xflix-69c66.web.app Open in urlscan Pro
199.36.158.100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xflix-69c66.web.app/
Effective URL:
https://xflix-69c66.web.app/
Submission: On April 02 via api (April 2nd 2023, 8:05:23 am UTC) from US — Scanned from US

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 23 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is xflix-69c66.web.app.
TLS certificate: Issued by GTS CA 1D4 on March 6th 2023. Valid for: 3 months.

This is the only time xflix-69c66.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	199.36.158.100 199.36.158.100	54113 (FASTLY) (FASTLY)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.35.93.22 13.35.93.22	16509 (AMAZON-02) (AMAZON-02)
6	45.57.91.1 45.57.91.1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	45.57.62.152 45.57.62.152	2906 (AS-SSI) (AS-SSI)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	18.160.10.111 18.160.10.111	16509 (AMAZON-02) (AMAZON-02)
1	44.235.178.34 44.235.178.34	16509 (AMAZON-02) (AMAZON-02)
23	8

5 199.36.158.100 (United States)

ASN54113 (FASTLY, US)

xflix-69c66.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.93.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-22.jfk50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.57.91.1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.57.62.152 (United States)

ASN2906 (AS-SSI, US)
PTR: ipv4-c023-was001-ix.1.oca.nflxvideo.net

occ-0-2430-2433.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.160.10.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-111.iad12.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.235.178.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-178-34.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1244 q.stripe.com — Cisco Umbrella Rank: 7928 m.stripe.com — Cisco Umbrella Rank: 1249	114 KB
6	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 3919	1 MB
5	web.app xflix-69c66.web.app	286 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1316	16 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	88 KB
1	nflxso.net occ-0-2430-2433.1.nflxso.net — Cisco Umbrella Rank: 67997	258 KB
23	6

	Domain	Requested by
6	assets.nflxext.com	xflix-69c66.web.app
5	xflix-69c66.web.app	xflix-69c66.web.app
3	q.stripe.com	xflix-69c66.web.app
3	js.stripe.com	xflix-69c66.web.app js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdnjs.cloudflare.com	xflix-69c66.web.app cdnjs.cloudflare.com
1	m.stripe.com	m.stripe.network
1	occ-0-2430-2433.1.nflxso.net	xflix-69c66.web.app
23	8

This site contains no links.

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2023-03-06` - `2023-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2023-03-15` - `2023-04-19`	a month	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://xflix-69c66.web.app/
Frame ID: 452C57CD7E09092EF0241D11DFC51CDA
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 474B375BA05E7B23FF074DBC5A390B07
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 81D36CE2634F56BF12CABC48BB55C88E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XFlix - Watch TV Shows Online, Watch Movies Online

Page URL History Show full URLs

http://xflix-69c66.web.app/ HTTP 307
https://xflix-69c66.web.app/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1799 kB
Transfer

3193 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xflix-69c66.web.app/ HTTP 307
https://xflix-69c66.web.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xflix-69c66.web.app/
Redirect Chain

http://xflix-69c66.web.app/
https://xflix-69c66.web.app/

3 KB
1 KB

525ms
174ms

Document
text/html

199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xflix-69c66.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b5deb7e9d22f2609422e1cba96066a0cd91984ce16f8aca584c9872c49900470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=3600
content-encoding: br
content-length: 1030
content-type: text/html; charset=utf-8
date: Sun, 02 Apr 2023 08:05:12 GMT
etag: "5cef3d7fadaae92d83092ac3531533087a5a786ef8a1e6acfc13c55bf44daaa1-br"
last-modified: Mon, 19 Jul 2021 15:17:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-ewr18176-EWR
x-timer: S1680422712.966464,VS0,VE170

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://xflix-69c66.web.app/
Non-Authoritative-Reason: HSTS

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 326ms
10ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 08:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2036845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10480
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF0uW1kCdDe78gIuvPG%2FhPdpl%2FHZ4naL1CVx4kOe53re%2Fyl2ONJMqag4xGsh5eHwRoCqJMBwHY0AcPbCWfC2cA01SKSmkwY5eQwN%2BGZXcRQO%2FPQw%2FvFrZbanLYPlFm%2FBQ7CuUxat"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b1790c0ea424301-EWR
expires: Fri, 22 Mar 2024 08:05:12 GMT

