leonie-vonlieres.de Open in urlscan Pro
50.115.163.90 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ99...
Effective URL:
https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ99...
Submission: On June 08 via automatic, source openphish (June 8th 2023, 7:06:04 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 50.115.163.90, located in United States and belongs to VIRP, US. The main domain is leonie-vonlieres.de.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.

This is the only time leonie-vonlieres.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
11	50.115.163.90 50.115.163.90	32875 (VIRP) (VIRP)
3	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
14	2

11 50.115.163.90 (United States)

ASN32875 (VIRP, US)

leonie-vonlieres.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

assets.nflxext.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	leonie-vonlieres.de leonie-vonlieres.de	3 MB
3	nflxext.com assets.nflxext.com — Cisco Umbrella Rank: 3967	109 KB
14	2

	Domain	Requested by
11	leonie-vonlieres.de	leonie-vonlieres.de
3	assets.nflxext.com	leonie-vonlieres.de
14	2

This site contains links to these domains. Also see Links.

Domain
www.netflix.com
help.netflix.com
netflix.shop

Subject Issuer	Validity	Valid
leonie-vonlieres.de R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2023-05-22` - `2023-06-25`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1
Frame ID: 853E0563923E8A3F7C5366A5D602CA4F
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3438 kB
Transfer

3435 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netflix.com/
Title: Netflix Home

Search URL Search Domain Scan URL

URL: https://www.netflix.com/signout
Title: Sign Out

Search URL Search Domain Scan URL

URL: https://help.netflix.com/contactus
Title: Questions? Contact us.

Search URL Search Domain Scan URL

URL: https://help.netflix.com/support/412
Title: FAQ

Search URL Search Domain Scan URL

URL: https://help.netflix.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://netflix.shop/
Title: Netflix Shop

