linalablonde.github.io Open in urlscan Pro
185.199.110.153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://linalablonde.github.io/Serber55/
Submission: On August 17 via api (August 17th 2023, 3:29:42 pm UTC) from US — Scanned from US

Summary HTTP 47 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 47 HTTP transactions. The main IP is 185.199.110.153, located in United States and belongs to FASTLY, US. The main domain is linalablonde.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.

This is the only time linalablonde.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
8	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
14	45.57.90.1 45.57.90.1	2906 (AS-SSI) (AS-SSI)
10	104.18.169.114 104.18.169.114	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.22.197.127 195.22.197.127	6762 (SEABONE-N...) (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A.)
1	104.18.29.38 104.18.29.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	184.24.37.176 184.24.37.176	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.237.226.164 54.237.226.164	14618 (AMAZON-AES) (AMAZON-AES)
2	34.233.255.32 34.233.255.32	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.13.200 172.217.13.200	15169 (GOOGLE) (GOOGLE)
2	31.13.71.36 31.13.71.36	32934 (FACEBOOK) (FACEBOOK)
1 2	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
1	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
2	142.250.81.228 142.250.81.228	15169 (GOOGLE) (GOOGLE)
47	13

8 185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

linalablonde.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 45.57.90.1 (United States)

ASN2906 (AS-SSI, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.169.114 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.22.197.127 (Italy)

ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT)
PTR: netflix.palermo6.pal.seabone.net

occ-0-4609-784.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.29.38 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.24.37.176 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-37-176.deploy.static.akamaitechnologies.com

ae.nflximg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.226.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-226-164.compute-1.amazonaws.com

www.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.255.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-255-32.compute-1.amazonaws.com

ichnaea-web.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.13.200 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.162 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.81.228 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 4094	2 MB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 406	158 KB
8	github.io linalablonde.github.io	92 KB
4	netflix.com www.netflix.com — Cisco Umbrella Rank: 2151 ichnaea-web.netflix.com — Cisco Umbrella Rank: 3115	2 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3	563 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	3 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	216 B
2	nflximg.net ae.nflximg.net — Cisco Umbrella Rank: 24168	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 157	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	71 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 785	309 B
1	nflxso.net occ-0-4609-784.1.nflxso.net	263 KB
47	12

	Domain	Requested by
14	assets.nflxext.com	linalablonde.github.io assets.nflxext.com
10	cdn.cookielaw.org	linalablonde.github.io cdn.cookielaw.org
8	linalablonde.github.io	linalablonde.github.io assets.nflxext.com
2	www.google.com	ae.nflximg.net
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	www.facebook.com	ae.nflximg.net
2	ichnaea-web.netflix.com	ae.nflximg.net
2	www.netflix.com	ae.nflximg.net
2	ae.nflximg.net	assets.nflxext.com ae.nflximg.net
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	ae.nflximg.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	occ-0-4609-784.1.nflxso.net	linalablonde.github.io
47	13

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
media.netflix.com
ir.netflix.com
jobs.netflix.com
fast.com
www.netflix.com
optout.aboutads.info
www.onetrust.com

Subject Issuer	Validity	Valid
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2023-08-16` - `2023-09-18`	a month	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
assets.nflxext.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-23` - `2024-02-23`	a year	crt.sh
www.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-14` - `2024-01-14`	a year	crt.sh
ichnaea-web.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-09` - `2024-02-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-26` - `2023-08-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://linalablonde.github.io/Serber55/
Frame ID: 00C42F0CCB812EE3E27CA14C3134AC3F
Requests: 34 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Frame ID: 01AE6FC3BC72AC82AF014AD5A6AFFF09
Requests: 2 HTTP requests in this frame

Frame: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Frame ID: E2F98DACA26207C4F5200F9BA54B586F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix Algeria - Watch TV Shows Online, Watch Movies OnlineBack ButtonFilter Button

Detected technologies

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

47
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

2227 kB
Transfer

4272 kB
Size

2
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://help.netflix.com/contactus
Title: Questions? Contact us.

Search URL Search Domain Scan URL

URL: https://help.netflix.com/support/412
Title: FAQ

Search URL Search Domain Scan URL

URL: https://help.netflix.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://media.netflix.com/
Title: Media Center

Search URL Search Domain Scan URL

URL: http://ir.netflix.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://jobs.netflix.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/corpinfo
Title: Corporate Information

Search URL Search Domain Scan URL

URL: https://fast.com/
Title: Speed Test

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/notices
Title: Legal Notices

Search URL Search Domain Scan URL

URL: https://www.netflix.com/dz-en/browse/genre/839338
Title: Only on Netflix

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy#cookies
Title: Cookies and Internet Advertising