GET
H2 200 main.5eba8bbb.chunk.css
xflix-69c66.web.app/static/css/ 10 KB
2 KB 210ms
206ms Stylesheet
text/css 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xflix-69c66.web.app/static/css/main.5eba8bbb.chunk.css

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8f19099b258b4e90c2062bfc50d4af898d2e6d94e96a7d16c7b9a46650ce07cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-ewr18176-EWR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 02 Apr 2023 08:05:12 GMT
last-modified: Mon, 19 Jul 2021 15:17:37 GMT
x-timer: S1680422712.153285,VS0,VE193
etag: "a54d82b48684cff8cdbeedcf3db78d24b19e921dfb723cad4a9cad5f281b0914-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2297
x-cache-hits: 0

GET
H2 200 2.0f20da51.chunk.js Show response
xflix-69c66.web.app/static/js/ 1 MB
276 KB 8ms
5ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xflix-69c66.web.app/static/js/2.0f20da51.chunk.js

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f2b2d0a6cfc1be5d4cff0b1052f6770b7ccf26770c2da8d93ed64acb4b54670f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-ewr18176-EWR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 02 Apr 2023 08:05:12 GMT
last-modified: Mon, 19 Jul 2021 15:17:37 GMT
x-timer: S1680422712.153263,VS0,VE0
etag: "20e770d8f7dae19e16a62cd30b3c12bdbf9107e8742413a811ebed21c4b5a54f-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 282708
x-cache-hits: 4

GET
H2 200 main.993c988d.chunk.js Show response
xflix-69c66.web.app/static/js/ 23 KB
6 KB 107ms
104ms Script
text/javascript 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://xflix-69c66.web.app/static/js/main.993c988d.chunk.js

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2b9c9dac35048e76af71083e6f400f5bd6c623f31b7bfb3016cf7942f71c203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-ewr18176-EWR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 02 Apr 2023 08:05:12 GMT
last-modified: Mon, 19 Jul 2021 15:17:37 GMT
x-timer: S1680422712.153379,VS0,VE93
etag: "6ce28370a3ec7340611c31e6d80a2a9368b3a1e5a42b000d2a854844b05f4941-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5668
x-cache-hits: 0

GET
H2 200 v3 Show response
js.stripe.com/ 455 KB
110 KB 86ms
6ms Script
text/javascript 13.35.93.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/static/js/2.0f20da51.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-22.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6cad0a595dc73b74a172fdf83c134930fd739bde1e82da40ea4f37bb3b1635d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 02 Apr 2023 08:04:46 GMT
via: 1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 28
x-cache: Hit from cloudfront
last-modified: Fri, 31 Mar 2023 20:31:29 GMT
server: Cloudfront
etag: W/"304520dbb761a4f6e912020a8e2696d8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 8UY_UxcIu4dYG0e_A417xwpu9Azaf5bUoiN8ufz4VYh_y27KSXjEIw==

GET
H2 200 xflix_2.svg
xflix-69c66.web.app/images/ 2 KB
756 B 220ms
187ms Image
image/svg+xml 199.36.158.100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xflix-69c66.web.app/images/xflix_2.svg

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.36.158.100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c8c6c3a00438cd031e897b3ec0149023c40b91ba6d232b8ed1fb60731d357413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-ewr18176-EWR
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 02 Apr 2023 08:05:12 GMT
last-modified: Mon, 19 Jul 2021 15:17:37 GMT
x-timer: S1680422713.614865,VS0,VE186
etag: "cb3f1429072e060438a913004ecb74325b451f907d3feddf1ff65c02ca673aa5-br"
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 630
x-cache-hits: 0

GET
H/1.1 200
OK US-en-20210607-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/c0a32732-b033-43b3-be2a-8fee037a6146/4b723240-7bae-4ffe-96d0-91fba08c69ee/ 318 KB
318 KB 450ms
104ms Image
image/jpeg 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/c0a32732-b033-43b3-be2a-8fee037a6146/4b723240-7bae-4ffe-96d0-91fba08c69ee/US-en-20210607-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8cb2249f74823bcbcb559c7a169b09c751e49dd434fbbbed4149a2afd9a10ea7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 08:05:13 GMT
Last-Modified: Wed, 09 Jun 2021 14:32:58 GMT
Server: nginx
Content-MD5: MbdYJ51kfSJLJZI2w4usog==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 325476
Expires: Sun, 09 Apr 2023 08:05:14 GMT

