Report - accountupdatehub.info

Report Overview

Visited public
2025-03-11 00:07:15
Tags
netflix phishing
URL
accountupdatehub.info
Finishing URL
accountupdatehub.info/
IP / ASN
147.93.123.247
#0
Title
Netflix
Phishing - Netflix

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assets.nflxext.com	3871	2011-02-11	2015-07-22	2025-03-10	2.7 kB	254 kB	45.57.91.1
accountupdatehub.info	unknown	unknown	No data	No data	5.0 kB	562 kB	147.93.123.247
code.jquery.com	634	2005-12-10	2012-05-21	2025-03-05	972 B	163 kB	151.101.2.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.1.min.js?sid=1e4314dd3139ca5380b5357980472da1	ScriptElement	90 kB	2023-03-07	2025-06-21
Pretty URL code.jquery.com/jquery-3.6.1.min.js?sid=1e4314dd3139ca5380b5357980472da1 IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28 Last Seen2025-06-21 02:54 Times Seen15227 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	code.jquery.com/jquery-3.6.0.slim.min.js	ScriptElement	72 kB	2023-03-07	2025-06-20
Pretty URL code.jquery.com/jquery-3.6.0.slim.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-06-20 18:06 Times Seen6309 Hash 1276065911521c5c22037a31365d179d d1c6704e94efe2d465fc161b6381e127d35acd81 bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512 Loading...

	accountupdatehub.info/assets/js/index.js	ScriptElement	1.5 kB	2025-03-11	2025-03-11
Pretty URL accountupdatehub.info/assets/js/index.js IP 147.93.123.247 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-11 00:07 Last Seen2025-03-11 00:07 Times Seen1 Hash 62e6b04aaabe22ad88a266be983135b4 1df86b792122f072e6b54754d5fd05caaab7bea4 96661c281cacf29790e5e37404c6085bdd9d757d81c2d1a9413ce19ed9f454d2 Loading...

	accountupdatehub.info/	ScriptElement	359 B	2025-03-11	2025-03-11
Pretty URL accountupdatehub.info/ IP 147.93.123.247 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-11 00:07 Last Seen2025-03-11 00:07 Times Seen1 Hash 99e99e65f849d6e85bd1c8751efa881e 4c5a67fdaa42fb342313f461c8e75eed2ea417da 86b9532fcfc5098bd12c814dcdf449c41d7f2a7d4270bb4d80f6bb9a17fbbfe4 Loading...

HTTP Transactions (17)

URL IP Response Size

GET assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css?sid=1b7518a42e6b6a4f2561c21cb87518ef

45.57.91.1

200 OK

9.8 kB

URL GET
assets.nflxext.com/web/ffe/wp/less/core/error-page.b122c37502204303115a.css?sid=1b7518a42e6b6a4f2561c21cb87518ef
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://accountupdatehub.info/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
FingerprintB9:32:5B:F8:E0:BB:A6:1D:A6:FD:17:12:8C:E0:DF:6C:67:0F:AD:5D
ValidityMon, 03 Mar 2025 00:00:00 GMT - Wed, 02 Apr 2025 00:01:12 GMT

File type
ASCII text, with very long lines (9846), with no line terminators
Size
9.8 kB (9816 bytes)
Hash
16e2ab9e56d00adf9a2ea28d411fc732
465a7ffe418592082ca0d2ea1266dd126203c57e
e7df03a2e6734a48f1b9265de87caf228b7ddae03ab688d8104c8bba1abb7d91

HTTP Headers

GET /web/ffe/wp/less/core/error-page.b122c37502204303115a.css?sid=1b7518a42e6b6a4f2561c21cb87518ef HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Tue, 11 Mar 2025 00:06:55 GMT
Content-Type: text/css
Content-Length: 2524
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 19:05:46 GMT
Content-Encoding: gzip
Cache-Control: max-age=604801
Expires: Tue, 18 Mar 2025 00:06:56 GMT
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET assets.nflxext.com/web/ffe/wp/less/login/loginBase.b1adf06b6a2a1720f790.css?sid=4789d1e94234839c70e1f4903f6f2c7c

45.57.91.1

200 OK

45 kB

URL GET
assets.nflxext.com/web/ffe/wp/less/login/loginBase.b1adf06b6a2a1720f790.css?sid=4789d1e94234839c70e1f4903f6f2c7c
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://accountupdatehub.info/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint38:69:FC:BE:14:9A:0F:0D:55:62:34:C1:32:65:E1:22:ED:FF:2B:0F
ValidityTue, 04 Mar 2025 00:00:00 GMT - Sat, 05 Apr 2025 01:17:57 GMT

File type
ASCII text, with very long lines (43256)
Size
45 kB (44671 bytes)
Hash
5a23578f328db79a43876977fcbadf1d
a87bed3ac533a132ef16c5eeddfb776917c9020b
28893dd43488d83c7ab4f71734f746bb94d8f268cafc6f7da9292e6e59ac209b

HTTP Headers

GET /web/ffe/wp/less/login/loginBase.b1adf06b6a2a1720f790.css?sid=4789d1e94234839c70e1f4903f6f2c7c HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Tue, 11 Mar 2025 00:06:55 GMT
Content-Type: text/css
Content-Length: 9256
Connection: keep-alive
Last-Modified: Fri, 17 Mar 2023 12:20:07 GMT
Content-Encoding: gzip
Cache-Control: max-age=604801
Expires: Tue, 18 Mar 2025 00:06:56 GMT
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET accountupdatehub.info/status/check.php?ip=&id=1&onpage=true

147.93.123.247

200 OK

0 B

URL GET
accountupdatehub.info/status/check.php?ip=&id=1&onpage=true
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /status/check.php?ip=&id=1&onpage=true HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:06:56 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.3.17, PleskLin
X-Firefox-Spdy: h2

GET accountupdatehub.info/status/check.php?ip=&id=1&onpage=true

147.93.123.247

200 OK

0 B

URL GET
accountupdatehub.info/status/check.php?ip=&id=1&onpage=true
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /status/check.php?ip=&id=1&onpage=true HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:07:11 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.3.17, PleskLin
X-Firefox-Spdy: h2

GET code.jquery.com/jquery-3.6.0.slim.min.js

151.101.2.137

200 OK

72 kB

URL GET
code.jquery.com/jquery-3.6.0.slim.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://accountupdatehub.info/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65241)
Size
72 kB (72372 bytes)
Hash
1276065911521c5c22037a31365d179d
d1c6704e94efe2d465fc161b6381e127d35acd81
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512

HTTP Headers

GET /jquery-3.6.0.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accountupdatehub.info
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-11ab4"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 11 Mar 2025 00:06:55 GMT
age: 1359984
x-served-by: cache-lga13624-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 49, 8659
x-timer: S1741651616.653548,VS0,VE0
vary: Accept-Encoding
content-length: 24587
X-Firefox-Spdy: h2

GET accountupdatehub.info/assets/js/index.js

147.93.123.247

200 OK

1.5 kB

URL GET
accountupdatehub.info/assets/js/index.js
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type
JavaScript source, ASCII text, with very long lines (1663), with no line terminators
Size
1.5 kB (1481 bytes)
Hash
46cb3e8ae479e2c6e3a7d9843c378516
1d87dbfce40002ddaff2e0681de455b06d7b27b5
e15f5eb2becf8a0a95b60747598ab60e0c5d11b79b5e09a138a34a28dbf5d374

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /assets/js/index.js HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:06:55 GMT
content-type: application/javascript
last-modified: Tue, 23 Aug 2022 03:40:50 GMT
etag: W/"63044c42-5c9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

GET accountupdatehub.info/status/check.php?ip=&id=1&onpage=true

147.93.123.247

200 OK

0 B

URL GET
accountupdatehub.info/status/check.php?ip=&id=1&onpage=true
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /status/check.php?ip=&id=1&onpage=true HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:07:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.3.17, PleskLin
X-Firefox-Spdy: h2

GET assets.nflxext.com/web/ffe/wp/less/pages/login/Login.10b0d4338e625d30279d.css?sid=d19c16ec442de35e968a90806e008ef7

