URL: https://www.disneyplus.com/franchise/disney-xd
Submission: On August 21 via manual from GB — Scanned from GB

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2a02:26f0:6c00:2aa::37a5, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.disneyplus.com. The Cisco Umbrella rank of the primary domain is 18245.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 9th 2022. Valid for: a year.
This is the only time www.disneyplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 bamgrid.com
static-assets.bamgrid.com — Cisco Umbrella Rank: 32772
bam-sdk-configs.bamgrid.com — Cisco Umbrella Rank: 5076
disney.api.edge.bamgrid.com — Cisco Umbrella Rank: 7468
313 KB
7 disney-plus.net
prod-static.disney-plus.net — Cisco Umbrella Rank: 34076
prod-ripcut-delivery.disney-plus.net — Cisco Umbrella Rank: 11335
2 MB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 259
1 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 365
13 KB
1 disneyplus.com
www.disneyplus.com — Cisco Umbrella Rank: 18245
543 KB
20 5
Domain Requested by
5 prod-static.disney-plus.net www.disneyplus.com
4 disney.api.edge.bamgrid.com www.disneyplus.com
3 static-assets.bamgrid.com prod-static.disney-plus.net
2 bam.nr-data.net www.disneyplus.com
2 bam-sdk-configs.bamgrid.com www.disneyplus.com
2 prod-ripcut-delivery.disney-plus.net www.disneyplus.com
1 js-agent.newrelic.com www.disneyplus.com
1 www.disneyplus.com
20 8

This site contains no links.

Subject Issuer Validity Valid
*.disneyplus.com
COMODO RSA Organization Validation Secure Server CA
2022-02-09 -
2023-02-09
a year crt.sh
*.disney-plus.net
COMODO RSA Organization Validation Secure Server CA
2022-03-28 -
2023-03-28
a year crt.sh
*.bamgrid.com
Amazon
2022-07-28 -
2023-08-25
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2
2022-07-10 -
2023-08-11
a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2022-01-10 -
2023-02-10
a year crt.sh
*.api.edge.bamgrid.com
Amazon
2022-01-28 -
2023-02-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.disneyplus.com/franchise/disney-xd
Frame ID: D68A1266A87A4D15A1B83F76260F6E91
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Watch Disney XD | Disney+