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 354ms
9ms Image
image/png 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 08:05:12 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Sun, 09 Apr 2023 08:05:13 GMT

GET
H/1.1 200
OK mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 48 KB
49 KB 353ms
8ms Image
image/jpeg 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 08:05:12 GMT
Last-Modified: Wed, 14 Aug 2019 17:59:05 GMT
Server: nginx
Content-MD5: pIMz1DwZYS7WGYf6Xb/zxQ==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49614
Expires: Sun, 09 Apr 2023 08:05:13 GMT

GET
H/1.1 200
OK device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 355ms
10ms Image
image/png 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 08:05:12 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Sun, 09 Apr 2023 08:05:13 GMT

GET
H/1.1 200
OK AAAABdFTpLmANuJpYneLq8L5m7CunMCi8e8Nl4y7xaPVWzG3IeoDoq17egTQAthApKg_4sdRWdwuR8KadWu1frjL3JQImpwq.png
occ-0-2430-2433.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ 257 KB
258 KB 367ms
12ms Image
image/png 45.57.62.152
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://occ-0-2430-2433.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/AAAABdFTpLmANuJpYneLq8L5m7CunMCi8e8Nl4y7xaPVWzG3IeoDoq17egTQAthApKg_4sdRWdwuR8KadWu1frjL3JQImpwq.png?r=fcd
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.62.152 , United States, ASN2906 (AS-SSI, US),
Reverse DNS: ipv4-c023-was001-ix.1.oca.nflxvideo.net
Software: nginx /
Resource Hash: 5490a053ec522ddcfa287cc67cdb5e97c38d1abefeb04245a70065df9a6da661

Request headers

accept-language: en-US,en;q=0.9
Referer: https://xflix-69c66.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sun, 02 Apr 2023 08:05:12 GMT
Last-Modified: Sun, 05 Jun 2022 11:32:59 GMT
Server: nginx
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "09b8f5526853dc86cb5bb59541a06d4a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public, s-maxage=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 263461

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 333ms
11ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://xflix-69c66.web.app
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 08:05:12 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 855883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5iX8hYTF4bEDgGBdIlFSrKtE6Wi6VhCngWf6moU9yzeLqI8AVVBDMi8JfF%2Bulxu2uJbSXQKOKEoyTUxTP%2FHuj6nwXRLViBjzjHgZVchatENpA9BQaTmlscOqtKvPzlI6qmdBUrj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b1790c3c898432e-EWR
expires: Fri, 22 Mar 2024 08:05:12 GMT

GET
H/1.1 206
Partial Content video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 264 KB
264 KB 272ms
5ms Media
video/x-m4v 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049

Request headers

Referer: https://xflix-69c66.web.app/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 02 Apr 2023 08:05:12 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: PLEtt8Zyszc1AGSApFXscg==
Content-Type: video/x-m4v
Content-Range: bytes 0-270045/270046
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 270046
Expires: Sun, 09 Apr 2023 08:05:13 GMT

GET
H/1.1 206
Partial Content video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 260 KB
260 KB 278ms
9ms Media
video/x-m4v 45.57.91.1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by: Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.91.1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71

