netflixclone.loandre.com Open in urlscan Pro
76.76.21.93 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://netflixclone.loandre.com/
Submission: On March 14 via automatic, source openphish (March 14th 2024, 1:11:04 pm UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 76.76.21.93, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is netflixclone.loandre.com.
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.

This is the only time netflixclone.loandre.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address		AS Autonomous System
10	76.76.21.93 76.76.21.93		16509 (AMAZON-02) (AMAZON-02)
10	1

10 76.76.21.93 (Walnut, United States)

ASN16509 (AMAZON-02, US)

netflixclone.loandre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	loandre.com netflixclone.loandre.com	2 MB
10	1

	Domain	Requested by
10	netflixclone.loandre.com	netflixclone.loandre.com
10	1

This site contains no links.

Subject Issuer	Validity	Valid
netflixclone.loandre.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://netflixclone.loandre.com/
Frame ID: 9E2E66AE3A0A3D5A16D53F5C1D6176FA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix Clone

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2089 kB
Transfer

2096 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
netflixclone.loandre.com/ 8 KB
3 KB 229ms
83ms Document
text/html 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aa5379e0039e4cb1b5c300d2ba13867de754241336546ad790b5f5500e81a3be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 4297881
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Mar 2024 13:10:59 GMT
etag: W/"46bd00050e9aeb4292af30a704cf6061"
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: fra1::cd4d4-1710421859250-0617e5b21c95

GET
H2 200 styles.css
netflixclone.loandre.com/ 5 KB
2 KB 154ms
154ms Stylesheet
text/css 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://netflixclone.loandre.com/styles.css

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7aee62d1deab5b13dab29f5a3f0a8b1c0c043ebbd727f17a05ab5b04de0c7239

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::kz72h-1710421859337-92b71d192a31
age: 239986
etag: W/"460a46fb0111bc4be824d7d6122803b0"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="styles.css"

GET
H2 200 logo.png
netflixclone.loandre.com/imagens/ 12 KB
12 KB 73ms
72ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/logo.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

697ade7fdeaaebbc1c9244c8dc210c35d1d72f5e1c4578979be040fcf1194d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::5wnw5-1710421859337-98cd6a347f60
age: 1399577
etag: "228c2f58cd562b7e10865e4a04bb2c0f"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="logo.png"
accept-ranges: bytes
content-length: 11791

GET
H2 200 language.png
netflixclone.loandre.com/imagens/ 145 KB
145 KB 99ms
99ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/language.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5e285d846351eeea7333fb71d0bd5d952394035602fad96847554bf15f85936c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::5l44l-1710421859337-f9a32407ab75
age: 1399577
etag: "0c7045d2026e85b0c153dda6dd68386f"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="language.png"
accept-ranges: bytes
content-length: 148482

GET
H2 200 down-icon.png
netflixclone.loandre.com/imagens/ 261 B
386 B 98ms
98ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/down-icon.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6b253c53804178de7c5e6b3d5f653c1fbb143a2110bc365d26f15339a647900d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::cc7th-1710421859338-d570f298dbdc
age: 1399577
etag: "80fbf11ebf327c20d5a420f7eb370e7a"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="down-icon.png"
accept-ranges: bytes
content-length: 261

GET
H2 200 feature-1.png
netflixclone.loandre.com/imagens/ 212 KB
212 KB 129ms
128ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/feature-1.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

48f31731fad22421eec836fbdc19073afb8a6321e0337e2fe9d89daf37d4f7a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::8lszj-1710421859343-2864328e3cc4
age: 1399577
etag: "d333cca744d3dbefe6d446758699340b"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="feature-1.png"
accept-ranges: bytes
content-length: 216888

GET
H2 200 feature-3.png
netflixclone.loandre.com/imagens/ 237 KB
237 KB 128ms
128ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/feature-3.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

abbc127f5f9c6448f543df039256c705872a5d08c42f40a8abff77d7f9a97a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::sqc5g-1710421859338-aaa9a2771218
age: 1220935
etag: "0abd58804d41b2a84e63de2cbe39e1f8"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="feature-3.png"
accept-ranges: bytes
content-length: 242469

GET
H2 200 feature-4.png
netflixclone.loandre.com/imagens/ 248 KB
248 KB 43ms
43ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/feature-4.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3c9b69316d945274ad1aa9a29f181f8853fec110d44027f5bd06ed3ffa3124ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::cd4d4-1710421859338-7944578feb5e
age: 1220935
etag: "6a9a6092eeeb8bbae99bd1b8cf0de023"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="feature-4.png"
accept-ranges: bytes
content-length: 253870

GET
H2 200 feature-2.png
netflixclone.loandre.com/imagens/ 205 KB
205 KB 129ms
128ms Image
image/png 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/feature-2.png

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

17a1990c8fec22a47367bf1860329123562c34a4a76d4b3fe9c10f9003d772c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vt9jx-1710421859338-31db584ea2de
age: 1220934
etag: "f89992a6071223df3109fe11ddb58e02"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="feature-2.png"
accept-ranges: bytes
content-length: 209885

GET
H2 200 header-image.jpg
netflixclone.loandre.com/imagens/ 1 MB
1 MB 51ms
50ms Image
image/jpeg 76.76.21.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netflixclone.loandre.com/imagens/header-image.jpg

Requested by

Host: netflixclone.loandre.com
URL: https://netflixclone.loandre.com/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f0b7f2fcebca59731fdc5d3fb5807e7add8b785ed6384f6f504aad62ad69992f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netflixclone.loandre.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 13:10:59 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::4wkdz-1710421859498-da5209ee610c
age: 239978
etag: "56044bf3e57760ec1c8026d6c3063cc6"
x-vercel-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="header-image.jpg"
accept-ranges: bytes
content-length: 1049246

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

netflixclone.loandre.com
76.76.21.93
17a1990c8fec22a47367bf1860329123562c34a4a76d4b3fe9c10f9003d772c9
3c9b69316d945274ad1aa9a29f181f8853fec110d44027f5bd06ed3ffa3124ac
48f31731fad22421eec836fbdc19073afb8a6321e0337e2fe9d89daf37d4f7a0
5e285d846351eeea7333fb71d0bd5d952394035602fad96847554bf15f85936c
697ade7fdeaaebbc1c9244c8dc210c35d1d72f5e1c4578979be040fcf1194d63
6b253c53804178de7c5e6b3d5f653c1fbb143a2110bc365d26f15339a647900d
7aee62d1deab5b13dab29f5a3f0a8b1c0c043ebbd727f17a05ab5b04de0c7239
aa5379e0039e4cb1b5c300d2ba13867de754241336546ad790b5f5500e81a3be
abbc127f5f9c6448f543df039256c705872a5d08c42f40a8abff77d7f9a97a90
f0b7f2fcebca59731fdc5d3fb5807e7add8b785ed6384f6f504aad62ad69992f

netflixclone.loandre.com Open in urlscan Pro 76.76.21.93 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

2089 kBTransfer

2096 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

netflixclone.loandre.com Open in urlscan Pro
76.76.21.93 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

2089 kB
Transfer

2096 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!