ae.nflximg.net - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2a02:26f0:480:f85::33c4, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is ae.nflximg.net. The Cisco Umbrella rank of the primary domain is 21654.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 13th 2024. Valid for: a year.

This is the only time ae.nflximg.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:26f0:480... 2a02:26f0:480:f85::33c4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a01:578:3::3... 2a01:578:3::341f:4a17	16509 (AMAZON-02) (AMAZON-02)
4	2

2 2a02:26f0:480:f85::33c4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ae.nflximg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:578:3::341f:4a17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ichnaea-web.netflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	netflix.com ichnaea-web.netflix.com — Cisco Umbrella Rank: 3112	1 KB
2	nflximg.net ae.nflximg.net — Cisco Umbrella Rank: 21654	4 KB
4	2

	Domain	Requested by
2	ichnaea-web.netflix.com	ae.nflximg.net
2	ae.nflximg.net
4	2

This site contains no links.

Subject Issuer	Validity	Valid
assets.nflxext.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-13` - `2025-02-12`	a year	crt.sh
ichnaea-web.netflix.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-09` - `2025-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22ES%22%2C%22region_code%22%3A%22M%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Frame ID: 58941034F176D17B6CD77E3E7374CCA5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

5 kB
Transfer

14 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request netflix_tag_05.html Show response
ae.nflximg.net/monet/scripts/ 14 KB
4 KB 280ms
83ms Document
text/html 2a02:26f0:480:f85::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22ES%22%2C%22region_code%22%3A%22M%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:480:f85::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 68da22e6fa7dcd05aa655f1031310948bcfdc1ab52c10bf0c0806ed8cb88aa9d

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3530
Content-MD5: auBDo81zD2jrU+7WL8c5BA==
Content-Type: text/html
Date: Mon, 03 Jun 2024 09:28:30 GMT
ETag: "6ae043a3cd730f68eb53eed62fc73904:1711400495.457929"
Last-Modified: Mon, 25 Mar 2024 21:01:22 GMT
Server: AkamaiNetStorage
Timing-Allow-Origin: *
Vary: Accept-Encoding

POST
H/1.1 200
OK log Show response
ichnaea-web.netflix.com/ 0
1 KB 297ms
78ms XHR
text/plain 2a01:578:3::341f:4a17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Requested by

Host: ae.nflximg.net
URL: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22ES%22%2C%22region_code%22%3A%22M%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::341f:4a17 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
X-Netflix.ichnaea.request.type: IchnaeaRequest
Referer: https://ae.nflximg.net/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 09:28:30 GMT
Via: 1.1 i-059c6844617dc3228 (eu-west-1)
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-b3-traceid: 665d8cbe25275b69debf2804dfecfe09
X-Netflix.proxy.execution-time: 5
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 0
x-xss-protection: 0
x-request-id: ed31d74d-3800-4dea-8155-1cbd9e904b73
pragma: no-cache
server: envoy
X-Netflix.nfstatus: 1_1
allow: GET, POST, OPTIONS
access-control-allow-methods: GET, POST, OPTIONS
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-origin: https://ae.nflximg.net
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-frame-options: DENY
x-ichnaea: ~0=true~RL=306
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Content-Encoding,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
expires: 0

OPTIONS
H/1.1 200
OK log
ichnaea-web.netflix.com/ 0
0 396ms
78ms Preflight 2a01:578:3::341f:4a17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ichnaea-web.netflix.com/log

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a01:578:3::341f:4a17 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-netflix.ichnaea.request.type
Access-Control-Request-Method: POST
Origin: https://ae.nflximg.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Via: 1.1 i-0fb5aa3eb40ef0eda (eu-west-1)
X-Netflix.nfstatus: 1_1
X-Netflix.proxy.execution-time: 4
X-Originating-URL: https://ichnaea-web.netflix.com/log
access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Language,Authorization,Content-Type,Content-Encoding,Cookie,debugRequest,X-Netflix.application.name,X-Netflix.application.version,X-Netflix.certification.version,X-Netflix.Client.Request.Name,X-Netflix.device.type,X-Netflix.esn,X-Netflix.ichnaea.request.type,X-Netflix.oauth.consumer.key,X-Netflix.oauth.token,X-Netflix.request.uuid,X-Netflix.user.id
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ae.nflximg.net
allow: GET, POST, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
date: Mon, 03 Jun 2024 09:28:30 GMT
expires: 0
pragma: no-cache
server: envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-b3-traceid: 665d8cbedbd838ae851305c09e298c2d
x-content-type-options: nosniff
x-envoy-decorator-operation: lo_svc_http
x-envoy-upstream-service-time: 0
x-frame-options: DENY
x-request-id: be79654d-9aa5-4b56-ad48-6ee1d8ece912
x-xss-protection: 0

GET
H/1.1 404
Not Found favicon.ico
ae.nflximg.net/ 10 B
325 B 881ms
881ms Other
text/plain 2a02:26f0:480:f85::33c4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ae.nflximg.net/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:480:f85::33c4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://ae.nflximg.net/monet/scripts/netflix_tag_05.html?data=%7B%22membership_status%22%3A%22ANONYMOUS%22%2C%22country%22%3A%22ES%22%2C%22region_code%22%3A%22M%22%2C%22is_member%22%3A%22ANONYMOUS%22%2C%22wasFormerMember%22%3Afalse%2C%22referrer%22%3A%22nmLanding%22%2C%22deniedConsentCookieGroups%22%3A%22C0003%2CC0004%2CC0005%22%7D
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 09:28:31 GMT
Server: AkamaiNetStorage
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Length: 10

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| module

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ae.nflximg.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae.nflximg.net
ichnaea-web.netflix.com
2a01:578:3::341f:4a17
2a02:26f0:480:f85::33c4
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
68da22e6fa7dcd05aa655f1031310948bcfdc1ab52c10bf0c0806ed8cb88aa9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ae.nflximg.net Open in urlscan Pro 2a02:26f0:480:f85::33c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

4 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

5 kBTransfer

14 kBSize

0 Cookies

0 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ae.nflximg.net Open in urlscan Pro
2a02:26f0:480:f85::33c4 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

5 kB
Transfer

14 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions