ScanMalware.com

Security Scan Report: 00c29c34fd.nxcli.io

Submitted: May 27, 2026, 10:17:42 AMCompleted: May 27, 2026, 10:20:52 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main domain is 00c29c34fd.nxcli.io and was registered NaN years ago.

Submitted URL: https://00c29c34fd.nxcli.io/

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

The site hosts a known ClickFix FakeCAPTCHA phishing kit, is flagged by multiple threat intel sources, and triggers critical IDS alerts – treat as confirmed credential phishing scam.

Risk Factors
Primary domain Indicators of Compromise
Known malicious phishing kit present
Critical IDS alerts indicating malware/phishing activity
UNRANKED domain reputation
Fake CAPTCHA social‑engineering page
Domain age information unavailable

Details

Page Title

Checking if you are human

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(52%)

Domain Information

Within the British Indian Ocean Territory country-code top-level domain (.io), '00c29c34fd.nxcli.io' is registered and includes subdomain '00c29c34fd'. Count 5 characters in 'nxcli' containing one vowel alongside four consonants. It segments into two words: nxc, li. Median word length is 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://00c29c34fd.nxcli.io/

Page Load Overview

N/A
Total Load Time
7
HTTP Requests
0
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:716 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software52% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
52%
documentation technical
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3142.251.156.119United States
AS15169Google LLC
1104.17.25.14United States
AS13335Cloudflare, Inc.
1192.178.183.104United States
AS15169Google LLC
1192.190.221.74United States
AS32244Liquid Web, L.L.C
1195.154.153.127Paris, Île-de-France, France
AS12876Scaleway SAS
05--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E7034B2B21AB20210523E05D778777A931351167FB42CAE63DAC8071AFE7D92EB735E4

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:k1Slf60pY9o2kGWkkg1kVpA3EHkV7kV3kVr3pkVskVA2kVRkV4kVPkV9QmVGIEGo:cUf60pYS2kGWkkg1YpA3EHY7Y3YbpYsW

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:40518:UgUxIApCcGKEERLosGgKIwoYJQS4AJWAZBBiRElQgthBIBcISkFKIhlISDqgUwBDSCZADDGAliYCeEBgpGDNCQkkcGC5EkQW

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cfc7c3c3e7e7ffff
Perceptual Hash:b03088c7cfcdcec6
Difference Hash:189c949e480c1000
Wavelet Hash:cfc3c3c303270f0f
Color Hash:#78643a

Other Hashes

Crop Resistant:189c949e480c1000

Scan History

Scan history not available

Unable to load historical scan data