Search URL Search Domain Scan URL

URL: https://optout.aboutads.info/
Title: here.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1818100147&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=66105674.1692286176&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=4DzeZM_GFvCyoPMPk52_iAk&sscte=1&crd=&pscrd=EktDaEFJOElyM3BnWVFqZTJEOTZLQnNmeFVFaVFBemZhYlNHRUtFOXBuZ0pjNFlVeHN4VGdOSXUxWGNXcWVCNV9jQmlJS0g1bm1vQTQaVkNoQUk4SXIzcGdZUXNJYTE3NGlXa180TEVpd0FnMUgtUEpGQU9UR2FmVHQ0OWpmYWR2Tm1ZZkU5T1VMblpXRXNPTDFJc0VBVlloX3o0RVZFN3IzaWp3IhMIz7aao4HkgAMVcBloCB2Tzg-R HTTP 302
https://www.google.com/pagead/1p-conversion/981179826/?random=1818100147&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=66105674.1692286176&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOElyM3BnWVFqZTJEOTZLQnNmeFVFaVFBemZhYlNHRUtFOXBuZ0pjNFlVeHN4VGdOSXUxWGNXcWVCNV9jQmlJS0g1bm1vQTQaVkNoQUk4SXIzcGdZUXNJYTE3NGlXa180TEVpd0FnMUgtUEpGQU9UR2FmVHQ0OWpmYWR2Tm1ZZkU5T1VMblpXRXNPTDFJc0VBVlloX3o0RVZFN3IzaWp3IhMIz7aao4HkgAMVcBloCB2Tzg-R&is_vtc=1&ocp_id=4DzeZM_GFvCyoPMPk52_iAk&random=2189648182

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
linalablonde.github.io/Serber55/ 414 KB
80 KB 365ms
29ms Document
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

6c08cbd389827486400b0a5418598e119e3200a355ef689210b2b614e089e5ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 81898
content-type: text/html; charset=utf-8
date: Thu, 17 Aug 2023 15:29:33 GMT
etag: W/"6314d034-67997"
expires: Thu, 17 Aug 2023 15:39:33 GMT
last-modified: Sun, 04 Sep 2022 16:20:04 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 3a3e179a3a0697b678dc293123426d3a08866099
x-github-request-id: 9434:1213:EF7EAB:16367B7:64DE3CDD
x-proxy-cache: MISS
x-served-by: cache-lga21937-LGA
x-timer: S1692286174.717943,VS0,VE25

GET
H/1.1 200
OK nmhpFrameworkClient.js.f967a31b35dd1700fb24.js Show response
assets.nflxext.com/web/ffe/wp/signup/nmhp/ 1 MB
365 KB 721ms
401ms Script
application/javascript 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.f967a31b35dd1700fb24.js
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 48bff5066a4a5bae88b47078e01244abf6f146b2ff944b7b15cce61dfeef8859

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 12:34:21 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H2 404 WebsiteDetect
linalablonde.github.io/personalization/cl2/freeform/ 0
0 19ms
18ms Stylesheet
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linalablonde.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding

Requested by

Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/Serber55/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: b42a6c1e73220d9d1d034651de60e32de5e2015b
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
via: 1.1 varnish
date: Thu, 17 Aug 2023 15:29:33 GMT
age: 0
x-cache: MISS
content-length: 5142
x-served-by: cache-lga21937-LGA
server: GitHub.com
x-github-request-id: F58E:365E:E10DC1:154F755:64DE3CDC
x-timer: S1692286174.762419,VS0,VE14
etag: W/"64bb3710-239b"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 363ms
21ms Script
application/javascript 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 72671
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Mon, 14 Aug 2023 19:30:13 GMT
server: cloudflare
etag: 0x8DB9CFCE1B0A3F4
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c10ab92e-c01e-0030-25e8-ce874c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f40c2ebb2360-EWR

GET
H/1.1 200
OK error-page.b4d75d715f60a9ee1887.css
assets.nflxext.com/web/ffe/wp/less/core/ 17 KB
5 KB 321ms
4ms Stylesheet
text/css 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: c50d81f310847f9dd5c054871180b211c7f4a9eccbb42ee95f9574880b56ef73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2022 12:33:06 GMT
Server: nginx
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4422
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK nmhp.0ccfc1cf3aabf12e1187.css
assets.nflxext.com/web/ffe/wp/less/signup/nmhp/ 85 KB
14 KB 329ms
11ms Stylesheet
text/css 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.0ccfc1cf3aabf12e1187.css
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 18bb1e0630d2fc9e9a71b93d745302fe6cc1957570d2b815f3883b61ec1193a7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Aug 2022 12:33:39 GMT
Server: nginx
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 14323
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK DZ-en-20220829-popsignuptwoweeks-perspective_alpha_website_large.jpg
assets.nflxext.com/ffe/siteui/vlv3/908077b4-cf0a-43c3-b2c9-435fb990299b/bb2e2e79-d8ad-45b9-9ed5-d47639dae3da/ 307 KB
307 KB 290ms
290ms Image
image/jpeg 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/vlv3/908077b4-cf0a-43c3-b2c9-435fb990299b/bb2e2e79-d8ad-45b9-9ed5-d47639dae3da/DZ-en-20220829-popsignuptwoweeks-perspective_alpha_website_large.jpg
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 975bdc4a69e124729e285ccd19ad69912c2949f034c08b6c2ab5e6c8b7ac2f89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 31 Aug 2022 13:00:04 GMT
Server: nginx
Content-MD5: vvw5tFsjk+BWO2ethzHnWA==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 314334
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 11 KB
11 KB 4ms
3ms Image
image/png 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/tv.png
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 14 Nov 2018 18:20:41 GMT
Server: nginx
Content-MD5: d5lKZzJ7qVff2IDjOpHwQQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11418
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 48 KB
49 KB 7ms
3ms Image
image/jpeg 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/mobile-0819.jpg
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 14 Aug 2019 17:59:05 GMT
Server: nginx
Content-MD5: pIMz1DwZYS7WGYf6Xb/zxQ==
Content-Type: image/jpeg
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49614
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 20 KB
20 KB 14ms
3ms Image
image/png 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/boxshot.png
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 14 Nov 2018 18:48:14 GMT
Server: nginx
Content-MD5: WH4EDyAll5IJSQHKlzlmng==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20506
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 134 KB
134 KB 17ms
3ms Image
image/png 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/device-pile.png
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 23 Jan 2019 00:35:07 GMT
Server: nginx
Content-MD5: Cz2CFJPVdI2CnIUrvW0pLQ==
Content-Type: image/png
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137040
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK AAAABfpnX3dbgjZ-Je8Ax3xn0kXehZm_5L6-xe6YSTq_ucht9TI5jwDMqusWZKNYT8DfGudD0_wWVVTFLiN2_kaQJumz2iivUWbIbAtF.png
occ-0-4609-784.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/ 263 KB
263 KB 764ms
115ms Image
image/png 195.22.197.127
SEABONE-NET TELEC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://occ-0-4609-784.1.nflxso.net/dnm/api/v6/19OhWN2dO19C9txTON9tvTFtefw/AAAABfpnX3dbgjZ-Je8Ax3xn0kXehZm_5L6-xe6YSTq_ucht9TI5jwDMqusWZKNYT8DfGudD0_wWVVTFLiN2_kaQJumz2iivUWbIbAtF.png?r=11f
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.22.197.127 , Italy, ASN6762 (SEABONE-NET TELECOM ITALIA SPARKLE S.p.A., IT),
Reverse DNS: netflix.palermo6.pal.seabone.net
Software: nginx /
Resource Hash: 50803a486b17eb4696683745a65ccbaa85392cb97c4f773ddee4dda8d694a42e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 20 Jul 2022 22:34:04 GMT
Server: nginx
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "3da9bb52f0be925ec4f2d172af4ffe11"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31104000, public, s-maxage=604800
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 269111

GET
H2 404 WebsiteDetect Show response
linalablonde.github.io/personalization/cl2/freeform/ 9 KB
5 KB 10ms
9ms XHR
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linalablonde.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=nmLanding

Requested by

Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/Serber55/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: e0228c79418c90b0105444e2b2d755bcf6dd5578
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
via: 1.1 varnish
date: Thu, 17 Aug 2023 15:29:33 GMT
age: 0
x-cache: HIT
content-length: 5142
x-served-by: cache-lga21937-LGA
server: GitHub.com
x-github-request-id: F58E:365E:E10DC1:154F755:64DE3CDC
x-timer: S1692286174.802373,VS0,VE1
etag: W/"64bb3710-239b"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 1

GET
H2 404 WebsiteScreen Show response
linalablonde.github.io/personalization/cl2/freeform/ 9 KB
5 KB 16ms
16ms XHR
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://linalablonde.github.io/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1

Requested by

Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.110.153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-110-153.github.com

Software

GitHub.com /

Resource Hash

70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/Serber55/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: 952e04b46e6865e4cedf038e8848d74ef2477174
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
via: 1.1 varnish
date: Thu, 17 Aug 2023 15:29:33 GMT
age: 0
x-cache: MISS
content-length: 5142
x-served-by: cache-lga21937-LGA
server: GitHub.com
x-github-request-id: 601E:4A4B:ED8CCA:1617116:64DE3CDC
x-timer: S1692286174.802361,VS0,VE13
etag: W/"64bb3710-239b"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 87b6a5c0-0104-4e96-a291-092c11350111.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/ 6 KB
2 KB 329ms
18ms XHR
application/x-javascript 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecb112320fcafeadf6431ba74ee7bec43f6b7662267644073b962fa467824053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 76389
content-md5: hsjW1naAyzgxptGqrP9Eqw==
content-length: 1891
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 15:17:47 GMT
server: cloudflare
etag: 0x8DB9E6BF2B043FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f1786559-301e-0034-2b56-d00a4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f40e4c45c33f-EWR
expires: Fri, 18 Aug 2023 15:29:34 GMT

