verify-netflix.de Open in urlscan Pro
104.21.58.88 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://verify-netflix.de/nf
Submission: On February 25 via api (February 25th 2024, 2:17:25 pm UTC) from US — Scanned from US

Summary HTTP 14 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 104.21.58.88, located in and belongs to CLOUDFLARENET, US. The main domain is verify-netflix.de.
TLS certificate: Issued by GTS CA 1P5 on February 25th 2024. Valid for: 3 months.

This is the only time verify-netflix.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
8	104.21.58.88 104.21.58.88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
4	2606:4700:303... 2606:4700:3035::ac43:9e68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	4

8 104.21.58.88 (None, )

ASN13335 (CLOUDFLARENET, US)

verify-netflix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3035::ac43:9e68 (United States)

ASN13335 (CLOUDFLARENET, US)

verify-netflix.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	verify-netflix.de verify-netflix.de	530 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 729	30 KB
14	2

	Domain	Requested by
12	verify-netflix.de	verify-netflix.de
1	code.jquery.com	verify-netflix.de
14	2

This site contains links to these domains. Also see Links.

Domain
www.netflix.com
help.netflix.com

Subject Issuer	Validity	Valid
verify-netflix.de GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://verify-netflix.de/nf
Frame ID: 8486E96217D01BE5BEC5303478FC2DB4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

561 kB
Transfer

1388 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netflix.com/giftterms
Title: Gift Card Terms