45.57.91.1

200 OK

90 kB

URL GET
assets.nflxext.com/web/ffe/wp/less/pages/login/Login.10b0d4338e625d30279d.css?sid=d19c16ec442de35e968a90806e008ef7
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://accountupdatehub.info/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint59:44:8F:76:B8:AC:DA:5D:22:31:67:45:F1:DB:8F:73:F0:D6:A2:52
ValiditySun, 02 Mar 2025 00:00:00 GMT - Sat, 05 Apr 2025 01:20:08 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
90 kB (90404 bytes)
Hash
0a1fd33be37fac89be5a67de527bde90
7deebd38edd37518769c027623d784e2bc1704bc
1d957c21d351e828e2cffad66a92b3170a74a4d8d12d0150afce3e21f96fd395

HTTP Headers

GET /web/ffe/wp/less/pages/login/Login.10b0d4338e625d30279d.css?sid=d19c16ec442de35e968a90806e008ef7 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Tue, 11 Mar 2025 00:06:56 GMT
Content-Type: text/css
Content-Length: 15084
Connection: keep-alive
Last-Modified: Tue, 11 Apr 2023 12:19:59 GMT
Content-Encoding: gzip
Cache-Control: max-age=604801
Expires: Tue, 18 Mar 2025 00:06:57 GMT
Timing-Allow-Origin: *
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET code.jquery.com/jquery-3.6.1.min.js?sid=1e4314dd3139ca5380b5357980472da1

151.101.2.137

200 OK

90 kB

URL GET
code.jquery.com/jquery-3.6.1.min.js?sid=1e4314dd3139ca5380b5357980472da1
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://accountupdatehub.info/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
90 kB (89664 bytes)
Hash
00727d1d5d9c90f7de826f1a4a9cc632
ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

HTTP Headers

GET /jquery-3.6.1.min.js?sid=1e4314dd3139ca5380b5357980472da1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accountupdatehub.info
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15e40"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 11 Mar 2025 00:06:55 GMT
age: 2903290
x-served-by: cache-lga13629-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 20, 33153
x-timer: S1741651616.649457,VS0,VE0
vary: Accept-Encoding
content-length: 30957
X-Firefox-Spdy: h2

GET assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2

45.57.91.1

200 OK

54 kB

URL GET
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://accountupdatehub.info/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
Fingerprint6A:3A:9A:EB:DF:EE:51:E0:13:11:C3:15:FB:2C:47:00:0B:82:F6:F6
ValiditySun, 09 Mar 2025 00:00:00 GMT - Sun, 13 Apr 2025 00:23:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 53940, version 2.6554
Size
54 kB (53940 bytes)
Hash
ea769921b0cfa4fc6d4d1a2e0b1fa5ff
34dcd2875c9752ebba6f894eb8d410e4958cc1b4
9ac2bd03fcde501b3f30f47ab1fae62161f87808ea6411f38e8feaa4bbddc42e

HTTP Headers

GET /ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Md.woff2 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accountupdatehub.info
DNT: 1
Connection: keep-alive
Referer: https://assets.nflxext.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Tue, 11 Mar 2025 00:06:56 GMT
Content-Type: font/woff2
Content-Length: 53940
Connection: keep-alive
Content-MD5: 6naZIbDPpPxtTRouCx+l/w==
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Cache-Control: max-age=604801
Expires: Tue, 18 Mar 2025 00:06:57 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET accountupdatehub.info/img/icons/nficon2016.png

147.93.123.247

200 OK

1.8 kB

URL GET
accountupdatehub.info/img/icons/nficon2016.png
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1755 bytes)
Hash
3d194514babc5d7d010308a0f808ca51
867e51e9b4a474c19da52d6454076c007a9d01f2
7341f7b8b0ae3c0da4aea559efc31f0b53d9db9dd291664fdcf7d618fd95ed8a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /img/icons/nficon2016.png HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:06:56 GMT
content-type: image/png
content-length: 1755
last-modified: Fri, 24 Jan 2025 12:00:24 GMT
etag: "679380d8-6db"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

GET accountupdatehub.info/img/icons/nficon2016.ico

147.93.123.247

200 OK

17 kB

URL GET
accountupdatehub.info/img/icons/nficon2016.ico
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /img/icons/nficon2016.ico HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:06:56 GMT
content-type: image/vnd.microsoft.icon
content-length: 16958
last-modified: Fri, 24 Jan 2025 12:00:14 GMT
etag: "679380ce-423e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