Page Statistics

20
Requests

100 %
HTTPS

75 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

2791 kB
Transfer

14954 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request disney-xd
www.disneyplus.com/franchise/
6 MB
543 KB
Document
General
Full URL
https://www.disneyplus.com/franchise/disney-xd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2aa::37a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
public, max-age=900
Connection
keep-alive Transfer-Encoding
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Sun, 21 Aug 2022 15:26:22 GMT
Expect-CT
max-age=0
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.21.6
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0
styles.1913ff169eae1b6a5aee.css
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/
366 KB
75 KB
Stylesheet
General
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/styles.1913ff169eae1b6a5aee.css
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25cfd11010158f60364798b7213696410178070d2c409c6bf8ba70d8c0b2b67c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
dOgHnwWHqhmooOAC8r5pkV7tKnC82YkN
content-encoding
gzip
etag
W/"1111efa348ca7958f774e866271a91b7"
age
167485
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 12 Aug 2022 16:45:25 GMT
server
AmazonS3
date
Fri, 19 Aug 2022 16:54:58 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
ffQ7Ll_djzDMPYFsdsXVbAXKk57rYFZFcrdjpm3He4mXi-1UMF-jpA==
scale
prod-ripcut-delivery.disney-plus.net/v1/variant/disney/845A940A02ECFAEDC4D793825265BEF518885B38BFB77DB0BECE38179A9ED7DE/
133 KB
134 KB
Image
General
Full URL
https://prod-ripcut-delivery.disney-plus.net/v1/variant/disney/845A940A02ECFAEDC4D793825265BEF518885B38BFB77DB0BECE38179A9ED7DE/scale?width=2880&aspectRatio=1.78&format=jpeg
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:9000:14:6083:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c3aea179e762fa53f90087f4d8c7585103f461782ab2623cc92d92f55755ba48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 15:30:03 GMT
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
2073379
x-cache
Hit from cloudfront
x-bamtech-transaction-id
J3x3Gfb1HJ0XoQOUAFQRy4Zr
if-modified-since
Mon, 8 Nov 2021 22:34:35 GMT
content-length
136296
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
lastmodified
Mon, 8 Nov 2021 22:34:35 GMT
etag
"e30c26a1f9b4e15699f4b215bbef3ad0"
x-frame-options
DENY
content-type
image/jpeg
access-control-expose-headers
X-BAMTECH-ERROR, X-BAMTECH-TRANSACTION-ID
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
b6msO8hzWwl525Xd-gtNGT4RHwwT8V1HPKn8y9Co-vCGL6z_riG2dA==
scale
prod-ripcut-delivery.disney-plus.net/v1/variant/disney/CD4826FEC87B2F49DC854B8A74BDACD5AB6C21056C3833D1A0AC77158E76DA12/
61 KB
62 KB
Image
General
Full URL
https://prod-ripcut-delivery.disney-plus.net/v1/variant/disney/CD4826FEC87B2F49DC854B8A74BDACD5AB6C21056C3833D1A0AC77158E76DA12/scale?width=1200&aspectRatio=2.00&format=png
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:9000:14:6083:cf00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1b7d611ebb1cd9a295f014c06e37edc0f8cecae8ac07c5b505e743ed249f0598
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 19:40:13 GMT
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
age
1626369
x-cache
Hit from cloudfront
x-bamtech-transaction-id
PuGuGMIYJVq7KyS36mWdKuQ0
if-modified-since
Thu, 7 Jul 2022 07:31:47 GMT
content-length
62505
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
lastmodified
Thu, 7 Jul 2022 07:31:47 GMT
etag
"a02cfa9ccb777a8e3868bd32875da6c9"
x-frame-options
DENY
content-type
image/png
access-control-expose-headers
X-BAMTECH-ERROR, X-BAMTECH-TRANSACTION-ID
cache-control
max-age=2592000
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
C70J3aEYzRo8kPni9Y-LybUFU6pZ2HX-iFbuHJwl-xvttRj4TSo_2A==
logo.1a56f51c764022ee769c91d894d44326.svg
static-assets.bamgrid.com/product/disneyplus/images/
7 KB
3 KB
Image
General
Full URL
https://static-assets.bamgrid.com/product/disneyplus/images/logo.1a56f51c764022ee769c91d894d44326.svg
Requested by
Host: prod-static.disney-plus.net
URL: https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/styles.1913ff169eae1b6a5aee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:18:6870:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://prod-static.disney-plus.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
YPTD66MHLo.E5EUc_0mJWZurzU6yaErA
content-encoding
gzip
etag
W/"1a56f51c764022ee769c91d894d44326"
age
31025
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Jun 2022 22:07:51 GMT
server
AmazonS3
date
Sun, 21 Aug 2022 06:49:18 GMT
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
cache-control
max-age=-age
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
SVNB-aenWQ1XM1xeiPre9tD3lfD276_IPhpBYNnXSDSeL6MCJ-yefQ==
AvenirWorldforDisneyv2-Demi.c737f3bb45822159626cd7952dc1636e.woff2
static-assets.bamgrid.com/fonts/avenir-world-for-disney/
151 KB
152 KB
Font
General
Full URL
https://static-assets.bamgrid.com/fonts/avenir-world-for-disney/AvenirWorldforDisneyv2-Demi.c737f3bb45822159626cd7952dc1636e.woff2
Requested by
Host: prod-static.disney-plus.net
URL: https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/styles.1913ff169eae1b6a5aee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:18:6870:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a14ec79c05028b911ca02b07cedad83810236a18381d7453dc8d1f6711cfdda

Request headers

Referer
https://prod-static.disney-plus.net/
Origin
https://www.disneyplus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 18:33:44 GMT
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type
binary/octet-stream
age
5691159
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
154644
last-modified
Tue, 07 Jun 2022 19:29:35 GMT
server
AmazonS3
etag
"c737f3bb45822159626cd7952dc1636e"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
x-amz-version-id
hq9uZrOWlWp6z.UBPMTNFmnW9gn7eFaZ
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
oUdN-HTXYm-AiyK4ZmjHIurJJudzilDO4auA3WakGMhQwAoZLkjfxA==
AvenirWorldforDisneyv2.d63aa1080e072dcb10992153d5ebd496.woff2
static-assets.bamgrid.com/fonts/avenir-world-for-disney/
149 KB
149 KB
Font
General
Full URL
https://static-assets.bamgrid.com/fonts/avenir-world-for-disney/AvenirWorldforDisneyv2.d63aa1080e072dcb10992153d5ebd496.woff2
Requested by
Host: prod-static.disney-plus.net
URL: https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/styles.1913ff169eae1b6a5aee.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a600:18:6870:dd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bb1b579049fd1511cc4230d20c3f1349bd5875a783273f467e5d7ef1cbf4234