GET
H/1.1 206
Partial Content video-tv-0819.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 264 KB
264 KB 3ms
3ms Media
video/x-m4v 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-tv-0819.m4v
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049

Request headers

Referer: https://linalablonde.github.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Mon, 12 Aug 2019 20:49:12 GMT
Server: nginx
Content-MD5: PLEtt8Zyszc1AGSApFXscg==
Content-Type: video/x-m4v
Content-Range: bytes 0-270045/270046
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 270046
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 206
Partial Content video-devices.m4v
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 260 KB
260 KB 66ms
6ms Media
video/x-m4v 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/video-devices.m4v
Requested by: Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71

Request headers

Referer: https://linalablonde.github.io/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Wed, 09 Jan 2019 20:47:49 GMT
Server: nginx
Content-MD5: PlXFYgWonIWf7QBa4XKfqg==
Content-Type: video/x-m4v
Content-Range: bytes 0-266159/266160
Cache-Control: max-age=604801
Connection: keep-alive
Content-Length: 266160
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK download-icon.gif
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ 22 KB
22 KB 69ms
3ms Image
image/gif 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/download-icon.gif
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.0ccfc1cf3aabf12e1187.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.0ccfc1cf3aabf12e1187.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Mon, 12 Nov 2018 22:40:57 GMT
Server: nginx
Content-MD5: 3Ty3jbeMPgoTybd+4Z3u5g==
Content-Type: image/gif
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22171
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 72 KB
72 KB 321ms
4ms Font
font/woff 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.0ccfc1cf3aabf12e1187.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

Referer: https://assets.nflxext.com/web/ffe/wp/less/signup/nmhp/nmhp.0ccfc1cf3aabf12e1187.css
Origin: https://linalablonde.github.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Server: nginx
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73572
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 71 B
309 B 541ms
85ms XHR
application/json 104.18.29.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://linalablonde.github.io/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 15:29:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7f82f4117a2114fa-LAX
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 52 KB
52 KB 8ms
8ms Font
font/woff2 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

Referer: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
Origin: https://linalablonde.github.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Server: nginx
Content-MD5: C/MXfx/tbZUxeCIfukPH6A==
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Server-Timing: ak_p; desc="1686155488133_1611050926_59250288_8_436_14_0_-";dur=1
Accept-Ranges: bytes
Content-Length: 53304
Expires: Thu, 24 Aug 2023 15:29:35 GMT

GET
H/1.1 200
OK NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 53 KB
53 KB 3ms
3ms Font
font/woff2 45.57.90.1
AS-SSI

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.57.90.1 , United States, ASN2906 (AS-SSI, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

Request headers

Referer: https://assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
Origin: https://linalablonde.github.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Thu, 17 Aug 2023 15:29:34 GMT
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Server: nginx
Content-MD5: 6naZIbDPpPxtTRouCx+l/w==
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53940
Expires: Thu, 24 Aug 2023 15:29:35 GMT

POST
H2 405 log Show response
linalablonde.github.io/personalization/ 131 B
254 B 4ms
4ms XHR
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://linalablonde.github.io/personalization/log
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.f967a31b35dd1700fb24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: Varnish /
Resource Hash: db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

X-Netflix.ichnaea.request.type: UiRequest
Referer: https://linalablonde.github.io/Serber55/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-fastly-request-id: 87f46575605787ac991bae1e30d780d4cd35cc72
date: Thu, 17 Aug 2023 15:29:34 GMT
via: 1.1 varnish
x-cache-hits: 0
server: Varnish
x-timer: S1692286175.979931,VS0,VE1
x-cache: MISS
accept-ranges: bytes
content-length: 131
retry-after: 0
x-served-by: cache-lga21937-LGA

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/ 395 KB
94 KB 16ms
15ms Script
application/javascript 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: TPatHKMti4L8TVrK0PWkxg==
age: 72412
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 96303
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:35 GMT
server: cloudflare
etag: 0x8DB14866ADAA84A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2d40d1e3-301e-0137-62e1-5a321c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f411e9762360-EWR

