www.knenik.com Open in urlscan Pro
136.243.101.246 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.knenik.com/FR/FR_whaacc/second/
Submission: On June 25 via manual (June 25th 2020, 2:40:48 am UTC) from JP

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 16 HTTP transactions. The main IP is 136.243.101.246, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.knenik.com.

This is the only time www.knenik.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
11	136.243.101.246 136.243.101.246	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	52.219.47.132 52.219.47.132	16509 (AMAZON-02) (AMAZON-02)
16	3

11 136.243.101.246 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.246.101.243.136.clients.your-server.de

www.knenik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.47.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

mediamcdn.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	knenik.com www.knenik.com	446 KB
4	gstatic.com fonts.gstatic.com	31 KB
1	amazonaws.com mediamcdn.s3.eu-central-1.amazonaws.com	5 KB
16	3

	Domain	Requested by
11	www.knenik.com	www.knenik.com
4	fonts.gstatic.com	www.knenik.com
1	mediamcdn.s3.eu-central-1.amazonaws.com	www.knenik.com
16	3

This site contains links to these domains. Also see Links.

Domain
lhrtrk.com

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.knenik.com/FR/FR_whaacc/second/
Frame ID: 24953C4B19659FEC54CE1DB2B8867E1B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

16
Requests

31 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

482 kB
Transfer

489 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://lhrtrk.com/index.php?lp=1
Title: CONTINUER

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.knenik.com/FR/FR_whaacc/second/ 13 KB
3 KB 74ms
32ms Document
text/html 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ad115192a3f1d21caeb79f58445debfd8f7707db83b0798040c9296d07d90ac4

Request headers

Host: www.knenik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Thu, 25 Jun 2020 02:40:29 GMT
Content-Type: text/html
Last-Modified: Wed, 08 Apr 2020 13:52:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5e8dd721-327b"
Content-Encoding: gzip

GET
H/1.1 200
OK css.css
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 5 KB
5 KB 23ms
22ms Stylesheet
text/css 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/css.css
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b41875aa6c964e770eb0047c1f976c6f944c636a46720d95c482d6c6500ca22d

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:24:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81c8ce-1266"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4710

GET
H/1.1 200
OK style.css
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 33 KB
33 KB 44ms
33ms Stylesheet
text/css 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/style.css
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f93fd6abb99840aa0cfaac88c244026841f87817c0950d92e854770f1038f1bb

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:41:58 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81ccf6-8210"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33296

GET
H/1.1 200
OK translateelement.css
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 18 KB
19 KB 47ms
36ms Stylesheet
text/css 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/translateelement.css
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:24:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81c8ce-4924"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18724

GET
H/1.1 200
OK translateelement1.css
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 18 KB
19 KB 45ms
34ms Stylesheet
text/css 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/translateelement1.css
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:24:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81c8ce-4924"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18724

GET
H/1.1 200
OK mov.png
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 445 B
692 B 22ms
22ms Image
image/png 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/mov.png
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7f3b5813af08639f509729cbb27b1a04d96943fd26f9310cd253d046f3334702

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:24:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81c8ce-1bd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 445

GET
H/1.1 200
OK film.png
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 2 KB
2 KB 22ms
21ms Image
image/png 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/film.png
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 3be2c8f23f4c5677593d5c88b76a3cddbcab7366dd48653dfa938f8dec11ea90

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:24:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81c8ce-856"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2134

GET
H/1.1 200
OK img-product.png
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 11 KB
11 KB 24ms
23ms Image
image/png 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/img-product.png
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7458cc5c8e6464162d23320632e69d0b17de0b4631105cbe5698d56b028c040b

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:24:14 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81c8ce-2b95"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11157

GET
H/1.1 200
OK jquery.min.js Show response
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 88 KB
88 KB 44ms
33ms Script
application/javascript 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/jquery.min.js
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e609252c6af2c3e4ba3e893422a4c94a7174bfd890bd10353c93e3cf977c707c

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Wed, 08 Apr 2020 13:26:53 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e8dd11d-15e0f"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89615

GET
H/1.1 200
OK init.js Show response
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 7 KB
7 KB 47ms
36ms Script
application/javascript 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/init.js
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 734e4c222fab1739137958c089dbfe8eea2b3bd90cd6d25700dbcff863f30ef1

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 11:11:37 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81d3e9-1c1a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7194

GET
H/1.1 200
OK bg.jpg
www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/ 259 KB
259 KB 24ms
24ms Image
image/jpeg 136.243.101.246
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/bg.jpg
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/
Protocol: HTTP/1.1
Server: 136.243.101.246 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.246.101.243.136.clients.your-server.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: cdbb8bd903dd6fe325ab434193200da2111679906e51c2fcfc3175dde5c65708

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:29 GMT
Last-Modified: Mon, 30 Mar 2020 10:41:28 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5e81ccd8-40b9c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 265116

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/css.css
Origin: http://www.knenik.com

Response headers

date: Fri, 12 Jun 2020 22:52:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:04 GMT
server: sffe
age: 1050506
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7968
x-xss-protection: 0
expires: Sat, 12 Jun 2021 22:52:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/css.css
Origin: http://www.knenik.com

Response headers

date: Thu, 11 Jun 2020 16:54:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:13 GMT
server: sffe
age: 1158343
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7836
x-xss-protection: 0
expires: Fri, 11 Jun 2021 16:54:46 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/css.css
Origin: http://www.knenik.com

Response headers

date: Wed, 10 Jun 2020 22:19:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:14 GMT
server: sffe
age: 1225279
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7960
x-xss-protection: 0
expires: Thu, 10 Jun 2021 22:19:10 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v9/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/css.css
Origin: http://www.knenik.com

Response headers

date: Thu, 11 Jun 2020 20:40:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Oct 2019 21:22:29 GMT
server: sffe
age: 1144797
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
expires: Fri, 11 Jun 2021 20:40:32 GMT

GET
H/1.1 200
OK jquery.js Show response
mediamcdn.s3.eu-central-1.amazonaws.com/ 5 KB
5 KB 88ms
28ms Script
application/javascript 52.219.47.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediamcdn.s3.eu-central-1.amazonaws.com/jquery.js?_=1593052829345
Requested by: Host: www.knenik.com
URL: http://www.knenik.com/FR/FR_whaacc/second/Movies%20&%20Series_failai/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.47.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae02a3d5b52042d5ae78371ad3dcb61037a9a9dd9eab898bef251e1a3ebd50ef

Request headers

Referer: http://www.knenik.com/FR/FR_whaacc/second/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 02:40:30 GMT
Last-Modified: Mon, 15 Jun 2020 05:25:25 GMT
Server: AmazonS3
x-amz-request-id: 80150DC4FB31D51C
ETag: "c9456f2749e4c5057e730fbe6f095278"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4922
x-amz-id-2: xu2LY7LyU3KOxvzRv4EirdNJdUl5LSIuRPKMDNMBAF+r+Kc8JBa25+608YdwmUOWMJAz6J44o4U=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
mediamcdn.s3.eu-central-1.amazonaws.com
www.knenik.com
136.243.101.246
2a00:1450:4001:809::2003
52.219.47.132
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
3be2c8f23f4c5677593d5c88b76a3cddbcab7366dd48653dfa938f8dec11ea90
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
734e4c222fab1739137958c089dbfe8eea2b3bd90cd6d25700dbcff863f30ef1
7458cc5c8e6464162d23320632e69d0b17de0b4631105cbe5698d56b028c040b
7f3b5813af08639f509729cbb27b1a04d96943fd26f9310cd253d046f3334702
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
ad115192a3f1d21caeb79f58445debfd8f7707db83b0798040c9296d07d90ac4
ae02a3d5b52042d5ae78371ad3dcb61037a9a9dd9eab898bef251e1a3ebd50ef
b41875aa6c964e770eb0047c1f976c6f944c636a46720d95c482d6c6500ca22d
cdbb8bd903dd6fe325ab434193200da2111679906e51c2fcfc3175dde5c65708
e609252c6af2c3e4ba3e893422a4c94a7174bfd890bd10353c93e3cf977c707c
f93fd6abb99840aa0cfaac88c244026841f87817c0950d92e854770f1038f1bb
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388

www.knenik.com Open in urlscan Pro 136.243.101.246 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

31 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

482 kBTransfer

489 kBSize

0 Cookies

1 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

0 Cookies

Indicators

www.knenik.com Open in urlscan Pro
136.243.101.246 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

31 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

482 kB
Transfer

489 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!