GET accountupdatehub.info/

147.93.123.247

200 OK

539 kB

URL User Request GET
accountupdatehub.info/
IP
147.93.123.247:443
ASN
#0

Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type

Size
539 kB (538797 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET / HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:06:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn; path=/
x-powered-by: PHP/8.3.17, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

GET accountupdatehub.info/personalization/cl2/freeform/test

147.93.123.247

404 Not Found

808 B

URL GET
accountupdatehub.info/personalization/cl2/freeform/test
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type
HTML document, ASCII text, with very long lines (866), with no line terminators
Size
808 B (808 bytes)
Hash
b45bdabc5c2538b0c4e5f352bcdfb585
5a97ce87ce8d3d86a043c1a5e68e968e20a1e146
c96189c857253fcdbe13dfcbc7f919050fae21ccb7116c3078ee3c8d8d0f12c7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /personalization/cl2/freeform/test HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx
date: Tue, 11 Mar 2025 00:06:55 GMT
content-type: text/html
content-length: 808
last-modified: Sat, 08 Mar 2025 17:12:41 GMT
etag: "328-62fd7d8c78e83"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET accountupdatehub.info/assets/css/anim.css

147.93.123.247

200 OK

335 B

URL GET
accountupdatehub.info/assets/css/anim.css
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type
ASCII text, with very long lines (365), with no line terminators
Size
335 B (335 bytes)
Hash
97b9c5c26a5073c10fb0c264e872c0a7
6906f1bce956a9712ebaf1084103086798bf6251
782c6c1cfb5645335f32ee5011a8dc6e93df8077778466619662cd1e72cf429d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /assets/css/anim.css HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:06:55 GMT
content-type: text/css
content-length: 335
x-accel-version: 0.01
last-modified: Tue, 23 Aug 2022 03:40:50 GMT
etag: "14f-5e6e0549a1480"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2

GET assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2

45.57.91.1

200 OK

53 kB

URL GET
assets.nflxext.com/ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2
IP
45.57.91.1:443
ASN
#40027 NETFLIX-ASN

Requested by
https://accountupdatehub.info/
Certificate
IssuerDigiCert Inc
Subject*.1.nflxso.net
FingerprintB9:32:5B:F8:E0:BB:A6:1D:A6:FD:17:12:8C:E0:DF:6C:67:0F:AD:5D
ValidityMon, 03 Mar 2025 00:00:00 GMT - Wed, 02 Apr 2025 00:01:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 53304, version 2.6554
Size
53 kB (53304 bytes)
Hash
0bf3177f1fed6d953178221fba43c7e8
83d9f039f1ba7209321c7da72d3dc6a9aa5e2ab3
c0bceb927c506dce9f6e6f5f570e641ad580b9554be06f61508a4aee32380167

HTTP Headers

GET /ffe/siteui/fonts/netflix-sans/v3/NetflixSans_W_Rg.woff2 HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://accountupdatehub.info
DNT: 1
Connection: keep-alive
Referer: https://assets.nflxext.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: freenginx
Date: Tue, 11 Mar 2025 00:06:56 GMT
Content-Type: font/woff2
Content-Length: 53304
Connection: keep-alive
Content-MD5: C/MXfx/tbZUxeCIfukPH6A==
Last-Modified: Thu, 17 Jan 2019 20:16:30 GMT
Cache-Control: max-age=604801
Expires: Tue, 18 Mar 2025 00:06:57 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

GET accountupdatehub.info/status/check.php?ip=&id=1&onpage=true

147.93.123.247

200 OK

0 B

URL GET
accountupdatehub.info/status/check.php?ip=&id=1&onpage=true
IP
147.93.123.247:443
ASN
#0

Requested by
https://accountupdatehub.info/
Certificate
IssuerLet's Encrypt
Subjectaccountupdatehub.info
Fingerprint8C:27:2A:A2:63:1D:2B:2F:12:A1:89:56:2F:47:80:C9:6C:95:B6:D2
ValiditySat, 08 Mar 2025 14:47:17 GMT - Fri, 06 Jun 2025 14:47:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Netflix

HTTP Headers

GET /status/check.php?ip=&id=1&onpage=true HTTP/1.1
Host: accountupdatehub.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accountupdatehub.info/
Cookie: PHPSESSID=6aaguidi2p44osrh6smsnv5lfn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 11 Mar 2025 00:07:06 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.3.17, PleskLin
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (17)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET