ms Image
image/jpeg 2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/thatanjan/netflix-clone-yt/youtube/media/banner.jpg

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/static/css/main.e42046f7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37fd233e1b2da84360558f8b18404c8114b8bf1d1420d9265e1226b5d946942b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflix-clone-2a427.firebaseapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id: eafc61e3fbb23f529e9aff84a6a5cc555edfcd60
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 06:52:19 GMT
via: 1.1 varnish
x-cache-hits: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 312081
x-xss-protection: 1; mode=block
x-served-by: cache-sof1510033-SOF
x-github-request-id: 3F6A:391920:E03272:EAB6F1:65C085A0
x-timer: S1707115939.305537,VS0,VE213
etag: W/"769dbc6d9e3b3f95eeb1ac5c2e6fd8d7968341488f35ef569c7593703ed0e889"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Mon, 05 Feb 2024 06:57:19 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 8FE4 200 B
817 B 39ms
39ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netflix-clone-2a427.firebaseapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5272826
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 06:52:19 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 308957
x-content-type-options: nosniff
x-request-id: e16711c6-5e4e-4e17-90a8-fabe6d86dae6
x-served-by: cache-fra-etou8220036-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8FE4 526 B
450 B 39ms
39ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 05 Feb 2024 06:52:19 GMT
via: 1.1 varnish
age: 5193846
x-cache: HIT
content-length: 315
x-request-id: e55f641e-ae93-42e6-a105-9bc039a0c92c
x-served-by: cache-fra-etou8220036-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 294163

POST
H2 200 csp-report
q.stripe.com/ Frame 8FE4 0
717 B 657ms
214ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Feb 2024 06:52:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707115940337259
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707115940336714
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8FE4 0
718 B 654ms
211ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Feb 2024 06:52:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707115940337004
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707115940336540
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CD74 930 B
1 KB 39ms
39ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 05 Feb 2024 06:52:19 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 102
x-content-type-options: nosniff
x-request-id: 05e6f6ac-3694-440b-b87c-6964f58dc003
x-served-by: cache-fra-etou8220036-FRA
x-timer: S1707115940.839391,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame CD74 0
491 B 575ms
212ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: netflix-clone-2a427.firebaseapp.com
URL: https://netflix-clone-2a427.firebaseapp.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 05 Feb 2024 06:52:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707115940337198
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1707115940336624
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame CD74 87 KB
15 KB 42ms
42ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 05 Feb 2024 06:52:19 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 74
x-cache: HIT
content-length: 15509
x-request-id: 09c19463-d4ec-4ace-bc3e-d295890710aa
x-served-by: cache-fra-etou8220036-FRA
server: Fastly
x-timer: S1707115940.884293,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 40

POST
H2 200 6 Show response
m.stripe.com/ Frame CD74 156 B
669 B 650ms
216ms XHR
application/json 44.238.119.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.119.32 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-119-32.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e6d9e1a716cd183919279fda16583f0d17f646e2563e2b671dd4389a9f3e5fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 05 Feb 2024 06:52:20 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707115940489789
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1707115940489546
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkStripeJSouter function| noop function| Stripe

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-21 03:47:55	Name: m Value: 6e2dbdc1-6f02-4337-9e11-af70a212946a43d9a5
.netflix-clone-2a427.firebaseapp.com/	1970-01-21 02:57:31	Name: __stripe_mid Value: 023f74f2-5d41-43e1-bb91-22a471555a07bb2f4d
.netflix-clone-2a427.firebaseapp.com/	1970-01-20 18:11:57	Name: __stripe_sid Value: c7d05a7c-c281-4b30-96f1-05f1771c46eb5b236a

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://netflix-clone-2a427.firebaseapp.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

images.ctfassets.net
js.stripe.com
m.stripe.com
m.stripe.network
netflix-clone-2a427.firebaseapp.com
q.stripe.com
raw.githubusercontent.com
151.101.192.176
2600:9000:25a2:da00:12:94b3:c380:93a1
2606:50c0:8001::154
2620:0:890::100
44.238.119.32
54.186.23.98
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37fd233e1b2da84360558f8b18404c8114b8bf1d1420d9265e1226b5d946942b
466ae3288a2b125b1425bf26ebeb027b06e5fb7f710a9dc989aecf5d6a6b36db
4b88d885e0db8cce86077cc9e50b1ec340220081f526916151fbbae0f4f3cab4
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c60f5da7d1685352e329f7306330e9ea1a71fac3cd3dd9b86018084b58b40d36
d68460a24766aea8036b972d7be0b3f2922efe03f078dcd35ed68473267a783d
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d9e1a716cd183919279fda16583f0d17f646e2563e2b671dd4389a9f3e5fa6
e74ab279abe1ec3aba99fe044aecb19d80ab92fddce8f20b39c3f9a6abe1d4cb

netflix-clone-2a427.firebaseapp.com Open in urlscan Pro 2620:0:890::100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

5 Domains

7 Subdomains

6 IPs

1 Countries

708 kBTransfer

1914 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

2 Console Messages

Security Headers

Indicators

netflix-clone-2a427.firebaseapp.com Open in urlscan Pro
2620:0:890::100 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

708 kB
Transfer

1914 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions