dami1080.github.io
Open in
urlscan Pro
185.199.109.153
Malicious Activity!
Public Scan
Submission: On September 30 via api from US — Scanned from IT
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: a year.
This is the only time dami1080.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 185.199.109.153 185.199.109.153 | 54113 (FASTLY) (FASTLY) | |
2 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.250.185.202 142.250.185.202 | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.17.25.14 104.17.25.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.64.147.188 172.64.147.188 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 192.0.66.176 192.0.66.176 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
4 | 45.57.91.1 45.57.91.1 | 40027 (NETFLIX-ASN) (NETFLIX-ASN) | |
4 | 172.67.139.119 172.67.139.119 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 13.32.118.76 13.32.118.76 | 16509 (AMAZON-02) (AMAZON-02) | |
18 | 9 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
dami1080.github.io |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
ajax.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-76.fra60.r.cloudfront.net
dkr0pu7ej5xex.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2181 ka-f.fontawesome.com — Cisco Umbrella Rank: 6366 |
101 KB |
4 |
nflxext.com
assets.nflxext.com — Cisco Umbrella Rank: 3521 |
215 KB |
3 |
github.io
dami1080.github.io |
10 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1352 |
46 KB |
1 |
cloudfront.net
dkr0pu7ej5xex.cloudfront.net |
317 KB |
1 |
variety.com
variety.com — Cisco Umbrella Rank: 35021 |
5 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257 |
7 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 454 |
31 KB |
18 | 8 |
Domain | Requested by | |
---|---|---|
4 | ka-f.fontawesome.com |
kit.fontawesome.com
dami1080.github.io |
4 | assets.nflxext.com |
dami1080.github.io
|
3 | dami1080.github.io |
dami1080.github.io
|
2 | maxcdn.bootstrapcdn.com |
dami1080.github.io
|
1 | dkr0pu7ej5xex.cloudfront.net |
dami1080.github.io
|
1 | variety.com |
dami1080.github.io
|
1 | kit.fontawesome.com |
dami1080.github.io
|
1 | cdnjs.cloudflare.com |
dami1080.github.io
|
1 | ajax.googleapis.com |
dami1080.github.io
|
18 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-15 - 2025-03-14 |
a year | crt.sh |
bootstrapcdn.com WE1 |
2024-09-20 - 2024-12-19 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-08-26 - 2024-11-18 |
3 months | crt.sh |
cdnjs.cloudflare.com WE1 |
2024-09-28 - 2024-12-27 |
3 months | crt.sh |
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-07-30 - 2025-01-27 |
6 months | crt.sh |
variety.com E5 |
2024-09-15 - 2024-12-14 |
3 months | crt.sh |
*.1.nflxso.net DigiCert Secure Site ECC CA-1 |
2024-09-12 - 2024-10-22 |
a month | crt.sh |
ka-f.fontawesome.com WE1 |
2024-08-29 - 2024-11-27 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dami1080.github.io/NetFlix_Homepage/
Frame ID: 37D60C15C41CA94BDECE0CAE69D6573F
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Netflix HomepageDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- kit\.fontawesome\.com/([0-9a-z]+).js
GitHub Pages (CDN) Expand
Detected patterns
- ^https?://[^/]+\.github\.io
Popper (Miscellaneous) Expand
Detected patterns
- <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
- /popper\.js/([0-9.]+)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dami1080.github.io/NetFlix_Homepage/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
dami1080.github.io/NetFlix_Homepage/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ |
157 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ |
59 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
02ede8a396.js
kit.fontawesome.com/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
netflix-logo.png
variety.com/wp-content/uploads/2020/05/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tv.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile-0819.jpg
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
48 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
boxshot.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
device-pile.png
assets.nflxext.com/ffe/siteui/acquisition/ourStory/fuji/desktop/ |
134 KB 134 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
59 KB 13 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
26 KB 5 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ |
3 KB 1 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Netflix-Background.jpg
dkr0pu7ej5xex.cloudfront.net/wp-content/uploads/2017/04/24135159/ |
316 KB 317 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ |
76 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
dami1080.github.io/ |
9 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| Popper object| bootstrap object| FontAwesomeKitConfig0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets.nflxext.com
cdnjs.cloudflare.com
dami1080.github.io
dkr0pu7ej5xex.cloudfront.net
ka-f.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
variety.com
104.17.25.14
104.18.11.207
13.32.118.76
142.250.185.202
172.64.147.188
172.67.139.119
185.199.109.153
192.0.66.176
45.57.91.1
492fdebd363e40cbba153a244bcfe2a7f5f7cf20aff0805fe45d5c7e2180b875
57cff8d92ae3485ebeb85ab1444ff7067588ce4789c5f7c8c934be6e84cef6a0
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
81cf64888a7b3f6848b09695b034026d9ad685665b91d54597ecbb6197c6acbb
8a05bfbac27b8ea8b6eca3b05b5bccf23b4069362ccf43ed6f507d546dfa52aa
abad3ceddf83652540cf0081893a7a883fa08ef2181b5de48664be151c524d79
b68ea2c7bea397aa11fadb189ce7d83862baebaf03ece643eb5aa9fb5f755056
bdb96478725ed450fc338c621e4f88c41375ca5be343c55fadd5ea6ececb3cae
c4d143fbc63dde4eb0f0f8bd9a8ced56f7e0bd663e45b3a4b7f5f30c9f105be1
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
e1fa26cc34fda574edc01d09e374d6f10735a3fa621bdde87c104ee15453d4b6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda