nulefix.com
Open in
urlscan Pro
160.153.50.0
Malicious Activity!
Public Scan
Submission: On January 26 via automatic, source phishtank
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 25th 2020. Valid for: 2 years.
This is the only time nulefix.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
22 | 160.153.50.0 160.153.50.0 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
1 1 | 23.0.42.96 23.0.42.96 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 34.209.100.148 34.209.100.148 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 204.109.13.121 204.109.13.121 | 22510 (BRAINTREE...) (BRAINTREEPAYMENTSOLUTIONS) | |
33 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-0-42-96.deploy.static.akamaitechnologies.com
assets.braintreegateway.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-100-148.us-west-2.compute.amazonaws.com
ssl.kaptcha.com |
ASN22510 (BRAINTREEPAYMENTSOLUTIONS, US)
PTR: api.braintreegateway.com
api.braintreegateway.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
nulefix.com
nulefix.com |
242 KB |
2 |
braintreegateway.com
1 redirects
assets.braintreegateway.com api.braintreegateway.com |
293 B |
1 |
kaptcha.com
ssl.kaptcha.com |
|
0 |
icflix.com
Failed
secure.icflix.com Failed |
|
33 | 4 |
Domain | Requested by | |
---|---|---|
22 | nulefix.com |
nulefix.com
|
1 | api.braintreegateway.com |
nulefix.com
|
1 | ssl.kaptcha.com |
nulefix.com
|
1 | assets.braintreegateway.com | 1 redirects |
0 | secure.icflix.com Failed |
nulefix.com
|
33 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
secure.icflix.com |
www.icflix.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
nulefix.com Go Daddy Secure Certificate Authority - G2 |
2020-01-25 - 2022-01-25 |
2 years | crt.sh |
ssl.kaptcha.com Thawte TLS RSA CA G1 |
2019-10-01 - 2021-11-29 |
2 years | crt.sh |
api.braintreegateway.com DigiCert Global CA G2 |
2018-06-21 - 2020-06-21 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/activation.php
Frame ID: 027F1C4B0C0E015F2F9483C03B5C1106
Requests: 32 HTTP requests in this frame
Frame:
https://ssl.kaptcha.com/logo.htm?m=600000&s=56c82c50a9914410d97ae5e5e491a28c
Frame ID: 50143DE1FFF37D4C9A12514C298DD816
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Ruby (Programming Languages) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: My Account
Search URL Search Domain Scan URL
Title: Sign out
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://assets.braintreegateway.com/data/logo.htm?m=600000&s=56c82c50a9914410d97ae5e5e491a28c HTTP 302
- https://ssl.kaptcha.com/logo.htm?m=600000&s=56c82c50a9914410d97ae5e5e491a28c
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
activation.php
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/ |
42 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
68 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
4 KB 532 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts-din.css
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
2 KB 564 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application_new_v3-0bafe3ce01393d0effa2228cec8b8de97bce4f80c.css
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
108 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intl-tel-input.css
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
34 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application_new-51dbff78c294d99dbe11076458ccc5efe2fdcd009ab4a.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
178 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_002.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icflix_002.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
74 B 149 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icflix.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intl-tel-input.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
23 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
countries_utils.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
213 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_payment_form.json
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
2 B 74 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_v2.png
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
braintree-2.js
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
178 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/eflix%20-%20all%20you%20can%20watch_fichiers/ |
32 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
caret-a05039afc6361a974a2437f624f77138fb705790c346680eaad181cc426ee5dd.png
secure.icflix.com/payment/header_footer/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
checkmark-5ada1b0c932767e383259678033063502a5b19538fe7545e9f344fe2c23570dc.svg
secure.icflix.com/payment/v3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
droparrow-5d8f712264b520bbd7e70b448be1eacfd83e95e788a38a7903deb4c9ec1b48d7.svg
secure.icflix.com/payment/v3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CircularStd-Book-1ff80397d95d0293ea4437c58731657b262c55ce9fa369fd530662da68cbad5a.woff
secure.icflix.com/payment/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flama-light.woff
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
logo.htm
ssl.kaptcha.com/ Frame 5014 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CircularStd-Medium-0c1196353951dfa42f833bfbcc0914e47d8b00b553aed0b2be45a3990775db4e.woff
secure.icflix.com/payment/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
configuration
api.braintreegateway.com/merchants/zwczfs6cq2f8pj4x/client_api/v1/ |
0 0 |
Script
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flama-light.ttf
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ge-ss-two-light.woff
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ge-ss-two-light.ttf
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CircularStd-Book-12933037d4bbd1c0beb135b5f4a1b4c5cb9c5c21073bbf50a8153f27478f2113.ttf
secure.icflix.com/payment/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CircularStd-Medium-bbe496420eb309a32c3b2c0ecb43a139e659f5c752dc604fde9b53de58718a72.ttf
secure.icflix.com/payment/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CircularStd-Book.woff
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CircularStd-Medium.woff
nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/header_footer/caret-a05039afc6361a974a2437f624f77138fb705790c346680eaad181cc426ee5dd.png
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/v3/checkmark-5ada1b0c932767e383259678033063502a5b19538fe7545e9f344fe2c23570dc.svg
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/v3/droparrow-5d8f712264b520bbd7e70b448be1eacfd83e95e788a38a7903deb4c9ec1b48d7.svg
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/CircularStd-Book-1ff80397d95d0293ea4437c58731657b262c55ce9fa369fd530662da68cbad5a.woff
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/CircularStd-Medium-0c1196353951dfa42f833bfbcc0914e47d8b00b553aed0b2be45a3990775db4e.woff
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/CircularStd-Book-12933037d4bbd1c0beb135b5f4a1b4c5cb9c5c21073bbf50a8153f27478f2113.ttf
- Domain
- secure.icflix.com
- URL
- https://secure.icflix.com/payment/CircularStd-Medium-bbe496420eb309a32c3b2c0ecb43a139e659f5c752dc604fde9b53de58718a72.ttf
- Domain
- nulefix.com
- URL
- https://nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/CircularStd-Book.woff
- Domain
- nulefix.com
- URL
- https://nulefix.com/verify/Login/125557fbeff39e59bf19c2861336db24/f/CircularStd-Medium.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| setLang function| getLang function| switchLang function| sendGAevent function| getSubscriptionStatus object| app function| $ function| jQuery object| i18n object| jQuery111105728081302237296 object| ICFLIX object| icflix_validate function| ga object| gaplugins object| intlTelInputUtils function| show object| Braintree object| braintree undefined| lang function| callback_json12b99c19090c450a8d5174cdd44c36f70 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.braintreegateway.com
assets.braintreegateway.com
nulefix.com
secure.icflix.com
ssl.kaptcha.com
nulefix.com
secure.icflix.com
160.153.50.0
204.109.13.121
23.0.42.96
34.209.100.148
0716dea7aa782ffe332094d41ad9deae929f5202b7850a6bca1a3e8cf22422fd
077122d1e72d4df1915312d91041bcb7d9e256b93c98b4a69c68625bc91e2a97
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a57035a891a28503c0e401018a6acb859a89083548caaf6ffb54de0a07d6991
51dbff78c294d99dbe11076458ccc5efe2fdcd009ab4a90d6eaa3ce05e303868
53da5eb0301749c4a8008a43de1f487c7aee6944e79a53e2e5fddaf9d9133043
5703d3570d629cec3cd1b7834df70724642f2bd4e68d1106a713ff2c04c81c02
5fe55811cab9115f1733276abdc3e822047bd84f6ab9611fe64fcca43261e49f
631bb1efd9b4ddd3e3ef85d707be0e2c10c107d0e60ad2f647a3f3b22c898afc
736e6f46e5020f0d1279957c6a9976d99054e801e3fab12e4f5ce291c28ae98e
82e8f0c630f04af538a9626b6b5dd782de069ae2634bd9a2754e736526597029
c057d8eacadb653211719047182160ca01a1d39cbe85a9c75f71737109d344f8
d496e8f7958296657839ae8b3e5304502d2bfc67992a0ed4fbcb28cf208aaf90
d8ee8ea25cbb1670b7ac28596dc75b927b140966d0425fd24eb1060c9b6149d9
f3d61dcc0efa6a3ffc3f3c6f693c19d7fe8edfb17e3da8073cf04e76daf9cddc
f674aede1a79b1b93030c5973c015978cec8b34a9fa855182a036870d6dcb582
f8331f4d3cc5674d71ebd70f1b4bcf0d1d04c74282f428611c6a1112611a17af