![](/screenshots/655d5e7b-dd62-4ae4-8e59-53745a0063dc.png)
mohammadshohelhan.github.io
Open in
urlscan Pro
2606:50c0:8002::153
Malicious Activity!
Public Scan
Submission: On July 14 via automatic, source openphish — Scanned from US
Summary
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: a year.
This is the only time mohammadshohelhan.github.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Netflix (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 2606:50c0:800... 2606:50c0:8002::153 | 54113 (FASTLY) (FASTLY) | |
2 | 2a04:4e42:400... 2a04:4e42:400::485 | 54113 (FASTLY) (FASTLY) | |
12 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
github.io
mohammadshohelhan.github.io |
5 MB |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 352 |
178 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
10 | mohammadshohelhan.github.io |
mohammadshohelhan.github.io
|
2 | cdn.jsdelivr.net |
mohammadshohelhan.github.io
cdn.jsdelivr.net |
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-15 - 2025-03-14 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mohammadshohelhan.github.io/netflix-clone/
Frame ID: 544058F501CE17282E957D0A4E68E26D
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/655d5e7b-dd62-4ae4-8e59-53745a0063dc.png)
Page Title
Netflex CloneDetected technologies
Detected patterns
- ^https?://[^/]+\.github\.io
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mohammadshohelhan.github.io/netflix-clone/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
mohammadshohelhan.github.io/netflix-clone/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
remixicon.css
cdn.jsdelivr.net/npm/remixicon@4.2.0/fonts/ |
136 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
mohammadshohelhan.github.io/netflix-clone/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tv.png
mohammadshohelhan.github.io/netflix-clone/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mobile.png
mohammadshohelhan.github.io/netflix-clone/ |
213 KB 213 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box.png
mohammadshohelhan.github.io/netflix-clone/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kids.png
mohammadshohelhan.github.io/netflix-clone/ |
365 KB 365 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
netflix.js
mohammadshohelhan.github.io/netflix-clone/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.png
mohammadshohelhan.github.io/netflix-clone/ |
4 MB 4 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
remixicon.woff2
cdn.jsdelivr.net/npm/remixicon@4.2.0/fonts/ |
159 KB 160 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
mohammadshohelhan.github.io/ |
9 KB 5 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Netflix (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
mohammadshohelhan.github.io
2606:50c0:8002::153
2a04:4e42:400::485
06d8ed2fba5632143c2f2d494b880b8d12f5b1d6374894008bec3d3a3c3a588c
19f754b77049ce6db84a6899d3ae02f470d6cc1c86e40af5af6d4f771f340b28
5c04322744ec6cc367c2c4ebc17fa93cd659ff2509ae433454b0144362e000c1
5ef1bf1de3ca04fec33ad148f4f9c2f6f7e9182e239fe9719dc81e61d9a4ecdd
6b1dafcb272070e56756f7c37fed81556b6d14d85cd4cc425e073e58d4a58328
70d613e3acfba24fd2876fcbacaf639e1e111ef4d54baf70761c47673f37d6a3
7c1b0867b6183e76990ae02da6becf067ea57b6eb82ba2cab8472251aa87b3b1
91e59098872078f8c8cdd097c116acd09976cb7399b293d590c1eec006d67cc9
9ba77270bf48bbe22d61eeeba6ac18bd482219917a08b87afe20dbd1be00689a
b6e19b0b5e6593c04705005aa86dec398ba55ddc44ac626d5e761d5136f41a72
d74282f7e81697d3b215dfd198783fba25d4a5522618072ba7725fc0d171cfca
dbfab9e2b2958897b44d8e07f84df791c8cc38fc8fee51e80dcc6cd366ca8d23