Request headers

Referer: https://xflix-69c66.web.app/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 02 Apr 2023 08:05:12 GMT
Last-Modified: Wed, 09 Jan 2019 20:47:49 GMT
Server: nginx
Content-MD5: PlXFYgWonIWf7QBa4XKfqg==
Content-Type: video/x-m4v
Content-Range: bytes 0-266159/266160
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 266160
Expires: Sun, 09 Apr 2023 08:05:13 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 474B 200 B
1 KB 12ms
10ms Document
text/html 13.35.93.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-22.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xflix-69c66.web.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2156
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 02 Apr 2023 07:29:21 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 28 Mar 2023 20:14:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-id: xauCsl8NeOUeiwHLoaPLBQDtHhNkiVh6kKMqglmc_GYrCKRHgVnyrw==
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 474B 0
640 B 387ms
92ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 02 Apr 2023 08:05:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680422713446919
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 474B 0
641 B 382ms
88ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 02 Apr 2023 08:05:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1680422713446938
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 474B 631 B
1 KB 7ms
6ms Script
text/javascript 13.35.93.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-93-22.jfk50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 02 Apr 2023 07:29:21 GMT
x-content-type-options: nosniff
via: 1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 2154
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 31 Mar 2023 20:02:36 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -AN_mdBZvMhp52IXDtwayh5jeQRp3zyJG8U8X0c5xCRbGmN2c0zVCg==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 81D3 930 B
2 KB 64ms
20ms Document
text/html 18.160.10.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-111.iad12.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 245
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 02 Apr 2023 08:01:09 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-cf-id: znZzGaIOGAyQq7INuym6j7thWRZH71OpQHsDbYlgv_JUGUUYlZxnuQ==
x-amz-cf-pop: IAD12-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 81D3 0
414 B 263ms
93ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: xflix-69c66.web.app
URL: https://xflix-69c66.web.app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Sun, 02 Apr 2023 08:05:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1680422713446950
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 81D3 86 KB
14 KB 13ms
12ms Script
text/javascript 18.160.10.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-111.iad12.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 02 Apr 2023 08:02:32 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 164
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: nvFr3SP8sgoKkjt7IGz5Vo-F2wL0szLVXj3Zrt2D1GlTDaEfUo8v5Q==

POST
H2 200 6 Show response
m.stripe.com/ Frame 81D3 156 B
668 B 296ms
91ms XHR
application/json 44.235.178.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.235.178.34 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-235-178-34.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

be90990d24168236147fb72e1af247dba68d954ca2cc03b97ceb7762a60a89db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 02 Apr 2023 08:05:13 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1680422713781650
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1680422713781214
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-20 20:23:02	Name: m Value: c3058fbc-69a5-4aa6-90dc-4f697e806270f64b52
.xflix-69c66.web.app/	1970-01-20 19:32:38	Name: __stripe_mid Value: f6a6f6c0-85bb-4238-ba2b-fbe2a69cdecfa9a9fe
.xflix-69c66.web.app/	1970-01-20 10:47:04	Name: __stripe_sid Value: 04a0f1a4-c2de-4c7e-9a86-65c1e518eabd86dbb2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
cdnjs.cloudflare.com
js.stripe.com
m.stripe.com
m.stripe.network
occ-0-2430-2433.1.nflxso.net
q.stripe.com
xflix-69c66.web.app
104.17.25.14
13.35.93.22
18.160.10.111
199.36.158.100
44.235.178.34
45.57.62.152
45.57.91.1
54.187.119.242
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049
5490a053ec522ddcfa287cc67cdb5e97c38d1abefeb04245a70065df9a6da661
6cad0a595dc73b74a172fdf83c134930fd739bde1e82da40ea4f37bb3b1635d0
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
8cb2249f74823bcbcb559c7a169b09c751e49dd434fbbbed4149a2afd9a10ea7
8f19099b258b4e90c2062bfc50d4af898d2e6d94e96a7d16c7b9a46650ce07cd
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b5deb7e9d22f2609422e1cba96066a0cd91984ce16f8aca584c9872c49900470
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
be90990d24168236147fb72e1af247dba68d954ca2cc03b97ceb7762a60a89db
c8c6c3a00438cd031e897b3ec0149023c40b91ba6d232b8ed1fb60731d357413
d2b9c9dac35048e76af71083e6f400f5bd6c623f31b7bfb3016cf7942f71c203
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2b2d0a6cfc1be5d4cff0b1052f6770b7ccf26770c2da8d93ed64acb4b54670f
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

xflix-69c66.web.app Open in urlscan Pro 199.36.158.100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

8 IPs

2 Countries

1799 kBTransfer

3193 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

xflix-69c66.web.app Open in urlscan Pro
199.36.158.100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

1799 kB
Transfer

3193 kB
Size

3
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!