kshitij12375.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kshitij12375.github.io/project6/
Effective URL:
https://kshitij12375.github.io/project6/
Submission: On October 26 via api (October 26th 2024, 2:32:02 pm UTC) from CZ — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 15 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is kshitij12375.github.io.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: a year.

This is the only time kshitij12375.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:4780:b:1... 2a02:4780:b:1453:0:10b9:bf1d:5	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	2600:9000:26e... 2600:9000:26e8:5000:1d:d7f6:39d3:d9e1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:276... 2600:9000:2761:ae00:5:87a5:a0c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:86c0:209... 2a00:86c0:2090::1	40027 (NETFLIX-ASN) (NETFLIX-ASN)
1	2804:1a04:0:3... 2804:1a04:0:3::866	61832 (DB3 SERVI...) (DB3 SERVICOS DE TELECOMUNICACOES S.A)
1	2a02:26f0:350... 2a02:26f0:3500:6::17d8:4d88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
15	10

3 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

kshitij12375.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:b:1453:0:10b9:bf1d:5 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

loodibee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26e8:5000:1d:d7f6:39d3:d9e1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2761:ae00:5:87a5:a0c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

resizing.flixster.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:86c0:2090::1 (United States)

ASN40027 (NETFLIX-ASN, US)

dnm.nflximg.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:1a04:0:3::866 (Fortaleza, Brazil)

ASN61832 (DB3 SERVICOS DE TELECOMUNICACOES S.A, BR)

occ-0-8407-2219.1.nflxso.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:6::17d8:4d88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

source.boomplaymusic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

i.redd.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	199 KB
3	github.io kshitij12375.github.io	11 KB
2	flixster.com resizing.flixster.com — Cisco Umbrella Rank: 46018	1 MB
1	redd.it i.redd.it — Cisco Umbrella Rank: 4658	317 KB
1	boomplaymusic.com source.boomplaymusic.com — Cisco Umbrella Rank: 88910	176 KB
1	nflxso.net occ-0-8407-2219.1.nflxso.net — Cisco Umbrella Rank: 455022	14 KB
1	nflximg.net dnm.nflximg.net — Cisco Umbrella Rank: 21236	1 MB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 482	448 KB
1	loodibee.com loodibee.com — Cisco Umbrella Rank: 755259	25 KB
0	peakpx.com Failed w0.peakpx.com Failed
15	10

	Domain	Requested by
3	cdnjs.cloudflare.com	kshitij12375.github.io cdnjs.cloudflare.com
3	kshitij12375.github.io	kshitij12375.github.io
2	resizing.flixster.com	kshitij12375.github.io
1	i.redd.it	kshitij12375.github.io
1	source.boomplaymusic.com	kshitij12375.github.io
1	occ-0-8407-2219.1.nflxso.net	kshitij12375.github.io
1	dnm.nflximg.net	kshitij12375.github.io
1	m.media-amazon.com	kshitij12375.github.io
1	loodibee.com	kshitij12375.github.io
0	w0.peakpx.com Failed	kshitij12375.github.io
15	10

This site contains no links.

Subject Issuer	Validity	Valid
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
loodibee.com R10	`2024-10-07` - `2025-01-05`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-01-05` - `2024-12-08`	a year	crt.sh
*.flixster.com COMODO RSA Organization Validation Secure Server CA	`2024-03-04` - `2025-03-04`	a year	crt.sh
*.1.nflxso.net DigiCert Secure Site ECC CA-1	`2024-10-10` - `2024-11-12`	a month	crt.sh
*.boomplaymusic.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-27` - `2025-05-27`	a year	crt.sh
*.redd.it DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://kshitij12375.github.io/project6/
Frame ID: D31E421CC29893184029A49D6E373249
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kshitij12375.github.io/project6/ HTTP 307
https://kshitij12375.github.io/project6/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Page Statistics

15
Requests

93 %
HTTPS

89 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

3416 kB
Transfer

3509 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kshitij12375.github.io/project6/ HTTP 307
https://kshitij12375.github.io/project6/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kshitij12375.github.io/project6/
Redirect Chain

http://kshitij12375.github.io/project6/
https://kshitij12375.github.io/project6/

6 KB
3 KB

252ms
171ms

Document
text/html

2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kshitij12375.github.io/project6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

3538ad6baaeaf5608be119d8768fe447fd81a3c9fb551f53cd85268d780a057c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 2440
content-type: text/html; charset=utf-8
date: Sat, 26 Oct 2024 14:31:56 GMT
etag: W/"6702aaad-170a"
expires: Sat, 26 Oct 2024 14:41:56 GMT
last-modified: Sun, 06 Oct 2024 15:20:13 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: fb8699e61ba313d6242565478bac16c05c4bc83e
x-github-request-id: 8C6C:E92C6:349BC11:35C89EF:671CFD5A
x-proxy-cache: MISS
x-served-by: cache-mad2200135-MAD
x-timer: S1729953116.410440,VS0,VE137

Redirect headers

Location: https://kshitij12375.github.io/project6/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
kshitij12375.github.io/project6/ 21 KB
3 KB 183ms
182ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kshitij12375.github.io/project6/style.css

Requested by

Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

21eb44035adb247a9bc14f3acc54f52dc8ebbaedfd59f4a957907aa2ecf8918f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/project6/

Response headers

x-fastly-request-id: 0b5fde14b15280e91bebf23d7eb774ad3ec1057d
content-encoding: gzip
etag: W/"6702aaad-53b0"
age: 0
x-github-request-id: 200B:3524E1:2E571F0:2F550AE:671CFD5A
expires: Sat, 26 Oct 2024 14:41:56 GMT
x-proxy-cache: MISS
x-cache: MISS
date: Sat, 26 Oct 2024 14:31:56 GMT
content-type: text/css; charset=utf-8
last-modified: Sun, 06 Oct 2024 15:20:13 GMT
x-served-by: cache-mad2200135-MAD
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729953117.594730,VS0,VE138
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2763
server: GitHub.com

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/ 94 KB
19 KB 36ms
19ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css

Requested by

Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kshitij12375.github.io
Referer

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6696a8d8-491a"
age: 163538
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zlrOKeNR%2BccOephWqHjH%2FZSSHaVsxRX2NJqFxgd1%2BFWWUuEYbND9ueNY3jD5PuEpE0%2FBoPTNbpqEOTlnwdr7Zjsd1EY1mr%2BS0srj1PUdn%2FpT8dlzQPxRPtwizyAK0C40BKAXnZh"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 14:31:56 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 14:31:56 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 16 Jul 2024 17:07:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d8b2722cb488c4f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18714
server: cloudflare

GET
H2 200 Netflix-logo.png
loodibee.com/wp-content/uploads/ 25 KB
25 KB 476ms
142ms Image
image/png 2a02:4780:b:1453:0:10b9:bf1d:5
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://loodibee.com/wp-content/uploads/Netflix-logo.png

Requested by

Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:b:1453:0:10b9:bf1d:5 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

71ccf2abf48804c12498125e043ffc465c3773e59638c6b86656bb1b0d2f7bdc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "633b-640918be-b183e744d6b1d264;;;"
expires: Sat, 02 Nov 2024 14:31:56 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 25403
date: Sat, 26 Oct 2024 14:31:56 GMT
content-type: image/png
last-modified: Wed, 08 Mar 2023 23:22:38 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2 200 MV5BN2RjNzIxYjYtNzU1Zi00NGRhLWE2OTktMTA2NGUzNjQyYjFlXkEyXkFqcGc@._V1_.jpg
m.media-amazon.com/images/M/ 447 KB
448 KB 78ms
12ms Image
image/jpeg 2600:9000:26e8:5000:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/M/MV5BN2RjNzIxYjYtNzU1Zi00NGRhLWE2OTktMTA2NGUzNjQyYjFlXkEyXkFqcGc@._V1_.jpg
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26e8:5000:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: a4bc2a19ce28763edd3bee0eafe8d0a62c6cdecc7aeafea5c2a0a06ebde70925

