urlscan.io logo urlscan.io
SecurityTrails logo

affairoms.co.uk Open in urlscan Pro
2001:8d8:100f:f000::26c  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://affairoms.co.uk/update/updateNetflix/app/template/
Submission: On June 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2001:8d8:100f:f000::26c, located in Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is affairoms.co.uk.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on June 9th 2024. Valid for: a year.
This is the only time affairoms.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

IP Address AS Autonomous System
6 2001:8d8:100f... 8560 (IONOS-AS ...)
4 2a00:86c0:209... 40027 (NETFLIX-ASN)
10 2
Apex Domain
Subdomains		 Transfer
6 affairoms.co.uk
affairoms.co.uk
278 KB
4 nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 4657
194 KB
10 2
Domain Requested by
6 affairoms.co.uk affairoms.co.uk
4 assets.nflxext.com affairoms.co.uk
10 2

This site contains links to these domains. Also see Links.

Domain
help.netflix.com
optout.aboutads.info
www.onetrust.com
Subject Issuer Validity Valid
*.affairoms.co.uk
Encryption Everywhere DV TLS CA - G2		 2024-06-09 -
2025-06-24		 a year crt.sh
*.1.nflxso.net
DigiCert Secure Site ECC CA-1		 2024-06-08 -
2024-07-11		 a month crt.sh

This page contains 1 frames:

Primary Page: https://affairoms.co.uk/update/updateNetflix/app/template/
Frame ID: 521FA9412D3884A003BEFE0669AF74AC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Netflix

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

472 kB
Transfer

631 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
affairoms.co.uk/update/updateNetflix/app/template/ 		196 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affairoms.co.uk/update/updateNetflix/app/template/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::26c , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
d25410fd199dadfa5e0b83f8c19afae729edb58025bcfdb1934d309d095d5bfc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 13 Jun 2024 03:44:26 GMT
server
Apache
error-page.b122c37502204303115a.css
affairoms.co.uk/update/updateNetflix/app/template/assets/css/ 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affairoms.co.uk/update/updateNetflix/app/template/assets/css/error-page.b122c37502204303115a.css
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::26c , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
910fb84da8dac07dc71624e7123c3617727aac2637fcb5421c0b772b4d97f42f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/update/updateNetflix/app/template/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:44:26 GMT
last-modified
Mon, 09 Jan 2023 22:08:40 GMT
server
Apache
accept-ranges
bytes
etag
"2658-5f1dc0276ea00"
content-length
9816
content-type
text/css
simplicity.b93c1ad4b0c3ba39c7d7.css
affairoms.co.uk/update/updateNetflix/app/template/assets/css/ 		191 KB
191 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affairoms.co.uk/update/updateNetflix/app/template/assets/css/simplicity.b93c1ad4b0c3ba39c7d7.css
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::26c , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
4a0593c2757dfc8fcae6d34bfdd5ff3b89ad36e41c5e6db92f860d4a7fd69817

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/update/updateNetflix/app/template/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:44:26 GMT
last-modified
Mon, 09 Jan 2023 22:08:40 GMT
server
Apache
accept-ranges
bytes
etag
"2fb97-5f1dc0276ea00"
content-length
195479
content-type
text/css
suspended.png
affairoms.co.uk/update/updateNetflix/app/template/assets/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affairoms.co.uk/update/updateNetflix/app/template/assets/images/suspended.png
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::26c , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
39e47675fa1e2da38de08dbda88d297cf25efea7944141964243a2060708c662

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/update/updateNetflix/app/template/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:44:26 GMT
last-modified
Tue, 10 Jan 2023 22:54:14 GMT
server
Apache
accept-ranges
bytes
etag
"509e-5f1f0c343d180"
content-length
20638
content-type
image/png
Netflix_Logo_PMS.png
affairoms.co.uk/update/updateNetflix/app/template/assets/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affairoms.co.uk/update/updateNetflix/app/template/assets/images/Netflix_Logo_PMS.png
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::26c , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
675dd7b68acf580f893bec532f5b260b8f984b67734a9a6831334b2ff4aad384

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/update/updateNetflix/app/template/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:44:26 GMT
last-modified
Mon, 09 Jan 2023 22:08:40 GMT
server
Apache
accept-ranges
bytes
etag
"4002-5f1dc0276ea00"
content-length
16386
content-type
image/png
powered_by_logo.svg
affairoms.co.uk/update/updateNetflix/app/template/assets/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affairoms.co.uk/update/updateNetflix/app/template/assets/images/powered_by_logo.svg
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:8d8:100f:f000::26c , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software
Apache /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/update/updateNetflix/app/template/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 03:44:26 GMT
last-modified
Mon, 09 Jan 2023 22:08:40 GMT
server
Apache
accept-ranges
bytes
etag
"144a-5f1dc0276ea00"
content-length
5194
content-type
image/svg+xml
NetflixSans_W_Rg.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/assets/css/error-page.b122c37502204303115a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/
Origin
https://affairoms.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 03:44:27 GMT
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
Content-MD5
C/MXfx/tbZUxeCIfukPH6A==
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53304
Expires
Thu, 20 Jun 2024 03:44:28 GMT
NetflixSans_W_Md.woff2
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/assets/css/error-page.b122c37502204303115a.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/
Origin
https://affairoms.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 03:44:27 GMT
Last-Modified
Thu, 17 Jan 2019 20:16:30 GMT
Server
nginx
Content-MD5
6naZIbDPpPxtTRouCx+l/w==
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53940
Expires
Thu, 20 Jun 2024 03:44:28 GMT
nf-icon-v1-93.woff
assets.nflxext.com/ffe/siteui/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
Requested by
Host: affairoms.co.uk
URL: https://affairoms.co.uk/update/updateNetflix/app/template/assets/css/simplicity.b93c1ad4b0c3ba39c7d7.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/
Origin
https://affairoms.co.uk
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 03:44:27 GMT
Last-Modified
Mon, 29 Jan 2018 01:50:51 GMT
Server
nginx
Content-MD5
fPYVbMSBJEtaJUNi17c/AA==
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73572
Expires
Thu, 20 Jun 2024 03:44:28 GMT
nficon2016.ico
assets.nflxext.com/us/ffe/siteui/common/icons/ 		17 KB
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:86c0:2091::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://affairoms.co.uk/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 13 Jun 2024 03:44:27 GMT
Last-Modified
Tue, 21 Jun 2016 21:54:27 GMT
Server
nginx
Content-MD5
QbRf3OCb1qzQfHqJSdpnXg==
Content-Type
image/x-icon
Cache-Control
max-age=604801
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16958
Expires
Thu, 20 Jun 2024 03:44:28 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies