urlscan.io logo urlscan.io
SecurityTrails logo

www.disneyplus.com Open in urlscan Pro
2a02:26f0:6c00:2bf::37a5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-...
Effective URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-...
Submission Tags: falconsandbox
Submission: On August 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a02:26f0:6c00:2bf::37a5, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.disneyplus.com. The Cisco Umbrella rank of the primary domain is 18245.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 9th 2022. Valid for: a year.
This is the only time www.disneyplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.71.61.241 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 2600:9000:206... 16509 (AMAZON-02)
2 2600:9000:214... 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
2 162.247.241.14 23467 (NEWRELIC-...)
4 2600:9000:206... 16509 (AMAZON-02)
15 6
1    54.71.61.241 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-61-241.us-west-2.compute.amazonaws.com
disneyplus.com
1    2a02:26f0:6c00:2bf::37a5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.disneyplus.com
5    2600:9000:206f:4400:7:f6eb:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
prod-static.disney-plus.net
2    2600:9000:214f:fe00:18:8af8:7a00:93a1 (United States)

ASN16509 (AMAZON-02, US)
bam-sdk-configs.bamgrid.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
4    2600:9000:206f:a400:b:6449:33c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
disney.api.edge.bamgrid.com
Apex Domain
Subdomains		 Transfer
6 bamgrid.com
bam-sdk-configs.bamgrid.com — Cisco Umbrella Rank: 5076
disney.api.edge.bamgrid.com — Cisco Umbrella Rank: 7468
8 KB
5 disney-plus.net
prod-static.disney-plus.net — Cisco Umbrella Rank: 34076
2 MB
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 259
1 KB
2 disneyplus.com
disneyplus.com — Cisco Umbrella Rank: 11608
www.disneyplus.com — Cisco Umbrella Rank: 18245
540 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 365
13 KB
15 5
Domain Requested by
5 prod-static.disney-plus.net www.disneyplus.com
4 disney.api.edge.bamgrid.com www.disneyplus.com
2 bam.nr-data.net www.disneyplus.com
2 bam-sdk-configs.bamgrid.com www.disneyplus.com
1 js-agent.newrelic.com www.disneyplus.com
1 www.disneyplus.com
1 disneyplus.com 1 redirects
15 7

This site contains no links.

Subject Issuer Validity Valid
*.disneyplus.com
COMODO RSA Organization Validation Secure Server CA		 2022-02-09 -
2023-02-09		 a year crt.sh
*.disney-plus.net
COMODO RSA Organization Validation Secure Server CA		 2022-03-28 -
2023-03-28		 a year crt.sh
*.bamgrid.com
Amazon		 2022-05-27 -
2023-06-24		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh
*.api.edge.bamgrid.com
Amazon		 2022-01-28 -
2023-02-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Frame ID: 47518D863BDED5B86E1B6F6718B891F7
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Disney+ | Stream Disney, Marvel, Pixar, Star Wars, National Geographic, and more

Page URL History Show full URLs

  1. https://disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquis... HTTP 301
    https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquis... Page URL

Page Statistics

15
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

2288 kB
Transfer

14441 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA HTTP 301
    https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redeem
www.disneyplus.com/
Redirect Chain
  • https://disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
  • https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
6 MB
540 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::37a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=899
Connection
keep-alive Transfer-Encoding
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html; charset=utf-8
Date
Sat, 20 Aug 2022 05:34:17 GMT
Expect-CT
max-age=0
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.21.6
Strict-Transport-Security
max-age=15552000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
0

