leonie-vonlieres.de
Open in
urlscan Pro
50.115.163.90
Malicious Activity!
Public Scan
Effective URL: https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ99...
Submission: On June 08 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.
This is the only time leonie-vonlieres.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 50.115.163.90 50.115.163.90 | 32875 (VIRP) (VIRP) | |
3 | 2a00:86c0:209... 2a00:86c0:2090::1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
14 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
leonie-vonlieres.de
leonie-vonlieres.de |
3 MB |
3 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 3967 |
109 KB |
14 | 2 |
Domain | Requested by | |
---|---|---|
11 | leonie-vonlieres.de |
leonie-vonlieres.de
|
3 | assets.nflxext.com |
leonie-vonlieres.de
|
14 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.netflix.com |
help.netflix.com |
netflix.shop |
Subject Issuer | Validity | Valid | |
---|---|---|---|
leonie-vonlieres.de R3 |
2023-06-03 - 2023-09-01 |
3 months | crt.sh |
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2023-05-22 - 2023-06-25 |
a month | crt.sh |
This page contains 1 frames:
Primary Page:
https://leonie-vonlieres.de/net/dashboard/add.php?q=netflix&client=firefox-b-d&source=lnms&tbm=isch&sa=X&ved=2ahUKEwiQkrCQ993-AhUwhf0HHfm6BXUQ_AUoA3oECAEQBQ&biw=1366&bih=607&dpr=1
Frame ID: 853E0563923E8A3F7C5366A5D602CA4F
Requests: 14 HTTP requests in this frame
9 Outgoing links
These are links going to different origins than the main page.
Title: Netflix Home
Search URL Search Domain Scan URL
Title: Sign Out
Search URL Search Domain Scan URL
Title: Questions? Contact us.
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: Netflix Shop
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Corporate Information
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
add.php
leonie-vonlieres.de/net/dashboard/ |
379 KB 380 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simpleUpdateMopClient.js.cd9b021808302a7e428d.js
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
2 MB 2 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WebsiteDetect
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otSDKStub.js
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error-page.b122c37502204303115a.css
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
simplicity.e9cf9ef4b0968ec11d6c.css
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
168 KB 168 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
otBannerSdk.js
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
395 KB 395 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VISA.png
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MASTERCARD.png
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VERVE.png
leonie-vonlieres.de/net/dashboard/Netflix_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
87b6a5c0-0104-4e96-a291-092c11350111.json
leonie-vonlieres.de/net/dashboard/Netflix_files/otSDKStub.js/consent/87b6a5c0-0104-4e96-a291-092c11350111/ |
315 B 515 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lock.png
assets.nflxext.com/ffe/siteui/acquisition/simplicity/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
52 KB 52 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ |
53 KB 53 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| OneTrustStub function| OptanonWrapper object| netflix string| __public_path__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.nflxext.com
leonie-vonlieres.de
2a00:86c0:2090::1
50.115.163.90
0c99e16e605e3c1482f4f7d1f43c0df3ddccfc40fd54037b50184b4d404b7cfe
0cda584e7c5036ad66d7d528d2209bc596a14179fa1792a559e2ae9eaa91e851
1f9b264d67f09652f9fa3bcde1801166d5c888d9f89c006764a9776dd8f9e9ae
2c789405c94b9ea941253e459f54c15d3d9e4e0040ec4167e76cde69bb9c3bb5
560e0fa112df9f2a63b59037ff72e01f2a2650c81a3674d9107cca23c3b6f76b
6aa2ea6dde97543d2edf79d378d1ce38e04adb6e1a2d9cfefcf0a7a6ae8f74b2
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e
a309d09926f567f4415df64e618f32fabd75c49108667fd6021f7765d7193a4f
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167
c56dbe412c7f059dd1f4e3f5793021e72697569596c6aee0c2272612d88319da
cc7372fbcaf2d34b2e238f771261c54a1d37d22d8dfdcb1df78faf58cf62aabd
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3