Request headers

Referer
https://prod-static.disney-plus.net/
Origin
https://www.disneyplus.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 18:33:44 GMT
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
content-type
binary/octet-stream
age
5691159
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
152200
last-modified
Tue, 07 Jun 2022 19:29:35 GMT
server
AmazonS3
etag
"d63aa1080e072dcb10992153d5ebd496"
access-control-max-age
3000
access-control-allow-methods
HEAD, GET
x-amz-version-id
TDdVyuaaH1IUy7vqy3MixAyRe13KLEmi
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZfjUw8gMxZsdAX5F98vy2W6mHGHvkJhKzmMo1fCOVjYMzjATxqOXHA==
vendor.1e13ec232f00dce87253.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/
3 MB
808 KB
Script
General
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/vendor.1e13ec232f00dce87253.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ac306286ccfe3770bd852db7863a8606e720981b778535b497739d8cfcda52a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:01 GMT
content-encoding
gzip
age
514522
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-version-id
UuZOEVSPFmWYHM1rNyeUnMiSgtXO4gpQ
last-modified
Fri, 12 Aug 2022 21:13:09 GMT
server
AmazonS3
etag
W/"ba1976956c5d6a5b5567c558a495c36b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
fWu_sbIY1H5hhOEAycs-_A_FTuK3oWewmEdhACPT2hMOPlpux3-ZJA==
app.ff579ce422abfadc431e.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/
5 MB
810 KB
Script
General
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/app.ff579ce422abfadc431e.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
353bff64c3efe6a24bb2328ac7945d3cab7c8a66d6f211a167cea964d417c2ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:10:47 GMT
content-encoding
gzip
age
432936
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-version-id
TGdaiAzGULyG.k3WlEU_rH12FChmEee9
last-modified
Tue, 16 Aug 2022 00:48:50 GMT
server
AmazonS3
etag
W/"558455b60e6185ec96387ceb33117bd5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
HWW8tyL50lhj9w6Pc0GCk3zRVsbuhm-mPIhjctIrkahPtqJb7jdYbQ==
prod.json
bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/
0
0
Preflight
General
Full URL
https://bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/prod.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b400:18:8af8:7a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.disneyplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
3000
content-length
0
date
Sun, 21 Aug 2022 15:26:25 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id
ptIpVxwRqhSj7pyFHNtvRzu-KA3sSJglzHB_E_CAx0HX_vdCTld4Zw==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
conviva-core-sdk.5b57da9699813daa7bc2.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/
0
29 KB
Other
General
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/conviva-core-sdk.5b57da9699813daa7bc2.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
l_.nPcF_WYm8oGD8C2scEOrjSnKzWz2.
content-encoding
gzip
etag
W/"520280dec600a9b2491b5568361d9d6f"
age
211735
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 12 Aug 2022 03:39:50 GMT
server
AmazonS3
date
Fri, 19 Aug 2022 04:37:29 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
iuuqcxja6Z_f4SN56ACJ309a7fJlCnaf48WIVD_NeD9Whw2fGsvavQ==
240.354e4d73f1f070ffbed5.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/
0
4 KB
Other
General
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/240.354e4d73f1f070ffbed5.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:2600:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
gooZj6DmHOrfhFVdcvOE.8jQypkULxrG
content-encoding
gzip
etag
W/"35d34bfde5a3e9a7c0e518ac25984ae0"
age
398948
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 10 Aug 2022 00:12:11 GMT
server
AmazonS3
date
Wed, 17 Aug 2022 00:37:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
gFBe_OxHqTYaeqL0ijLlM9IE2B2CUBYe5OmyiE46Blepf5zs6M6fPg==
prod.json
bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/
69 KB
7 KB
XHR
General
Full URL
https://bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/prod.json
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:b400:18:8af8:7a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29d91f956c68a5ee307a3634375a57ddc9d3bf7d42ab930897f24f9fb9e40ab1

Request headers

accept
application/json
Referer
https://www.disneyplus.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
application/json

Response headers

date
Sun, 21 Aug 2022 15:16:46 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
579
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-x-dataset-version
4.0.67
access-control-allow-origin
*
last-modified
Thu, 18 Aug 2022 17:03:08 GMT
server
AmazonS3
etag
W/"86616ba3f75a3c5fc3d6a6069dc76ab0"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
n6_aIPzP_MUMEWxCAJYB4dc._24ZOFSD
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control
max-age=600, no-transform, public
x-amz-meta-x-sha1
08d4491d4d5f0dde6ddde6d079fd2ca498032d5e
x-amz-cf-pop
FRA56-P5
content-type
application/json
x-amz-cf-id
VRq6oyzczV8Yr8VXvUgWe33lde9S83l30XpBVQougE-JSddWMLAWYQ==
nr-spa-1099.min.js
js-agent.newrelic.com/
33 KB
13 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1099.min.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6be822a61f56042ca816c650cec77f6b988477a3cc1d7836c683d1cf7dd48bc5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"b5311dcfed22ad3dedbe1a711ede13d8"
x-amz-request-id
QN7W94A84BRPTPXQ
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12795
x-amz-id-2
sWZuvrM//9aXnQEEBgtBu7B4ZpDDd9k5EKY+gz7xRIrgPp1qOX7z2OR2PThy5zP1Qq1ONOtPiMY=
x-served-by
cache-lcy19255-LCY
last-modified
Tue, 02 Oct 2018 02:58:55 GMT
server
AmazonS3
x-timer
S1661095584.741253,VS0,VE0
date
Sun, 21 Aug 2022 15:26:23 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
183
870f1eea68
bam.nr-data.net/1/
57 B
650 B
Script
General
Full URL
https://bam.nr-data.net/1/870f1eea68?a=356494521&sa=1&v=1099.d27c17c&t=Unnamed%20Transaction&rst=2245&ref=https://www.disneyplus.com/franchise/disney-xd&be=816&fe=2134&dc=2049&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1661095581518,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:88,%22c%22:88,%22s%22:129,%22ce%22:214,%22rq%22:214,%22rp%22:574,%22rpe%22:865,%22dl%22:576,%22di%22:969,%22ds%22:2049,%22de%22:2049,%22dc%22:2132,%22l%22:2133,%22le%22:2134%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sun, 21 Aug 2022 15:26:23 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=iso-8859-1
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
73e463070e4035e3-MAN
Expires
Thu, 01 Jan 1970 00:00:00 GMT
graphql
disney.api.edge.bamgrid.com/graph/v1/device/
0
0
Preflight
General
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8800:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
Access-Control-Request-Method
POST
Origin
https://www.disneyplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.disneyplus.com
access-control-expose-headers
x-request-id, x-bamtech-region
access-control-max-age
600
age
2474
cache-control
public, max-age=3600
date
Sun, 21 Aug 2022 14:45:10 GMT
vary
origin,access-control-request-headers
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-id
vt6nQTQ6XN4gyoEwD_gZGOhoGUeTOOCmL9x1RXoCW9kW8YnmngRvYw==
x-amz-cf-pop
VIE50-C1
x-bamtech-region
eu-central-1
x-cache
Hit from cloudfront
x-request-id
bf87c5c3f3ae76a78a4cf7eec3e3f99b
graphql
disney.api.edge.bamgrid.com/graph/v1/device/
533 B
855 B
XHR
General
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8800:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61cb537cce5c1c340004db42d66a0e3dc9dde624276cf1f1c04df26326390aa4

Request headers

x-bamsdk-platform
javascript/windows/chrome
x-bamsdk-client-id
disney-svod-3d9324fc
x-application-version
1.1.2
accept-language
en-GB,en;q=0.9
authorization
ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84
x-bamsdk-platform-id
browser
content-type
application/json
x-bamsdk-version
16.1
accept
application/json
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-dss-edge-accept
vnd.dss.edge+json; version=2

Response headers

date
Sun, 21 Aug 2022 15:26:24 GMT
content-encoding
gzip
vary
origin, access-control-request-headers
x-amz-cf-pop
VIE50-C1
x-cache
Miss from cloudfront
x-bamtech-region
eu-central-1
x-request-id
a93450c1a308280759d46db803ead31e
access-control-allow-origin
https://www.disneyplus.com
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
access-control-expose-headers
x-request-id, x-bamtech-region
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
HjLfpH9HHZxpCbPoIpIh0p1xXTRd9wZSTfE2fiNwAt42WToj8ka4Wg==
graphql
disney.api.edge.bamgrid.com/graph/v1/device/
533 B
855 B
XHR
General
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8800:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61cb537cce5c1c340004db42d66a0e3dc9dde624276cf1f1c04df26326390aa4

Request headers

x-bamsdk-platform
javascript/windows/chrome
x-bamsdk-client-id
disney-svod-3d9324fc
x-application-version
1.1.2
accept-language
en-GB,en;q=0.9
authorization
ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84
x-bamsdk-platform-id
browser
content-type
application/json
x-bamsdk-version
16.1
accept
application/json
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-dss-edge-accept
vnd.dss.edge+json; version=2

Response headers

date
Sun, 21 Aug 2022 15:26:24 GMT
content-encoding
gzip
vary
origin, access-control-request-headers
x-amz-cf-pop
VIE50-C1
x-cache
Miss from cloudfront
x-bamtech-region
eu-central-1
x-request-id
8dde4ee657f1dec97475d6fc98a322bd
access-control-allow-origin
https://www.disneyplus.com
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
access-control-expose-headers
x-request-id, x-bamtech-region
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
6wE-PI3r-pPk6iOe7OMpSTIFW-jGwIG196J6cxpw2Ur2WETcGtuM_g==
graphql
disney.api.edge.bamgrid.com/graph/v1/device/
0
0
Preflight
General
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:8800:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
Access-Control-Request-Method
POST
Origin
https://www.disneyplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.disneyplus.com
access-control-expose-headers
x-request-id, x-bamtech-region
access-control-max-age
600
age
2474
cache-control
public, max-age=3600
date
Sun, 21 Aug 2022 14:45:10 GMT
vary
origin,access-control-request-headers
via
1.1 aa98922692c099827cdae6a16b894744.cloudfront.net (CloudFront)
x-amz-cf-id
gnLNHXALcIYAwBqVlwDKEgOsrZWVaCjbONf9Mpw1kWz5WxaSMDG8Cw==
x-amz-cf-pop
VIE50-C1
x-bamtech-region
eu-central-1
x-cache
Hit from cloudfront
x-request-id
bf87c5c3f3ae76a78a4cf7eec3e3f99b
870f1eea68
bam.nr-data.net/events/1/
24 B
445 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/870f1eea68?a=356494521&sa=1&v=1099.d27c17c&t=Unnamed%20Transaction&rst=3198&ref=https://www.disneyplus.com/franchise/disney-xd
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/franchise/disney-xd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.disneyplus.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 21 Aug 2022 15:26:24 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.disneyplus.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
73e4630c8bf735e3-MAN
Content-Length
24

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| server_path string| preferredLanguage object| NREUM object| newrelic function| __nr_require function| otLoad object| otcr object| OneTrust function| OptanonWrapper object| webpackChunk_solo_app function| setImmediate function| clearImmediate object| regeneratorRuntime object| btmShared object| scCGSHMRCache object| __SECRET_EMOTION__

1 Cookies

Domain/Path Name / Value
.nr-data.net/ Name: JSESSIONID
Value: a61494f6f082aecc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-sdk-configs.bamgrid.com
bam.nr-data.net
disney.api.edge.bamgrid.com
js-agent.newrelic.com
prod-ripcut-delivery.disney-plus.net
prod-static.disney-plus.net
static-assets.bamgrid.com
www.disneyplus.com
151.101.194.137
162.247.241.14
2600:9000:206e:8800:b:6449:33c0:93a1
2600:9000:206f:2600:7:f6eb:b280:93a1
2600:9000:206f:a600:18:6870:dd80:93a1
2600:9000:223f:b400:18:8af8:7a00:93a1
2600:9000:2240:9000:14:6083:cf00:93a1
2a02:26f0:6c00:2aa::37a5
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1b7d611ebb1cd9a295f014c06e37edc0f8cecae8ac07c5b505e743ed249f0598
25cfd11010158f60364798b7213696410178070d2c409c6bf8ba70d8c0b2b67c
29d91f956c68a5ee307a3634375a57ddc9d3bf7d42ab930897f24f9fb9e40ab1
353bff64c3efe6a24bb2328ac7945d3cab7c8a66d6f211a167cea964d417c2ef
3ac306286ccfe3770bd852db7863a8606e720981b778535b497739d8cfcda52a
4a14ec79c05028b911ca02b07cedad83810236a18381d7453dc8d1f6711cfdda
4bb1b579049fd1511cc4230d20c3f1349bd5875a783273f467e5d7ef1cbf4234
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
61cb537cce5c1c340004db42d66a0e3dc9dde624276cf1f1c04df26326390aa4
6a7eb353b38a935a0ec168fb6429a2705ee9a9b5003831787f8fa66b6a6b3554
6be822a61f56042ca816c650cec77f6b988477a3cc1d7836c683d1cf7dd48bc5
c3aea179e762fa53f90087f4d8c7585103f461782ab2623cc92d92f55755ba48
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855