Redirect headers

Connection
Keep-Alive
Content-Length
378
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 20 Aug 2022 05:34:17 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Server
Apache/2.4.53 (Unix) OpenSSL/1.1.1n
styles.1913ff169eae1b6a5aee.css
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/ 		366 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/styles/styles.1913ff169eae1b6a5aee.css
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25cfd11010158f60364798b7213696410178070d2c409c6bf8ba70d8c0b2b67c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
dOgHnwWHqhmooOAC8r5pkV7tKnC82YkN
content-encoding
gzip
etag
W/"1111efa348ca7958f774e866271a91b7"
age
45560
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 12 Aug 2022 16:45:25 GMT
server
AmazonS3
date
Fri, 19 Aug 2022 16:54:58 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
8KoAnhLdsNj-2zBR64QqteBmPHxsyeulDbqgvj0mA3-uV_ogBlbGGA==
vendor.1e13ec232f00dce87253.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/ 		3 MB
808 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/vendor.1e13ec232f00dce87253.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ac306286ccfe3770bd852db7863a8606e720981b778535b497739d8cfcda52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 16:31:01 GMT
content-encoding
gzip
age
392597
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-version-id
UuZOEVSPFmWYHM1rNyeUnMiSgtXO4gpQ
last-modified
Fri, 12 Aug 2022 21:13:09 GMT
server
AmazonS3
etag
W/"ba1976956c5d6a5b5567c558a495c36b"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
9gmtwDjVN5vwlSdspO2UqakztXF_H8mPY_Z67x-6IUZtl7ceFlw6AQ==
app.ff579ce422abfadc431e.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/ 		5 MB
810 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/app.ff579ce422abfadc431e.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
353bff64c3efe6a24bb2328ac7945d3cab7c8a66d6f211a167cea964d417c2ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:10:47 GMT
content-encoding
gzip
age
311011
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-version-id
TGdaiAzGULyG.k3WlEU_rH12FChmEee9
last-modified
Tue, 16 Aug 2022 00:48:50 GMT
server
AmazonS3
etag
W/"558455b60e6185ec96387ceb33117bd5"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
YYi5kFzlymcZJiuCyxIhcrwRDnKeRN9HXyv7L0xhpcvhGcSW9TSnAg==
prod.json
bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/prod.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:18:8af8:7a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.disneyplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
access-control-max-age
3000
content-length
0
date
Sat, 20 Aug 2022 05:34:20 GMT
server
AmazonS3
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-id
Mu4qZDpaUWUAH6HAeIJinPs0Xy6oMpC41zS7et--ilgTsrV8KlDeBQ==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
conviva-core-sdk.5b57da9699813daa7bc2.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/ 		0
29 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/conviva-core-sdk.5b57da9699813daa7bc2.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
l_.nPcF_WYm8oGD8C2scEOrjSnKzWz2.
content-encoding
gzip
etag
W/"520280dec600a9b2491b5568361d9d6f"
age
89810
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 12 Aug 2022 03:39:50 GMT
server
AmazonS3
date
Fri, 19 Aug 2022 04:37:29 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
ffyz7a3iL-ES7mT1tIhXfw6xY_xbqUoqQH2uUI-lvQqJtoqdo0K6Og==
240.354e4d73f1f070ffbed5.js
prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://prod-static.disney-plus.net/eu-west-1/disneyPlus/app/build/disneyPlus/app/client/240.354e4d73f1f070ffbed5.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4400:7:f6eb:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
gooZj6DmHOrfhFVdcvOE.8jQypkULxrG
content-encoding
gzip
etag
W/"35d34bfde5a3e9a7c0e518ac25984ae0"
age
277023
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 10 Aug 2022 00:12:11 GMT
server
AmazonS3
date
Wed, 17 Aug 2022 00:37:16 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-C1
timing-allow-origin
*
x-amz-cf-id
9a0xT-OV1P1Q6wG4zW1c_uIfNEDvax2-qKCTx4B9sj88Xf6obDaqRA==
prod.json
bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/ 		69 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-sdk-configs.bamgrid.com/bam-sdk/v4.0/disney-svod-3d9324fc/browser/v16.1/windows/chrome/prod.json
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:18:8af8:7a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29d91f956c68a5ee307a3634375a57ddc9d3bf7d42ab930897f24f9fb9e40ab1

Request headers

accept
application/json
Referer
https://www.disneyplus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
application/json

