urlscan.io logo urlscan.io
SecurityTrails logo

netfiix-update.ajjca72akliy72hvxk82l.acciasx.com Open in urlscan Pro
104.248.21.209  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://x.co/6nlzq?idtrack=PfkZGVBL
Effective URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Submission: On August 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 104.248.21.209, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is netfiix-update.ajjca72akliy72hvxk82l.acciasx.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 17th 2020. Valid for: 3 months.
This is the only time netfiix-update.ajjca72akliy72hvxk82l.acciasx.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
2 2 45.40.140.1 26496 (AS-26496-...)
1 104.244.42.5 13414 (TWITTER)
1 9 104.248.21.209 14061 (DIGITALOC...)
9 3
Apex Domain
Subdomains		 Transfer
9 acciasx.com
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
798 KB
2 x.co
x.co
305 B
1 t.co
t.co
517 B
9 3
Domain Requested by
9 netfiix-update.ajjca72akliy72hvxk82l.acciasx.com 1 redirects t.co
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
2 x.co 2 redirects
1 t.co
9 3

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
cPanel, Inc. Certification Authority		 2020-08-17 -
2020-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Frame ID: 3546F464CB0400EF4D404DE97FA301CB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://x.co/6nlzq?idtrack=PfkZGVBL HTTP 301
    https://x.co/6nlzq?idtrack=PfkZGVBL HTTP 302
    https://t.co/gUY4DEMvPZ?amp=1 Page URL
  2. https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/?test HTTP 302
    https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

798 kB
Transfer

1141 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://x.co/6nlzq?idtrack=PfkZGVBL HTTP 301
    https://x.co/6nlzq?idtrack=PfkZGVBL HTTP 302
    https://t.co/gUY4DEMvPZ?amp=1 Page URL
  2. https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/?test HTTP 302
    https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://x.co/6nlzq?idtrack=PfkZGVBL HTTP 301
  • https://x.co/6nlzq?idtrack=PfkZGVBL HTTP 302
  • https://t.co/gUY4DEMvPZ?amp=1

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gUY4DEMvPZ
t.co/
Redirect Chain
  • http://x.co/6nlzq?idtrack=PfkZGVBL
  • https://x.co/6nlzq?idtrack=PfkZGVBL
  • https://t.co/gUY4DEMvPZ?amp=1
341 B
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/gUY4DEMvPZ?amp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
8f7979108c98c6a2295922d22217945363114ce6b0709fc014a746060f431d61
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/gUY4DEMvPZ?amp=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
207
content-type
text/html; charset=utf-8
date
Mon, 17 Aug 2020 14:46:39 GMT
expires
Mon, 17 Aug 2020 14:51:39 GMT
server
tsa_o
set-cookie
muc=7b8d6b1d-3544-4767-8bbd-6efb1e649007; Max-Age=63072000; Expires=Wed, 17 Aug 2022 14:46:39 GMT; Domain=t.co; Secure; SameSite=None
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
ab1e48810b9f2601bfc219457066eb92
x-response-time
125
x-xss-protection
0

Redirect headers

status
302
server
nginx/1.16.1
date
Mon, 17 Aug 2020 14:46:39 GMT
content-type
text/html; charset=utf-8
location
https://t.co/gUY4DEMvPZ?amp=1
Primary Request login
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/
Redirect Chain
  • https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/?test
  • https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
491 KB
492 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Requested by
Host: t.co
URL: https://t.co/gUY4DEMvPZ?amp=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
64683a99ff7ead4818884e8d700e09b59f3d7357acee7783a9a524454bd5dcb5

Request headers

Host
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://t.co/gUY4DEMvPZ?amp=1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PHPSESSID=cd12a16d0ed95d8f6c80555330f8d4fb; access_key=a036495856df4971a1e07f50a1449f14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://t.co/gUY4DEMvPZ?amp=1

Response headers

Date
Mon, 17 Aug 2020 14:46:43 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 17 Aug 2020 14:46:39 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=cd12a16d0ed95d8f6c80555330f8d4fb; path=/ access_key=a036495856df4971a1e07f50a1449f14; expires=Mon, 17-Aug-2020 16:46:43 GMT; Max-Age=7200
location
nl-en/login
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
login.css
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/css/ 		118 KB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/css/login.css
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
3d8a0b509bbf04810e426671602e7a525bbc1834b85413021fdc871857fb1887

Request headers

Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Wed, 10 Jul 2019 17:23:08 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
120356
jquery.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/jquery.js
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
bd6e8593ef34f3b762959d6deaeffe46c5a029ab0a10647df9e637b41fb72cd9

Request headers

Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Fri, 02 Aug 2019 14:04:34 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
88061
jquery.validate.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/jquery.validate.js
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
8d4b679684e21e6893b4de26990c9bffba931aad35698a8514f06296cec22ad7

Request headers

Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Fri, 02 Aug 2019 14:04:22 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
24239
login.auth.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/login.auth.js
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
5d5fdad277c1e7caf1d34536b218dfaaa2946c0593b862228be1a5b86368bd6c

Request headers

Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Fri, 02 Aug 2019 18:38:00 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3647
favicon.svg
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/img/favicon.svg
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
0c12d5374247e16fced565a207d010bf39f1eb55ee0394581ced67b2e6fa7b92

Request headers

Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Wed, 10 Jul 2019 17:23:08 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1118
login.post.js
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/ 		490 B
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/js/login.post.js
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash
9714622d545f1794793c8f3878daa01cffe6887abd1424b41a632d2a9f65061b

Request headers

Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/nl-en/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Thu, 08 Aug 2019 03:04:44 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
490
truncated
/ 		335 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b57e16f53a089d8f732a78f86db758cd6122a166c52826e0dd12add22ef5503

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20ecce3623ff253244051a0a7107687b1716e4e70a4f642ae2d277ff2412eb02

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e49d9dc43267590184389ab3da0cb9f7308c9c848667dab109a0f7c73450ece

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
nficon.woff
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/font/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/font/nficon.woff
Requested by
Host: netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
URL: https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/css/login.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.21.209 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Origin
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com
Referer
https://netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/assets/css/login.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 17 Aug 2020 14:46:44 GMT
Last-Modified
Wed, 10 Jul 2019 17:23:08 GMT
Server
Apache
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
73572

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| isEmail

2 Cookies

Domain/Path Name / Value
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/ Name: access_key
Value: a036495856df4971a1e07f50a1449f14
netfiix-update.ajjca72akliy72hvxk82l.acciasx.com/ Name: PHPSESSID
Value: cd12a16d0ed95d8f6c80555330f8d4fb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0