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/termsofuse
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://help.netflix.com/legal/privacy
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request nf Show response verify-netflix.de/	59 KB 5 KB	3353ms 2315ms	Document text/html	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `14c3104e2568b9e9c7d1e883858bdde6241a0c70fd33aa6111eb0316acfd61d6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 85b0921c9dde39cc-YYZ content-encoding br content-type text/html; charset=UTF-8 date Sun, 25 Feb 2024 14:17:17 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMxz783ioKtnsRGSxxNY894%2FNxK6fcblqZeiYN7iAm%2FiwRhlZI%2BSr04dFUnSYFslAe%2B6B0BxI8B%2BO2FiUTPCVoajj%2BHURhDT9xO7qCEDh1B8%2Bk%2FJAiAIYgoOY4sDmpmoizZstw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	foundation.min.css verify-netflix.de/assets/nf/css/	138 KB 18 KB	322ms 316ms	Stylesheet text/css	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/nf/css/foundation.min.css Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `72a83ab77aa94822f4a42349bbbd1b8875161fe9cfea1f2cdb4d4f8f2601622f` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"22623-5c8a51da40200-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyRS23tAq7tWSWUdACvv1co%2Fd2iN%2FVJlYLw990oCXS8N8T9nTSuJwRzO%2FWRM9JCSxTpzjeceCxXWnt2cGyBj6cNEc1VS%2BZ8Aofze6vewZT37aBG%2FaAK1QnCKFW1qaGHArOx0Gg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85b0922bbe9339cc-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	login.css verify-netflix.de/assets/nf/css/	8 KB 2 KB	235ms 231ms	Stylesheet text/css	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/nf/css/login.css Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f2e7d62dc08c337882b1768df07acc2da54141ad51ae2df68a2f6bd05d7b4816` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"216e-5c8a51da40200-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awHgcTExnMQfsQPCFkMYhTJ9iW4vqU%2FlUMNgZE4Z4gLJAbSQ52ovx6PF9hO8FU80SOiZ%2B4cVm5OmiYJGJydMyXnVXyS1iH6mpWKcOL4cs2fcdUT8S7c5C4%2FOi8oU65AYevFlhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85b0922bbe9639cc-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	105ms 30ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers Referer https://verify-netflix.de/ Origin https://verify-netflix.de accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1328256 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-nyc-kteb1890029-NYC last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1708870637.474883,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 68, 104105
GET H2	200	actions.js Show response verify-netflix.de/assets/js/	644 B 567 B	251ms 249ms	Script application/javascript	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/js/actions.js?v=1708870637 Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3160a5af41fcdd11075c6d9e50c91790151aefd58e4a1416ab5fd9ef230e0033` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Wed, 28 Jul 2021 18:18:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"284-5c8330298aa00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf9cbnji2icOffIKJN%2Fxo5zlQeG0pCcA8Tqp52n6In2G7ybapn9u9EZkLyo6x0Vc1owxXOLBYtJEd2I%2FnO195%2BBTFtWSxACRFXOCXmLxS6Ga9dncJLxt65yapndtitws8bjlbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85b0922bbe9a39cc-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	app.css verify-netflix.de/assets/nf/css/	7 KB 2 KB	253ms 251ms	Stylesheet text/css	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/nf/css/app.css?v=1708870637 Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3290f81062ea33808a7efab4556f53b7966dba902e27d00d224ed4b745e466bb` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Wed, 11 Aug 2021 18:46:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1ac3-5c94d08089c00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9whw%2FZX7ar1p6sRqeOhJD%2BvYzkPtvTJTgGi%2FXvt1HJc7zK77VtY6YyojueeDemuoEW0BdPaxFOEBw0pAir2ACBSFTJxjCyJM7HOoJ9YyMXAb88eZYVxGQrBdL3khWv20A4GFpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 85b0922bbe9839cc-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	fb.png verify-netflix.de/assets/nf/img/	1 KB 2 KB	310ms 309ms	Image image/png	2606:4700:3035::ac43:9e68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify-netflix.de/assets/nf/img/fb.png Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:9e68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:18 GMT cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5af-5c8a51da40200" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6mOlmNfuV18TdfsKEKdW11IGCRVxJJXbVcDSR9vJqu8ffLNqCU7OnOvbw2KiJiAMsTz1VU8tDcfyVjPMsMvkeXD1owJ0%2BqHOMYXbqi5wM1cip0Sf5Ff5%2FXHQTVoOjGPawiWyFJ99gbfMcyYCmaS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 85b0922deca84bcc-BUF alt-svc h3=":443"; ma=86400 content-length 1455
GET H2	200	jquery.js Show response verify-netflix.de/assets/nf/js/vendor/	265 KB 80 KB	405ms 404ms	Script application/javascript	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/nf/js/vendor/jquery.js Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"42587-5c8a51de10b00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ybhi09dtxv9ZZvCEM36yo5UgRdMZC5HuUumgykArG%2BT14f11d5qeOK1Rcq7wBA%2BN38lUKx5eRLN41gbPChhyYE7m2cZ%2BndnT4LK7k7WUabwhZJFggtqDUD0DNP%2FsHtjNs1BFUQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85b0922bbe9c39cc-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	what-input.js Show response verify-netflix.de/assets/nf/js/vendor/	13 KB 4 KB	247ms 246ms	Script application/javascript	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/nf/js/vendor/what-input.js Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `17fbb1f9e0c56be3310782a1ab8a2177896a879c03cab6540b1903ef8e971ae8` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3492-5c8a51de10b00-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARWIYl5Bztu4If5Hu5rtDvj6LZWLsN%2F0k%2Bkie1l%2Bc57sx8eXQaMZR5cLfXJX4BIq0ML6Mgrmqd3lU328HB7BDzR9yyJL9MnkQgyOsTi%2BEw9wJej1GyEgcGPaNtd5u69j%2FotS%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85b0922bbe9d39cc-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	foundation.min.js Show response verify-netflix.de/assets/nf/js/vendor/	479 KB 84 KB	383ms 382ms	Script application/javascript	104.21.58.88 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/assets/nf/js/vendor/foundation.min.js Requested by Host: verify-netflix.de URL: https://verify-netflix.de/nf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.58.88 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6de1ea718e7d9fc8b4ac19f02aab09b379752c6484cb046ca3da7fddc8b4975b` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/nf User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:17 GMT content-encoding br cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"77a8e-5c8a51dc28680-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNAoasKNgumGk7ExYV0v0zQpOXPTvfxFTcBzMqCghC3oulkFUoqhDOuI8fmrb1SpjdLZRo%2BiBhqPRT%2FlM6fez9BcPB130Ka%2BR86yyT1wecBStO2ywmTYINbZFPjYv61Jbf04Pw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 85b0922bbe9f39cc-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	large.jpg verify-netflix.de/assets/nf/img/	330 KB 331 KB	568ms 568ms	Image image/jpeg	2606:4700:3035::ac43:9e68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://verify-netflix.de/assets/nf/img/large.jpg Requested by Host: verify-netflix.de URL: https://verify-netflix.de/assets/nf/css/login.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:9e68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1682ba33f8ebfcd59a6829125863ca509d6fc9237a3add4378b39694f046d947` Request headers accept-language en-US,en;q=0.9 Referer https://verify-netflix.de/assets/nf/css/login.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers date Sun, 25 Feb 2024 14:17:18 GMT cf-cache-status MISS last-modified Tue, 03 Aug 2021 10:26:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5282e-5c8a51dc28680" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRY2oZ%2FD%2B8%2F3maGFS3r2WiD5wFu0mWFbdJoTudMTdpr7J9xNS7%2BqLnEHOT4z%2BRmjc0bCVI1bhh%2FYOnnuSvK9QMLc8H8gWdJUQwUiAGIjWNZ6pFqCxBDrYSg%2Bqy2q0TU9mcsE9IiTWnkgQIk7u0%2BgJA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 85b0922decb54bcc-BUF alt-svc h3=":443"; ma=86400 content-length 337966
POST H3	200	action Show response verify-netflix.de/apis/lr/	25 B 522 B	1487ms 1487ms	XHR text/html	2606:4700:3035::ac43:9e68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/apis/lr/action Requested by Host: verify-netflix.de URL: https://verify-netflix.de/assets/nf/js/vendor/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:9e68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1cbbd152a050ee0dc982af665d16b3508db3942527b4b1d65aff0127244ac9e` Request headers Accept / Referer https://verify-netflix.de/nf X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Sun, 25 Feb 2024 14:17:20 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQ%2F%2FjnvLnakFQq8ZoIAqDeWyyE5cB1QZmSxh68Y0CtwlYPbiC4x%2B52TzBPwDTGasttRA0AMI8o0d12V4K9ADvIbE67EjiM8O%2BVLGbbOjKN6WP%2BkNISxS7boqqgYt9k52VysBVSkBv338wGJXnGV%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 85b092350c904bcc-BUF alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	200	active Show response verify-netflix.de/apis/lr/	25 B 522 B	462ms 461ms	XHR text/html	2606:4700:3035::ac43:9e68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify-netflix.de/apis/lr/active Requested by Host: verify-netflix.de URL: https://verify-netflix.de/assets/nf/js/vendor/jquery.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:9e68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1cbbd152a050ee0dc982af665d16b3508db3942527b4b1d65aff0127244ac9e` Request headers Accept / Referer https://verify-netflix.de/nf X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36 Response headers pragma no-cache date Sun, 25 Feb 2024 14:17:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwlDWcCK9K28fBEF4BiYB6Gj72M3L6cEzkUOMw0SZ%2Fimcaq9sLN52J9ztv%2BCzN%2FwyoQcE16U3zUfuisc7E5Vu2t%2FJH353qBPBWDeyfzHHqzZdpZR%2Bh%2BiBfZvVLB0qrTJbXxFrOLLoGUkMysFPamhbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 85b0924e0f644bcc-BUF alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST		action verify-netflix.de/apis/lr/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: verify-netflix.de
URL: https://verify-netflix.de/apis/lr/action