Response headers

x-amz-version-id
n6_aIPzP_MUMEWxCAJYB4dc._24ZOFSD
content-encoding
gzip
etag
W/"86616ba3f75a3c5fc3d6a6069dc76ab0"
age
463
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
x-amz-meta-x-dataset-version
4.0.67
access-control-allow-origin
*
last-modified
Thu, 18 Aug 2022 17:03:08 GMT
server
AmazonS3
date
Sat, 20 Aug 2022 05:26:38 GMT
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
cache-control
max-age=600, no-transform, public
x-amz-meta-x-sha1
08d4491d4d5f0dde6ddde6d079fd2ca498032d5e
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
2ZIw88afo4wTF4I-0mb7tLPK5UlDAE2h10ib8X9RB5WAKXPLL7Q2Jg==
nr-spa-1099.min.js
js-agent.newrelic.com/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1099.min.js
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6be822a61f56042ca816c650cec77f6b988477a3cc1d7836c683d1cf7dd48bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"b5311dcfed22ad3dedbe1a711ede13d8"
x-amz-request-id
C183H1RB2VHMEKGN
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
12795
x-amz-id-2
CKLZAQLWqTDIAFj4rZmfERKA9B0vnkK+rfgdimd6ZsNPDMf2igHhmqv3b1SFMt8StU7c44A1bU4=
x-served-by
cache-hhn4065-HHN
last-modified
Tue, 02 Oct 2018 02:58:55 GMT
server
AmazonS3
x-timer
S1660973659.897886,VS0,VE0
date
Sat, 20 Aug 2022 05:34:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
89
870f1eea68
bam.nr-data.net/1/ 		57 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/870f1eea68?a=356494521&sa=1&v=1099.d27c17c&t=Unnamed%20Transaction&rst=2686&ref=https://www.disneyplus.com/redeem&be=1645&fe=2629&dc=2558&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1660973656220,%22n%22:0,%22f%22:1177,%22dn%22:1178,%22dne%22:1202,%22c%22:1202,%22s%22:1223,%22ce%22:1267,%22rq%22:1267,%22rp%22:1500,%22rpe%22:1602,%22dl%22:1511,%22di%22:1749,%22ds%22:2557,%22de%22:2557,%22dc%22:2627,%22l%22:2628,%22le%22:2629%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 05:34:19 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=iso-8859-1
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
73d8c2587c25691f-FRA
Expires
Thu, 01 Jan 1970 00:00:00 GMT
graphql
disney.api.edge.bamgrid.com/graph/v1/device/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a400:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
Access-Control-Request-Method
POST
Origin
https://www.disneyplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.disneyplus.com
access-control-expose-headers
x-request-id, x-bamtech-region
access-control-max-age
600
cache-control
public, max-age=3600
date
Sat, 20 Aug 2022 05:34:19 GMT
vary
origin,access-control-request-headers
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-id
JhzqfM6XsgA-7DtT9_nhWUPDj22AyzkN3uQXgUX71Va0FjY4xAWFvw==
x-amz-cf-pop
FRA56-C1
x-bamtech-region
eu-central-1
x-cache
Miss from cloudfront
x-request-id
b9ba0e5e84893cffde65a0470bdac4d0
graphql
disney.api.edge.bamgrid.com/graph/v1/device/ 		533 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a400:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61cb537cce5c1c340004db42d66a0e3dc9dde624276cf1f1c04df26326390aa4

Request headers

x-bamsdk-platform
javascript/windows/chrome
x-bamsdk-client-id
disney-svod-3d9324fc
x-application-version
1.1.2
accept-language
de-DE,de;q=0.9
authorization
ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84
x-bamsdk-platform-id
browser
content-type
application/json
x-bamsdk-version
16.1
accept
application/json
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-dss-edge-accept
vnd.dss.edge+json; version=2