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/f804b842-a4bb-40d3-82d5-0b1a503881bb/ 58 KB
15 KB 25ms
25ms Fetch
application/x-javascript 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/87b6a5c0-0104-4e96-a291-092c11350111/f804b842-a4bb-40d3-82d5-0b1a503881bb/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07187a25c0d3c4149f7957f0a964e8713cfe7ad070628a61e1ce29796475710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7776
content-md5: y3PXszjdyND9ZSoA4SegUA==
content-length: 15382
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 15:17:52 GMT
server: cloudflare
etag: 0x8DB9E6BF5C637B3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3c2b5bb0-e01e-0055-37ef-d02908000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f4122f21c33f-EWR
expires: Fri, 18 Aug 2023 15:29:35 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 13 KB
3 KB 13ms
12ms Fetch
application/json 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JRquOrwnT+1fACynxEiZlA==
age: 71715
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:28 GMT
server: cloudflare
etag: 0x8DB148666B3B223
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a612bdbf-401e-00a8-4f8b-cca72d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f4126f43c33f-EWR

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/ 62 KB
13 KB 14ms
14ms Fetch
application/json 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/v2/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 5x5OTvRos5JBKPa+Qbpqxg==
age: 71715
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13354
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:30 GMT
server: cloudflare
etag: 0x8DB148668308060
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: b747a26c-401e-00b4-130e-82d4e4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f4126f44c33f-EWR

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.1.0/assets/ 21 KB
4 KB 13ms
13ms Fetch
text/css 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 71715
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0e65d23a-501e-0023-26e6-5ab72d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f82f4126f45c33f-EWR

GET
H/1.1 200
OK adtech_iframe_target_05.html Show response
ae.nflximg.net/monet/scripts/ Frame 01AE 4 KB
2 KB 432ms
21ms Document
text/html 184.24.37.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.f967a31b35dd1700fb24.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.37.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-37-176.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 46906a172b230be72a609fb98f3689e0baaa3292de25181121d75df0f84bf644

Request headers

Referer: https://linalablonde.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1504
Content-MD5: wAdYtW1y2pnz8A4F9t+2hg==
Content-Type: text/html
Date: Thu, 17 Aug 2023 15:29:35 GMT
ETag: "c00758b56d72da99f3f00e05f6dfb686:1667228899.15889"
Last-Modified: Mon, 31 Oct 2022 15:08:11 GMT
Server: AkamaiNetStorage
Timing-Allow-Origin: *
Vary: Accept-Encoding

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 14ms
13ms Fetch
image/svg+xml 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202301.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 32675
x-ms-lease-status: unlocked
last-modified: Thu, 17 Aug 2023 03:26:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 53044c98-f01e-0082-1dca-d0783d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f82f4141886c33f-EWR

GET
H2 200 Netflix_Logo_PMS.png
cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/ 16 KB
16 KB 28ms
27ms Image
application/octet-stream 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/dd6b162f-1a32-456a-9cfe-897231c7763c/4345ea78-053c-46d2-b11e-09adaef973dc/Netflix_Logo_PMS.png

Requested by

Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3MQJRwmi3BSvKIhEVW/5tw==
age: 78546
content-length: 16386
x-ms-lease-status: unlocked
last-modified: Mon, 18 May 2020 21:10:31 GMT
server: cloudflare
etag: 0x8D7FB6FE5CFC000
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 81274765-401e-0155-16e1-5a75c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f82f4142a7a2360-EWR

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 17ms
15ms Image
image/svg+xml 104.18.169.114
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: linalablonde.github.io
URL: https://linalablonde.github.io/Serber55/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.169.114 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://linalablonde.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 17 Aug 2023 15:29:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 70528
x-ms-lease-status: unlocked
last-modified: Wed, 16 Aug 2023 04:03:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 65085d7d-301e-000b-7c6c-d0c2e8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f82f4142a7b2360-EWR

POST
H2 200 log Show response
www.netflix.com/ichnaea/ Frame 01AE 0
1 KB 352ms
20ms XHR
text/plain 54.237.226.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.237.226.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-226-164.compute-1.amazonaws.com

Software

singleingestcritical-secure 67e296e8-e6ad-441d-b2e8-9dcd9af859cb /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Aug 2023 15:29:35 GMT
x-envoy-decorator-operation: lo_svc_http
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 2 i-0716ea2a01402c28d (us-east-1)
x-b3-traceid: fce3bb85c991b2c1
x-netflix.proxy.execution-time: 8
x-envoy-upstream-service-time: 1
content-length: 0
x-xss-protection: 1; mode=block
x-request-id: 7396585d-2eba-45f6-98af-2cda1025d807
pragma: no-cache
server: singleingestcritical-secure 67e296e8-e6ad-441d-b2e8-9dcd9af859cb
x-netflix.nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
x-originating-url: http://www.netflix.com/ichnaea/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-frame-options: DENY
x-ichnaea: ~0=true~RL=0
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

OPTIONS
H2 200 log
www.netflix.com/ichnaea/ Frame 0
0 374ms
16ms Preflight 54.237.226.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netflix.com/ichnaea/log