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			verify-netflix.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: te29r3qdge1h0vl2a3i98nj5r2

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://verify-netflix.de/nf(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://verify-netflix.de/nf(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
verify-netflix.de
verify-netflix.de
104.21.58.88
2606:4700:3035::ac43:9e68
2a04:4e42:200::649
14c3104e2568b9e9c7d1e883858bdde6241a0c70fd33aa6111eb0316acfd61d6
1682ba33f8ebfcd59a6829125863ca509d6fc9237a3add4378b39694f046d947
17fbb1f9e0c56be3310782a1ab8a2177896a879c03cab6540b1903ef8e971ae8
3160a5af41fcdd11075c6d9e50c91790151aefd58e4a1416ab5fd9ef230e0033
3290f81062ea33808a7efab4556f53b7966dba902e27d00d224ed4b745e466bb
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
6de1ea718e7d9fc8b4ac19f02aab09b379752c6484cb046ca3da7fddc8b4975b
72a83ab77aa94822f4a42349bbbd1b8875161fe9cfea1f2cdb4d4f8f2601622f
c1cbbd152a050ee0dc982af665d16b3508db3942527b4b1d65aff0127244ac9e
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
f2e7d62dc08c337882b1768df07acc2da54141ad51ae2df68a2f6bd05d7b4816
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

verify-netflix.de Open in urlscan Pro 104.21.58.88 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

67 %IPv6

2 Domains

2 Subdomains

4 IPs

2 Countries

561 kBTransfer

1388 kBSize

1 Cookies

3 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

verify-netflix.de Open in urlscan Pro
104.21.58.88 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

67 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

561 kB
Transfer

1388 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!