Response headers

date
Sat, 20 Aug 2022 05:34:19 GMT
content-encoding
gzip
vary
origin, access-control-request-headers
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-bamtech-region
eu-central-1
x-request-id
a4625a214ce036b72d6ae81a921550ce
access-control-allow-origin
https://www.disneyplus.com
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
access-control-expose-headers
x-request-id, x-bamtech-region
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
9pqaBNLCp0FW58rw6wd56nJM9wY-pPfjYWPllCL_BjUu5k9-EqpGuQ==
graphql
disney.api.edge.bamgrid.com/graph/v1/device/ 		533 B
853 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a400:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
61cb537cce5c1c340004db42d66a0e3dc9dde624276cf1f1c04df26326390aa4

Request headers

x-bamsdk-platform
javascript/windows/chrome
x-bamsdk-client-id
disney-svod-3d9324fc
x-application-version
1.1.2
accept-language
de-DE,de;q=0.9
authorization
ZGlzbmV5JmJyb3dzZXImMS4wLjA.Cu56AgSfBTDag5NiRA81oLHkDZfu5L3CKadnefEAY84
x-bamsdk-platform-id
browser
content-type
application/json
x-bamsdk-version
16.1
accept
application/json
Referer
https://www.disneyplus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
x-dss-edge-accept
vnd.dss.edge+json; version=2

Response headers

date
Sat, 20 Aug 2022 05:34:19 GMT
content-encoding
gzip
vary
origin, access-control-request-headers
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-bamtech-region
eu-central-1
x-request-id
af7834dead32d3b60b224f6078e75d10
access-control-allow-origin
https://www.disneyplus.com
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
access-control-expose-headers
x-request-id, x-bamtech-region
cache-control
no-store
access-control-allow-credentials
true
x-amz-cf-id
1dSN2827FYMyztNxJy2HigWg4ZrRTdf03yAKe92srLEZ2eCrortFqQ==
graphql
disney.api.edge.bamgrid.com/graph/v1/device/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://disney.api.edge.bamgrid.com/graph/v1/device/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:a400:b:6449:33c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
Access-Control-Request-Method
POST
Origin
https://www.disneyplus.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-application-version,x-bamsdk-client-id,x-bamsdk-platform,x-bamsdk-platform-id,x-bamsdk-version,x-dss-edge-accept
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.disneyplus.com
access-control-expose-headers
x-request-id, x-bamtech-region
access-control-max-age
600
cache-control
public, max-age=3600
date
Sat, 20 Aug 2022 05:34:19 GMT
vary
origin,access-control-request-headers
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-cf-id
VlJeGvMiU3WMazyPerlhSD5v1MHMyfhnqhrkGukevWn3x5_s9OKpyQ==
x-amz-cf-pop
FRA56-C1
x-bamtech-region
eu-central-1
x-cache
Hit from cloudfront
x-request-id
b9ba0e5e84893cffde65a0470bdac4d0
870f1eea68
bam.nr-data.net/events/1/ 		24 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/870f1eea68?a=356494521&sa=1&v=1099.d27c17c&t=Unnamed%20Transaction&rst=3376&ref=https://www.disneyplus.com/redeem
Requested by
Host: www.disneyplus.com
URL: https://www.disneyplus.com/redeem?redemptionCode=O2-7E6PS57JBQUTKS53&cid=DSS-Partnership-O2-Site-Acquisition-DisneyPlus-GB-DisneyPlus-DisneyPlus-EN-ActivateLink-NA-NA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.disneyplus.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type
text/plain

Response headers

Date
Sat, 20 Aug 2022 05:34:19 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.disneyplus.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
CF-Ray
73d8c25c8fdb691f-FRA
Content-Length
24

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| server_path string| preferredLanguage object| NREUM object| newrelic function| __nr_require function| otLoad object| otcr object| OneTrust function| OptanonWrapper object| webpackChunk_solo_app function| setImmediate function| clearImmediate object| regeneratorRuntime object| btmShared object| scCGSHMRCache object| __SECRET_EMOTION__

1 Cookies

Domain/Path Name / Value
.nr-data.net/ Name: JSESSIONID
Value: 5fafec99bbb6137d

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0