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

x-amz-ir-id: d382d475-6fb9-4e0a-a443-075f56ba74a5
surrogate-key: x-cache-169 /images/M/MV5BN2RjNzIxYjYtNzU1Zi00NGRhLWE2OTktMTA2NGUzNjQyYjFlXkEyXkFqcGc@
age: 2862474
expires: Sat, 17 Sep 2044 17:08:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-id: WQt_hA_QjAYftMMqgEb_p-Bcmw5c1vU-1JYD8ZQji1cjfGw7HCtCwA==
date: Sun, 22 Sep 2024 17:08:45 GMT
content-type: image/jpeg
last-modified: Sun, 20 Feb 2022 07:50:50 GMT
x-nginx-cache-status: HIT
edge-cache-tag: x-cache-169,/images/M/MV5BN2RjNzIxYjYtNzU1Zi00NGRhLWE2OTktMTA2NGUzNjQyYjFlXkEyXkFqcGc@
cache-control: max-age=630720000,public
via: 1.1 93e77bd122e2a2b3ec02228d81a35184.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 457632
x-amz-cf-pop: FRA56-P10
server: Server

GET
H2 200 ems.cHJkLWVtcy1hc3NldHMvbW92aWVzLzQ1Zjg4NDFhLWMxY2EtNDU3NC04OTNmLTQ4MTJiMzc3Y2EwZC5qcGc=
resizing.flixster.com/P3ITKQPm33gw4K73O9DYCOfyZ4E=/ 710 KB
711 KB 108ms
64ms Image
image/jpeg 2600:9000:2761:ae00:5:87a5:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resizing.flixster.com/P3ITKQPm33gw4K73O9DYCOfyZ4E=/ems.cHJkLWVtcy1hc3NldHMvbW92aWVzLzQ1Zjg4NDFhLWMxY2EtNDU3NC04OTNmLTQ4MTJiMzc3Y2EwZC5qcGc=
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:ae00:5:87a5:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7e5c0bdc540a25dcc5c0ddaf79718e89f84cd292ae30b7886294e548b006ce0c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

cache-control: max-age=93312000,public
etag: "1648c74ffff94518289b7e5289d8268576e6fae8"
age: 3380245
via: 1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 726546
x-amz-cf-id: g0SNUu80Y09z_JXAvw525Mh7bnAabcpyqCNcnV8Axli__illHvlZvw==
date: Tue, 17 Sep 2024 11:34:31 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P8
server: nginx/1.18.0

GET
H/1.1 200
OK AAAAQYApbyEA8dTOxD7XXJZ7gnnghPd3GL5xGL_wPxXWm43oWwL7XYR2dstAzkR4Xgqzkig_h8BOT920-lCqEmT-AFsKzBjhdyCsiBh2I5NcWcs8WPsRl7vxU6IsYm1blDEQItlVy8-z6q9f1Cy_i32tsl-y.jpg
dnm.nflximg.net/api/v6/2DuQlx0fM4wd1nzqm5BFBi6ILa8/ 1 MB
1 MB 47ms
16ms Image
image/jpeg 2a00:86c0:2090::1
NETFLIX-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dnm.nflximg.net/api/v6/2DuQlx0fM4wd1nzqm5BFBi6ILa8/AAAAQYApbyEA8dTOxD7XXJZ7gnnghPd3GL5xGL_wPxXWm43oWwL7XYR2dstAzkR4Xgqzkig_h8BOT920-lCqEmT-AFsKzBjhdyCsiBh2I5NcWcs8WPsRl7vxU6IsYm1blDEQItlVy8-z6q9f1Cy_i32tsl-y.jpg?r=24c
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:86c0:2090::1 , United States, ASN40027 (NETFLIX-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4826ca4b4bff236b5daa3e3aad0458b4f99f7e59fbf58b3334149e69e4519ae1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

Cache-Control: max-age=31104000, public, s-maxage=604800
Timing-Allow-Origin: *
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "8b8d1c91e02e210c9036c5aac1bdab7f"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1105664
Date: Sat, 26 Oct 2024 14:31:56 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 22 Aug 2023 17:14:11 GMT
Server: nginx

GET
H/1.1 200
OK AAAABVuKN6f-4-ByM9rS6HLDWpQTwHdlamYlU39JFtJ68en_n00Rucuwg2SlSa7wq8UgCZdRoasJtOJldjYzQs6B7UEe4nUhCvNSn6x-0aX2UTzq4hJq2ws7QjFfodg0ikxh_RFF.webp
occ-0-8407-2219.1.nflxso.net/dnm/api/v6/mAcAr9TxZIVbINe88xb3Teg5_OA/ 13 KB
14 KB 551ms
183ms Image
image/webp 2804:1a04:0:3::866
DB3 SERVICOS DE T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://occ-0-8407-2219.1.nflxso.net/dnm/api/v6/mAcAr9TxZIVbINe88xb3Teg5_OA/AAAABVuKN6f-4-ByM9rS6HLDWpQTwHdlamYlU39JFtJ68en_n00Rucuwg2SlSa7wq8UgCZdRoasJtOJldjYzQs6B7UEe4nUhCvNSn6x-0aX2UTzq4hJq2ws7QjFfodg0ikxh_RFF.webp?r=35c
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2804:1a04:0:3::866 Fortaleza, Brazil, ASN61832 (DB3 SERVICOS DE TELECOMUNICACOES S.A, BR),
Reverse DNS
Software: nginx /
Resource Hash: f3edf1a1f9eefbf6291fc56fe6796ddcb9c37738692f682752c9e2c50c7a22da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

Cache-Control: max-age=31104000, public, s-maxage=604800
Timing-Allow-Origin: *
Accept-CH: Device-Memory, Downlink, DPR, ECT, RTT, Save-Data, Viewport-Width, Width
ETag: "ca1aebc6900a138d9c4dee1ed6686ec5"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 13784
Date: Sat, 26 Oct 2024 14:31:57 GMT
Content-Type: image/webp
Last-Modified: Wed, 28 Aug 2024 19:38:54 GMT
Server: nginx

GET
H2 200 rBEeLGG6AD6AJ782AAK7_nvf__s978.jpg
source.boomplaymusic.com/buzzgroup1/M00/29/8E/ 175 KB
176 KB 116ms
33ms Image
image/jpeg 2a02:26f0:3500:6::17d8:4d88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://source.boomplaymusic.com/buzzgroup1/M00/29/8E/rBEeLGG6AD6AJ782AAK7_nvf__s978.jpg
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:6::17d8:4d88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: dd87fb19cd0986745cfdc973bf79649b35e77e22bd6bbf994f79b11fe53f8e70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

content-md5: KP2TorLEd66hxgB7olS4rA==
access-control-max-age: 86400
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
x-oss-storage-class: Standard
etag: "28FD93A2B2C477AEA1C6007BA254B8AC"
x-oss-object-type: Normal
access-control-allow-methods: GET,POST,OPTIONS
akamai-cache-status: Miss from child, Hit from parent
date: Sat, 26 Oct 2024 14:31:56 GMT
x-oss-server-time: 7
content-type: image/jpeg
last-modified: Tue, 16 May 2023 23:14:44 GMT
access-control-allow-headers: origin,range,hdntl,hdnts,x-boomplay-ref
x-oss-hash-crc64ecma: 540070966066995793
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
content-length: 179198
x-oss-request-id: 6672919C0EF8B53337B582A6
server: nginx

GET
H2 200 ems.cHJkLWVtcy1hc3NldHMvbW92aWVzL2YxZDA0NzI4LTMyN2YtNGU3My1iOTI0LTA1M2UyOWU2MTQyMC5qcGc=
resizing.flixster.com/0iQm4yhjVd8HrXQ-PIWZo4RU4xE=/ 435 KB
436 KB 53ms
10ms Image
image/jpeg 2600:9000:2761:ae00:5:87a5:a0c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resizing.flixster.com/0iQm4yhjVd8HrXQ-PIWZo4RU4xE=/ems.cHJkLWVtcy1hc3NldHMvbW92aWVzL2YxZDA0NzI4LTMyN2YtNGU3My1iOTI0LTA1M2UyOWU2MTQyMC5qcGc=
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2761:ae00:5:87a5:a0c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: da0f0284413d67c3ceda5594a5656fc2fdbd124522440e4824bed41c9662f303

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

cache-control: max-age=93312000,public
etag: "6b38795cf455b3d6d4cecdb46e96a8d305c1a431"
age: 3199148
via: 1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 445334
x-amz-cf-id: V1ne6sXUIINKwgR_I8XNLr_mvtqxuCmoIsxmIIt6yU-RFl_4UkiTWg==
date: Thu, 19 Sep 2024 13:52:48 GMT
content-type: image/jpeg
x-amz-cf-pop: FRA60-P8
server: nginx/1.18.0

GET
H2 200 zjgs096khv591.jpg
i.redd.it/ 316 KB
317 KB 205ms
125ms Image
image/jpeg 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.redd.it/zjgs096khv591.jpg
Requested by: Host: kshitij12375.github.io
URL: https://kshitij12375.github.io/project6/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: c4d143fbc63dde4eb0f0f8bd9a8ced56f7e0bd663e45b3a4b7f5f30c9f105be1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/

Response headers

x-canonical-filename-image-generation: 1
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 1.0, "failure_fraction": 1.0}
etag: "d2edb29f3f970c36aadecbb01ed0bb79"
x-amz-version-id: null
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 323929
x-reddit-canonical-filename: how-can-someone-make-this-background-with-html-and-css-i-v0-zjgs096khv591.jpg
date: Sat, 26 Oct 2024 14:31:56 GMT
last-modified: Wed, 14 Dec 2022 11:36:49 GMT
content-type: image/jpeg
server: snooserv
x-amz-server-side-encryption: AES256

GET HD-wallpaper-dark-blue-gradient-aurora-blue-background-colors-dark-dark-blue-gradient-plain-solid-thumbnail.jpg
w0.peakpx.com/wallpaper/990/831/ 0
0

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/webfonts/ 154 KB
154 KB 16ms
15ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f0189e087fcefbf654fad74a3a06668b782c01353a61d5c0b7f0bf23e33c020

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kshitij12375.github.io
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6696a8d8-26608"
age: 160326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHI12CTOGxHlq5ApwXPPG0h%2BK%2FFwlGxEkg6Pr8NpK1qVEazM0TWHf3p2Rv2DZvSEvpBSp3gG%2FoZPigjpT6wbK5mS6zOQjzHUkszURT1DoAwbijG9s6pdVCE%2FR8gaCn7OQOpDcV%2BU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 14:31:56 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 14:31:56 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Tue, 16 Jul 2024 17:07:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d8b27240c518c4f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 157192
server: cloudflare

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/webfonts/ 25 KB
25 KB 24ms
24ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c732f106e91bc618767fbac8e2c7b27e5c736d477b2bb4fb83f597a43198c33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://kshitij12375.github.io
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css