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.237.226.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-226-164.compute-1.amazonaws.com

Software

singleingestcritical-secure 4808c277-ad63-409a-b3db-551fdde293d1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://ae.nflximg.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ae.nflximg.net
allow: GET, POST, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 17 Aug 2023 15:29:35 GMT
expires: 0
pragma: no-cache
server: singleingestcritical-secure 4808c277-ad63-409a-b3db-551fdde293d1
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 2 i-0781af46e26eaad13 (us-east-1)
x-b3-traceid: f7f0e7600ec5d9af
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 0
x-frame-options: DENY
x-netflix.nfstatus: 1_1
x-netflix.proxy.execution-time: 5
x-originating-url: http://www.netflix.com/ichnaea/log
x-request-id: faa7c8d4-22ed-4346-a629-248713341028
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK netflix_tag_05.html Show response
ae.nflximg.net/monet/scripts/ Frame E2F9 11 KB
4 KB 20ms
20ms Document
text/html 184.24.37.176
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Requested by: Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/adtech_iframe_target_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.37.176 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-37-176.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 62daee3865c94dc5f2119831c09d923a66afd1cc88165e9612f1c660865d7cef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3129
Content-MD5: w4/fwZs1bIBv0V2BkHK5NQ==
Content-Type: text/html
Date: Thu, 17 Aug 2023 15:29:35 GMT
ETag: "c38fdfc19b356c806fd15d819072b935:1689888202.95902"
Last-Modified: Thu, 20 Jul 2023 21:23:16 GMT
Server: AkamaiNetStorage
Timing-Allow-Origin: *
Vary: Accept-Encoding

OPTIONS
H/1.1 200
OK log
ichnaea-web.netflix.com/ Frame 0
0 391ms
16ms Preflight 34.233.255.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.255.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-255-32.compute-1.amazonaws.com

Software

singleingestcritical-secure 8787eb68-1b71-4d1e-8040-f23b5ca00a2c /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://ae.nflximg.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Server: singleingestcritical-secure 8787eb68-1b71-4d1e-8040-f23b5ca00a2c
Via: 1.1 i-04a4abecb88a3c560 (us-east-1)
X-Netflix.nfstatus: 1_1
X-Netflix.proxy.execution-time: 5
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ae.nflximg.net
allow: GET, POST, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
date: Thu, 17 Aug 2023 15:29:35 GMT
expires: 0
pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-b3-traceid: 7e34f6c0d54796ac
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-http2-stream-id: 2363
x-request-id: 01472931-c2d5-487f-9586-19b72827ae21
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK log Show response
ichnaea-web.netflix.com/ Frame E2F9 0
1 KB 347ms
16ms XHR
text/plain 34.233.255.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22DZ%22%2C%22region_code%22%3A%2216%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0005%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.255.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-255-32.compute-1.amazonaws.com

Software

singleingestcritical-secure 27cc08fc-ca1e-40ef-9417-cd48bd9351e7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer: https://ae.nflximg.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 17 Aug 2023 15:29:36 GMT
Via: 1.1 i-0846867d4b0f073d1 (us-east-1)
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-b3-traceid: c1a9ef1c41ccdfcb
X-Netflix.proxy.execution-time: 6
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 0
x-xss-protection: 1; mode=block
x-request-id: a2ab8938-2cd0-4aff-804b-7a45234f1d8f
x-http2-stream-id: 6147
pragma: no-cache
Server: singleingestcritical-secure 27cc08fc-ca1e-40ef-9417-cd48bd9351e7
X-Netflix.nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-frame-options: DENY
x-ichnaea: ~0=true~RL=0
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E2F9 199 KB
71 KB 409ms
45ms Script
application/javascript 172.217.13.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-981179826

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9106141293846b719561378b301a4a6e4d97bd59ba1adc4c528c704b4823fbea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 15:29:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72300
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Aug 2023 15:29:36 GMT

GET
H2 200 tr
www.facebook.com/ Frame E2F9 0
185 B 328ms
4ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1313278799538375&ev=Purchase&eid=&dl=Netflix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 17 Aug 2023 15:29:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tr
www.facebook.com/ Frame E2F9 0
31 B 328ms
5ms Image
text/plain 31.13.71.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=829253787145710&ev=NM_landing&dl=https://netflix.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 17 Aug 2023 15:29:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/ Frame E2F9 3 KB
2 KB 958ms
606ms Script
text/javascript 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1692286176293&cv=11&fst=1692286176293&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&hn=www.googleadservices.com&frm=2&auid=66105674.1692286176&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981179826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ab94be896f5d14499df59563ed0912684918c9809be7166e7949333be994c9bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 15:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1445
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/981179826/ Frame E2F9 3 KB
2 KB 56ms
23ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/981179826/?random=1692286176315&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=66105674.1692286176&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-981179826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Newark, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

9473b8ffe09efd723582d276d474bb40e5980e7ab3313611589389341f635412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 15:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1690
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/981179826/ Frame E2F9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981179826/?random=1818100147&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.n...
https://www.google.com/pagead/1p-conversion/981179826/?random=1818100147&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2F...

42 B
455 B

355ms
30ms

Image
image/gif

142.250.81.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/981179826/?random=1818100147&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=66105674.1692286176&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOElyM3BnWVFqZTJEOTZLQnNmeFVFaVFBemZhYlNHRUtFOXBuZ0pjNFlVeHN4VGdOSXUxWGNXcWVCNV9jQmlJS0g1bm1vQTQaVkNoQUk4SXIzcGdZUXNJYTE3NGlXa180TEVpd0FnMUgtUEpGQU9UR2FmVHQ0OWpmYWR2Tm1ZZkU5T1VMblpXRXNPTDFJc0VBVlloX3o0RVZFN3IzaWp3IhMIz7aao4HkgAMVcBloCB2Tzg-R&is_vtc=1&ocp_id=4DzeZM_GFvCyoPMPk52_iAk&random=2189648182

Requested by

Protocol

Server

142.250.81.228 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 15:29:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 17 Aug 2023 15:29:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/981179826/?random=1818100147&cv=11&fst=1692286176315&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&label=40zWCLqP1XUQsrvu0wM&hn=www.googleadservices.com&frm=2&gtm_ee=1&auid=66105674.1692286176&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EktDaEFJOElyM3BnWVFqZTJEOTZLQnNmeFVFaVFBemZhYlNHRUtFOXBuZ0pjNFlVeHN4VGdOSXUxWGNXcWVCNV9jQmlJS0g1bm1vQTQaVkNoQUk4SXIzcGdZUXNJYTE3NGlXa180TEVpd0FnMUgtUEpGQU9UR2FmVHQ0OWpmYWR2Tm1ZZkU5T1VMblpXRXNPTDFJc0VBVlloX3o0RVZFN3IzaWp3IhMIz7aao4HkgAMVcBloCB2Tzg-R&is_vtc=1&ocp_id=4DzeZM_GFvCyoPMPk52_iAk&random=2189648182
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/981179826/ Frame E2F9 42 B
108 B 28ms
28ms Image
image/gif 142.250.81.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/981179826/?random=1692286176293&cv=11&fst=1692284400000&bg=ffffff&guid=ON&async=1&gtm=45be3890&u_w=1600&u_h=1200&url=https%3A%2F%2Fae.nflximg.net%2Fmonet%2Fscripts%2Fnetflix_tag_05.html%3Fdata%3D%257B%2522membership_status%2522%253A%2522ANONYMOUS%2522%252C%2522country%2522%253A%2522DZ%2522%252C%2522region_code%2522%253A%252216%2522%252C%2522is_member%2522%253A%2522ANONYMOUS%2522%252C%2522wasFormerMember%2522%253Afalse%252C%2522referrer%2522%253A%2522nmLanding%2522%252C%2522deniedConsentCookieGroups%2522%253A%2522C0005%2522%257D&frm=2&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2479606499&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.228 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ae.nflximg.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2023 15:29:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 405 cl2 Show response
linalablonde.github.io/personalization/ 131 B
246 B 5ms
4ms XHR
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://linalablonde.github.io/personalization/cl2
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.f967a31b35dd1700fb24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: Varnish /
Resource Hash: db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

Referer: https://linalablonde.github.io/Serber55/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
X-Netflix.Client.Request.Name: ui/cl
Content-Type: application/json

Response headers

x-fastly-request-id: 029eb027354c5270742a3b8fef55bdd3152da8b8
date: Thu, 17 Aug 2023 15:29:39 GMT
via: 1.1 varnish
x-cache-hits: 0
server: Varnish
x-timer: S1692286180.796050,VS0,VE1
x-cache: MISS
accept-ranges: bytes
content-length: 131
retry-after: 0
x-served-by: cache-lga21937-LGA

POST
H2 405 log Show response
linalablonde.github.io/personalization/ 131 B
245 B 4ms
4ms XHR
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://linalablonde.github.io/personalization/log
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.f967a31b35dd1700fb24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: Varnish /
Resource Hash: db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

X-Netflix.ichnaea.request.type: UiRequest
Referer: https://linalablonde.github.io/Serber55/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

x-fastly-request-id: 4adc3725a5541eec4ad010c2f2aefd0f911f5899
date: Thu, 17 Aug 2023 15:29:40 GMT
via: 1.1 varnish
x-cache-hits: 0
server: Varnish
x-timer: S1692286180.260898,VS0,VE1
x-cache: MISS
accept-ranges: bytes
content-length: 131
retry-after: 0
x-served-by: cache-lga21937-LGA

POST
H2 405 cl2 Show response
linalablonde.github.io/personalization/ 131 B
259 B 4ms
4ms XHR
text/html 185.199.110.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://linalablonde.github.io/personalization/cl2
Requested by: Host: assets.nflxext.com
URL: https://assets.nflxext.com/web/ffe/wp/signup/nmhp/nmhpFrameworkClient.js.f967a31b35dd1700fb24.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-110-153.github.com
Software: Varnish /
Resource Hash: db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f

Request headers

Referer: https://linalablonde.github.io/Serber55/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
X-Netflix.Client.Request.Name: ui/cl
Content-Type: application/json

Response headers

x-fastly-request-id: afa872feafbcad240818845ec51db008096742d6
date: Thu, 17 Aug 2023 15:29:41 GMT
via: 1.1 varnish
x-cache-hits: 0
server: Varnish
x-timer: S1692286181.085908,VS0,VE1
x-cache: MISS
accept-ranges: bytes
content-length: 131
retry-after: 0
x-served-by: cache-lga21937-LGA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nflximg.net/	1970-01-20 14:04:53	Name: _gcl_au Value: 1.1.66105674.1692286176
			.doubleclick.net/	1970-01-20 14:04:47	Name: test_cookie Value: CheckForPermission

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://linalablonde.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=css&modalView=nmLanding Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://linalablonde.github.io/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=nmLanding Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://linalablonde.github.io/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1600&winh=1200&screenw=1600&screenh=1200&ratio=1 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://linalablonde.github.io/personalization/log Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://linalablonde.github.io/personalization/cl2 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://linalablonde.github.io/personalization/log Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://linalablonde.github.io/personalization/cl2 Message: Failed to load resource: the server responded with a status of 405 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.nflximg.net
assets.nflxext.com
cdn.cookielaw.org
geolocation.onetrust.com
googleads.g.doubleclick.net
ichnaea-web.netflix.com
linalablonde.github.io
occ-0-4609-784.1.nflxso.net
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.netflix.com
104.18.169.114
104.18.29.38
142.250.81.228
142.251.40.162
172.217.13.162
172.217.13.200
184.24.37.176
185.199.110.153
195.22.197.127
31.13.71.36
34.233.255.32
45.57.90.1
54.237.226.164
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
18bb1e0630d2fc9e9a71b93d745302fe6cc1957570d2b815f3883b61ec1193a7
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
3eec290a7f7da9abb00b49ca84f5f16e6d45ca33d40fd8ede4380835d6161d71
46906a172b230be72a609fb98f3689e0baaa3292de25181121d75df0f84bf644
48bff5066a4a5bae88b47078e01244abf6f146b2ff944b7b15cce61dfeef8859
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
4c7a552d219146985961bf78d9083b7e2c1a82c4ada5d959f48b3e53754c9049
4da8a6638ad70698ad3d01aa0ef124aebe35c297685c0796b174822f597b1d09
4f99e4c2ed1c2b7de72f47102c64d601567f8efaad5944a08c86786cad4050e6
50803a486b17eb4696683745a65ccbaa85392cb97c4f773ddee4dda8d694a42e
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62daee3865c94dc5f2119831c09d923a66afd1cc88165e9612f1c660865d7cef
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6c08cbd389827486400b0a5418598e119e3200a355ef689210b2b614e089e5ac
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
9106141293846b719561378b301a4a6e4d97bd59ba1adc4c528c704b4823fbea
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9473b8ffe09efd723582d276d474bb40e5980e7ab3313611589389341f635412
975bdc4a69e124729e285ccd19ad69912c2949f034c08b6c2ab5e6c8b7ac2f89
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
a9c89c2a0df62b9bd73d859ae616ffe92cb9e86e1428a1a0fc797418f3e03dd9
ab94be896f5d14499df59563ed0912684918c9809be7166e7949333be994c9bc
b07187a25c0d3c4149f7957f0a964e8713cfe7ad070628a61e1ce29796475710
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c50d81f310847f9dd5c054871180b211c7f4a9eccbb42ee95f9574880b56ef73
db9c83197aadfaf315c26741f15264db83844a31372701a8465737d63508df7f
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb112320fcafeadf6431ba74ee7bec43f6b7662267644073b962fa467824053
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

linalablonde.github.io Open in urlscan Pro 185.199.110.153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

0 %IPv6

12 Domains

13 Subdomains

13 IPs

3 Countries

2227 kBTransfer

4272 kBSize

2 Cookies

15 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

linalablonde.github.io Open in urlscan Pro
185.199.110.153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

13
IPs

3
Countries

2227 kB
Transfer

4272 kB
Size

2
Cookies

47 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!