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/corpinfo
Title: Corporate Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request add.php Show response leonie-vonlieres.de/net/dashboard/	379 KB 380 KB	763ms 403ms	Document text/html	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `c56dbe412c7f059dd1f4e3f5793021e72697569596c6aee0c2272612d88319da` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 08 Jun 2023 19:05:56 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	simpleUpdateMopClient.js.cd9b021808302a7e428d.js Show response leonie-vonlieres.de/net/dashboard/Netflix_files/	2 MB 2 MB	486ms 158ms	Script application/javascript	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/simpleUpdateMopClient.js.cd9b021808302a7e428d.js Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `0c99e16e605e3c1482f4f7d1f43c0df3ddccfc40fd54037b50184b4d404b7cfe` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 03:21:34 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2405446
GET H/1.1	404 Not Found	WebsiteDetect leonie-vonlieres.de/net/dashboard/Netflix_files/	0 0	458ms 152ms	Stylesheet text/html	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/WebsiteDetect Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	otSDKStub.js Show response leonie-vonlieres.de/net/dashboard/Netflix_files/	21 KB 21 KB	487ms 159ms	Script application/javascript	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/otSDKStub.js Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 02:51:58 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 21356
GET H/1.1	200 OK	error-page.b122c37502204303115a.css leonie-vonlieres.de/net/dashboard/Netflix_files/	10 KB 10 KB	460ms 153ms	Stylesheet text/css	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/error-page.b122c37502204303115a.css Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 02:51:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 9816
GET H/1.1	200 OK	simplicity.e9cf9ef4b0968ec11d6c.css leonie-vonlieres.de/net/dashboard/Netflix_files/	168 KB 168 KB	477ms 157ms	Stylesheet text/css	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/simplicity.e9cf9ef4b0968ec11d6c.css Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `6aa2ea6dde97543d2edf79d378d1ce38e04adb6e1a2d9cfefcf0a7a6ae8f74b2` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 03:21:34 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 172282
GET H/1.1	200 OK	otBannerSdk.js Show response leonie-vonlieres.de/net/dashboard/Netflix_files/	395 KB 395 KB	159ms 158ms	Script application/javascript	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/otBannerSdk.js Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 02:51:58 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 404300
GET H/1.1	200 OK	VISA.png leonie-vonlieres.de/net/dashboard/Netflix_files/	2 KB 2 KB	156ms 155ms	Image image/png	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Show image Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/VISA.png Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `cc7372fbcaf2d34b2e238f771261c54a1d37d22d8dfdcb1df78faf58cf62aabd` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 03:21:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1548
GET H/1.1	200 OK	MASTERCARD.png leonie-vonlieres.de/net/dashboard/Netflix_files/	1 KB 2 KB	160ms 160ms	Image image/png	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Show image Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/MASTERCARD.png Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `560e0fa112df9f2a63b59037ff72e01f2a2650c81a3674d9107cca23c3b6f76b` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 03:21:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1348
GET H/1.1	200 OK	VERVE.png leonie-vonlieres.de/net/dashboard/Netflix_files/	1 KB 2 KB	155ms 154ms	Image image/png	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Show image Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/VERVE.png Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `2c789405c94b9ea941253e459f54c15d3d9e4e0040ec4167e76cde69bb9c3bb5` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Last-Modified Fri, 05 May 2023 03:21:34 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1472
GET H/1.1	404 Not Found	87b6a5c0-0104-4e96-a291-092c11350111.json Show response leonie-vonlieres.de/net/dashboard/Netflix_files/otSDKStub.js/consent/87b6a5c0-0104-4e96-a291-092c11350111/	315 B 515 B	159ms 159ms	XHR text/html	50.115.163.90 VIRP
General Check archive.org Show headers Download Go to Full URL https://leonie-vonlieres.de/net/dashboard/Netflix_files/otSDKStub.js/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/Netflix_files/otSDKStub.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 50.115.163.90 , United States, ASN32875 (VIRP, US), Reverse DNS Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:57 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Lock.png assets.nflxext.com/ffe/siteui/acquisition/simplicity/	3 KB 4 KB	53ms 13ms	Image image/png	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://assets.nflxext.com/ffe/siteui/acquisition/simplicity/Lock.png Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/Netflix_files/simplicity.e9cf9ef4b0968ec11d6c.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash `a309d09926f567f4415df64e618f32fabd75c49108667fd6021f7765d7193a4f` Request headers accept-language de-DE,de;q=0.9 Referer https://leonie-vonlieres.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:59 GMT Last-Modified Fri, 26 Feb 2016 23:48:46 GMT Server nginx Content-MD5 ch50H3szGVtq9MK8QALlnw== Content-Type image/png Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 3547 Expires Thu, 15 Jun 2023 19:06:00 GMT
GET H/1.1	200 OK	NetflixSans_W_Rg.woff2 assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/	52 KB 52 KB	52ms 13ms	Font font/woff2	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2 Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/Netflix_files/error-page.b122c37502204303115a.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash `c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167` Request headers Referer https://leonie-vonlieres.de/ Origin https://leonie-vonlieres.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:59 GMT Last-Modified Thu, 17 Jan 2019 20:16:30 GMT Server nginx Content-MD5 C/MXfx/tbZUxeCIfukPH6A== Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 53304 Expires Thu, 15 Jun 2023 19:06:00 GMT
GET H/1.1	200 OK	NetflixSans_W_Md.woff2 assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/	53 KB 53 KB	52ms 13ms	Font font/woff2	2a00:86c0:2090::1 NETFLIX-ASN
General Check archive.org Show headers Download Go to Full URL https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2 Requested by Host: leonie-vonlieres.de URL: https://leonie-vonlieres.de/net/dashboard/Netflix_files/error-page.b122c37502204303115a.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US), Reverse DNS Software nginx / Resource Hash `9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e` Request headers Referer https://leonie-vonlieres.de/ Origin https://leonie-vonlieres.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36 Response headers Date Thu, 08 Jun 2023 19:05:59 GMT Last-Modified Thu, 17 Jan 2019 20:16:30 GMT Server nginx Content-MD5 6naZIbDPpPxtTRouCx+l/w== Content-Type font/woff2 Access-Control-Allow-Origin * Cache-Control max-age=604801 Connection keep-alive Accept-Ranges bytes Content-Length 53940 Expires Thu, 15 Jun 2023 19:06:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://leonie-vonlieres.de/net/dashboard/Netflix_files/WebsiteDetect Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://leonie-vonlieres.de/net/dashboard/Netflix_files/otSDKStub.js/consent/87b6a5c0-0104-4e96-a291-092c11350111/87b6a5c0-0104-4e96-a291-092c11350111.json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1#imgrc=k_nKE7nZ6YAIsM Message: The resource https://leonie-vonlieres.de/net/dashboard/Netflix_files/simpleUpdateMopClient.js.cd9b021808302a7e428d.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nflxext.com
leonie-vonlieres.de
2a00:86c0:2090::1
50.115.163.90
0c99e16e605e3c1482f4f7d1f43c0df3ddccfc40fd54037b50184b4d404b7cfe
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
2c789405c94b9ea941253e459f54c15d3d9e4e0040ec4167e76cde69bb9c3bb5
560e0fa112df9f2a63b59037ff72e01f2a2650c81a3674d9107cca23c3b6f76b
6aa2ea6dde97543d2edf79d378d1ce38e04adb6e1a2d9cfefcf0a7a6ae8f74b2
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
a309d09926f567f4415df64e618f32fabd75c49108667fd6021f7765d7193a4f
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c56dbe412c7f059dd1f4e3f5793021e72697569596c6aee0c2272612d88319da
cc7372fbcaf2d34b2e238f771261c54a1d37d22d8dfdcb1df78faf58cf62aabd
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

leonie-vonlieres.de Open in urlscan Pro 50.115.163.90 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

3438 kBTransfer

3435 kBSize

0 Cookies

9 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

leonie-vonlieres.de Open in urlscan Pro
50.115.163.90 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3438 kB
Transfer

3435 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!