netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
Open in
urlscan Pro
104.248.21.209
Malicious Activity!
Public Scan
Effective URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Submission: On August 17 via api from US
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 17th 2020. Valid for: 3 months.
This is the only time netfiix-update.ajjca72akliy72hvxk82l.acciasx.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 45.40.140.1 45.40.140.1 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 | 104.244.42.5 104.244.42.5 | 13414 (TWITTER) (TWITTER) | |
1 9 | 104.248.21.209 104.248.21.209 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
9 | 3 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net
x.co |
ASN14061 (DIGITALOCEAN-ASN, US)
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
acciasx.com
1 redirects
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com |
798 KB |
2 |
x.co
2 redirects
x.co |
305 B |
1 |
t.co
t.co |
517 B |
9 | 3 |
Domain | Requested by | |
---|---|---|
9 | netfiix-update.ajjca72akliy72hvxk82l.acciasx.com |
1 redirects
t.co
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com |
2 | x.co | 2 redirects |
1 | t.co | |
9 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
t.co DigiCert SHA2 High Assurance Server CA |
2020-03-05 - 2021-03-02 |
a year | crt.sh |
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com cPanel, Inc. Certification Authority |
2020-08-17 - 2020-11-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Frame ID: 3546F464CB0400EF4D404DE97FA301CB
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://x.co/6nlzq?idtrack=PfkZGVBL
HTTP 301
https://x.co/6nlzq?idtrack=PfkZGVBL HTTP 302
https://t.co/gUY4DEMvPZ?amp=1 Page URL
-
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/?test
HTTP 302
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://x.co/6nlzq?idtrack=PfkZGVBL
HTTP 301
https://x.co/6nlzq?idtrack=PfkZGVBL HTTP 302
https://t.co/gUY4DEMvPZ?amp=1 Page URL
-
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/?test
HTTP 302
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://x.co/6nlzq?idtrack=PfkZGVBL HTTP 301
- https://x.co/6nlzq?idtrack=PfkZGVBL HTTP 302
- https://t.co/gUY4DEMvPZ?amp=1
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
gUY4DEMvPZ
t.co/ Redirect Chain
|
341 B 517 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/ Redirect Chain
|
491 KB 492 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/css/ |
118 KB 118 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ |
24 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.auth.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.svg
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.post.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ |
490 B 744 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
335 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nficon.woff
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/font/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| isEmail2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/ | Name: access_key Value: a036495856df4971a1e07f50a1449f14 |
|
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/ | Name: PHPSESSID Value: cd12a16d0ed95d8f6c80555330f8d4fb |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=0 |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
t.co
x.co
104.244.42.5
104.248.21.209
45.40.140.1
0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92
20ecce3623ff253244051a0a7107687b1716e4e70a4f642ae2d277ff2412eb02
3d8a0b509bbf04810e426671602e7a525bbc1834b85413021fdc871857fb1887
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece
5d5fdad277c1e7caf1d34536b218dfaaa2946c0593b862228be1a5b86368bd6c
64683a99ff7ead4818884e8d700e09b59f3d7357acee7783a9a524454bd5dcb5
8d4b679684e21e6893b4de26990c9bffba931aad35698a8514f06296cec22ad7
8f7979108c98c6a2295922d22217945363114ce6b0709fc014a746060f431d61
9714622d545f1794793c8f3878daa01cffe6887abd1424b41a632d2a9f65061b
9b57e16f53a089d8f732a78f86db758cd6122a166c52826e0dd12add22ef5503
bd6e8593ef34f3b762959d6deaeffe46c5a029ab0a10647df9e637b41fb72cd9