Response headers

cf-cdnjs-via: cfworker/kv
cf-cache-status: HIT
etag: "6696a8d8-6378"
age: 251691
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdh93IReoLLGFpWOwM7AVvJTk0ImF%2BzqmIE7TmBBwtTTFx2%2FfHAYKVOrDd1nO0BFNBDWoLyQP1MaY1PQt%2FJKigR77EHIXn971uOg6zBa1Htvl2xN7ytUnPTH9D3xTgcEfX2TSgvP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 14:31:56 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 26 Oct 2024 14:31:56 GMT
content-type: application/octet-stream; charset=utf-8
last-modified: Tue, 16 Jul 2024 17:07:36 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d8b27240c528c4f-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25464
server: cloudflare

GET
H2 404 favicon.ico
kshitij12375.github.io/ 9 KB
5 KB 160ms
159ms Other
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kshitij12375.github.io/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://kshitij12375.github.io/project6/

Response headers

x-fastly-request-id: e58b28ce9edb75f6ca720b0866af47e144bde862
content-encoding: gzip
etag: W/"6717d337-239b"
age: 0
x-github-request-id: FBED:867C9:3442C19:356F716:671CFD5A
x-cache: MISS
date: Sat, 26 Oct 2024 14:31:57 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-mad2200135-MAD
x-cache-hits: 0
vary: Accept-Encoding
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
x-timer: S1729953117.219833,VS0,VE126
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
content-length: 5142
server: GitHub.com

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: w0.peakpx.com
URL: https://w0.peakpx.com/wallpaper/990/831/HD-wallpaper-dark-blue-gradient-aurora-blue-background-colors-dark-dark-blue-gradient-plain-solid-thumbnail.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kshitij12375.github.io/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dnm.nflximg.net
i.redd.it
kshitij12375.github.io
loodibee.com
m.media-amazon.com
occ-0-8407-2219.1.nflxso.net
resizing.flixster.com
source.boomplaymusic.com
w0.peakpx.com
w0.peakpx.com
104.17.24.14
2600:9000:26e8:5000:1d:d7f6:39d3:d9e1
2600:9000:2761:ae00:5:87a5:a0c0:93a1
2606:50c0:8003::153
2804:1a04:0:3::866
2a00:86c0:2090::1
2a02:26f0:3500:6::17d8:4d88
2a02:4780:b:1453:0:10b9:bf1d:5
2a04:4e42:200::396
1f0189e087fcefbf654fad74a3a06668b782c01353a61d5c0b7f0bf23e33c020
21eb44035adb247a9bc14f3acc54f52dc8ebbaedfd59f4a957907aa2ecf8918f
3538ad6baaeaf5608be119d8768fe447fd81a3c9fb551f53cd85268d780a057c
4826ca4b4bff236b5daa3e3aad0458b4f99f7e59fbf58b3334149e69e4519ae1
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
71ccf2abf48804c12498125e043ffc465c3773e59638c6b86656bb1b0d2f7bdc
7e5c0bdc540a25dcc5c0ddaf79718e89f84cd292ae30b7886294e548b006ce0c
a4bc2a19ce28763edd3bee0eafe8d0a62c6cdecc7aeafea5c2a0a06ebde70925
c4d143fbc63dde4eb0f0f8bd9a8ced56f7e0bd663e45b3a4b7f5f30c9f105be1
c732f106e91bc618767fbac8e2c7b27e5c736d477b2bb4fb83f597a43198c33c
da0f0284413d67c3ceda5594a5656fc2fdbd124522440e4824bed41c9662f303
dd87fb19cd0986745cfdc973bf79649b35e77e22bd6bbf994f79b11fe53f8e70
e5e202e3c899507992952533f57b634722b69b34241d271963559d31aa33ef81
f3edf1a1f9eefbf6291fc56fe6796ddcb9c37738692f682752c9e2c50c7a22da

kshitij12375.github.io Open in urlscan Pro 2606:50c0:8003::153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

89 %IPv6

10 Domains

10 Subdomains

10 IPs

4 Countries

3416 kBTransfer

3509 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

kshitij12375.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

89 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

3416 kB
Transfer

3509 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!