albert-off.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://albert-off.github.io/pordz3index/
Submission: On December 13 via manual (December 13th 2023, 3:13:09 pm UTC) from NL — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is albert-off.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.

This is the only time albert-off.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
7	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
2 4	2a01:4f8:c012... 2a01:4f8:c012:b293::1	24940 (HETZNER-AS) (HETZNER-AS)
1	2a01:4f8:1c1b... 2a01:4f8:1c1b:1b4d::1	24940 (HETZNER-AS) (HETZNER-AS)
10	3

7 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

albert-off.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:c012:b293::1 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

v1.fontapi.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.fontcdn.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fdn.fontcdn.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:1c1b:1b4d::1 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)

de03.cdn.servr.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	github.io albert-off.github.io	7 KB
3	fontcdn.ir 2 redirects cdn.fontcdn.ir — Cisco Umbrella Rank: 608357 fdn.fontcdn.ir — Cisco Umbrella Rank: 696368	97 KB
1	servr.ir de03.cdn.servr.ir	88 KB
1	fontapi.ir v1.fontapi.ir — Cisco Umbrella Rank: 586775	539 B
10	4

	Domain	Requested by
7	albert-off.github.io	albert-off.github.io
2	cdn.fontcdn.ir	2 redirects
1	fdn.fontcdn.ir	v1.fontapi.ir
1	de03.cdn.servr.ir	v1.fontapi.ir
1	v1.fontapi.ir	albert-off.github.io
10	5

This site contains no links.

Subject Issuer	Validity	Valid
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
v1.fontapi.ir R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://albert-off.github.io/pordz3index/
Frame ID: A3B0E1F767F0F4EF45609AF47A591B5E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XCOMPANY

Detected technologies

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Page Statistics

10
Requests

80 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

192 kB
Transfer

209 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://cdn.fontcdn.ir/Fonts/SFProDisplay/5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2 HTTP 302
https://de03.cdn.servr.ir/Fonts/SFProDisplay/5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2

Request Chain 8

https://cdn.fontcdn.ir/Fonts/SFProDisplay/104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2 HTTP 302
https://fdn.fontcdn.ir/Fonts/SFProDisplay/104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
albert-off.github.io/pordz3index/ 5 KB
1 KB 180ms
138ms Document
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://albert-off.github.io/pordz3index/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

98aa70c17be4062d3c35046b30204157d3ee7a710060c7647febc6cf7e8fccb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 861
content-type: text/html; charset=utf-8
date: Wed, 13 Dec 2023 15:13:03 GMT
etag: W/"6288f9fd-149a"
expires: Wed, 13 Dec 2023 15:23:03 GMT
last-modified: Sat, 21 May 2022 14:41:01 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 74f3a5fece8236b94068c8a0398d67d27382a48e
x-github-request-id: C7B0:30F69A:F73E32:FB9500:6579C9FF
x-proxy-cache: MISS
x-served-by: cache-ams21052-AMS
x-timer: S1702480383.387945,VS0,VE112

GET
H2 200 style.css
albert-off.github.io/pordz3index/assets/css/ 16 KB
3 KB 126ms
126ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://albert-off.github.io/pordz3index/assets/css/style.css

Requested by

Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

d3c3354bb13c4c3180b9fedffc50ba1776c0c5cbbd8727f2c776157e27939cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/pordz3index/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 370ca71f140688152d7258ae501e4ef1b034b873
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Dec 2023 15:13:03 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 3210
x-served-by: cache-ams21052-AMS
last-modified: Sat, 21 May 2022 14:41:01 GMT
server: GitHub.com
x-github-request-id: 7A3E:26A369:F1CE8A:F61DA3:6579C9FE
x-timer: S1702480384.524881,VS0,VE108
etag: W/"6288f9fd-3ee9"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:23:03 GMT

GET
H2 200 main.js Show response
albert-off.github.io/pordz3index/assets/js/ 2 KB
679 B 119ms
119ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://albert-off.github.io/pordz3index/assets/js/main.js

Requested by

Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

4a3ef93bf19f06884e866b52c88cc34842457649fc961f7f50e6938c18655957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/pordz3index/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: ae6d8eb93c3b2b2664113599291e35985fa083d6
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Dec 2023 15:13:03 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 492
x-served-by: cache-ams21052-AMS
last-modified: Sat, 21 May 2022 14:41:01 GMT
server: GitHub.com
x-github-request-id: 905E:D2B5B:1013664:1058662:6579C9FE
x-timer: S1702480384.524841,VS0,VE99
etag: W/"6288f9fd-7ce"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 13 Dec 2023 15:23:03 GMT

GET
H2 200 SFProDisplay:300;400
v1.fontapi.ir/css/ 627 B
539 B 85ms
29ms Stylesheet
text/css 2a01:4f8:c012:b293::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.fontapi.ir/css/SFProDisplay:300;400
Requested by: Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:c012:b293::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 26581d58415ba135ad578b2380e2decb81bae245a1ff89b2ba5b57c6c4baf52c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 15:13:01 GMT
content-encoding: gzip
referrer-policy: origin
server: nginx
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, stale-while-revalidate=172800

GET
H2 200 apple.svg
albert-off.github.io/pordz2index/assets/img/icons/ 554 B
730 B 117ms
117ms Image
image/svg+xml 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://albert-off.github.io/pordz2index/assets/img/icons/apple.svg

Requested by

Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/pordz3index/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 088f598caea5060925ae9ff6394e37926fa9cf4b
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Dec 2023 15:13:03 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 347
x-served-by: cache-ams21052-AMS
last-modified: Fri, 20 May 2022 22:24:09 GMT
server: GitHub.com
x-github-request-id: B90E:2DBF01:F91FBA:FD6E32:6579C9FF
x-timer: S1702480384.738638,VS0,VE103
etag: W/"62881509-22a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:23:03 GMT

GET
H2 200 search.svg
albert-off.github.io/pordz2index/assets/img/icons/ 390 B
393 B 121ms
121ms Image
image/svg+xml 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://albert-off.github.io/pordz2index/assets/img/icons/search.svg

Requested by

Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/pordz3index/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: e01f50014c2ea06d2cc2b46bda0b230fc4456eac
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Dec 2023 15:13:03 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 249
x-served-by: cache-ams21052-AMS
last-modified: Fri, 20 May 2022 22:24:09 GMT
server: GitHub.com
x-github-request-id: 094C:26A70F:FA1572:FE6693:6579C9FF
x-timer: S1702480384.738566,VS0,VE107
etag: W/"62881509-186"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:23:03 GMT

GET
H2 200 bag.svg
albert-off.github.io/pordz2index/assets/img/icons/ 416 B
419 B 143ms
142ms Image
image/svg+xml 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://albert-off.github.io/pordz2index/assets/img/icons/bag.svg

Requested by

Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/pordz3index/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 9cbf9bc882a15c5fbba03a89a51e3d0556912bbe
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Dec 2023 15:13:03 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 276
x-served-by: cache-ams21052-AMS
last-modified: Fri, 20 May 2022 22:24:09 GMT
server: GitHub.com
x-github-request-id: 1042:A0B7:3C91FE:3D7FB5:6579C9FF
x-timer: S1702480384.738534,VS0,VE129
etag: W/"62881509-1a0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:23:03 GMT

GET
H/1.1

200
OK

5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2
de03.cdn.servr.ir/Fonts/SFProDisplay/
Redirect Chain

https://cdn.fontcdn.ir/Fonts/SFProDisplay/5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2
https://de03.cdn.servr.ir/Fonts/SFProDisplay/5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2

87 KB
88 KB

104ms
43ms

Font
application/octet-stream

2a01:4f8:1c1b:1b4d::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://de03.cdn.servr.ir/Fonts/SFProDisplay/5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2
Requested by: Host: v1.fontapi.ir
URL: https://v1.fontapi.ir/css/SFProDisplay:300;400
Protocol: HTTP/1.1
Server: 2a01:4f8:1c1b:1b4d::1 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: 5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://v1.fontapi.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 15:13:03 GMT
Last-Modified: Thu, 30 Mar 2023 19:28:28 GMT
Server: nginx/1.14.1
ETag: "6425e2dc-15d6c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400, stale-while-revalidate=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89452

Redirect headers

location: https://de03.cdn.servr.ir/Fonts/SFProDisplay/5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c.woff2
access-control-allow-origin: *
date: Wed, 13 Dec 2023 15:13:01 GMT
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 close.svg
albert-off.github.io/pordz2index/assets/img/icons/ 321 B
362 B 116ms
116ms Image
image/svg+xml 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://albert-off.github.io/pordz2index/assets/img/icons/close.svg

Requested by

Host: albert-off.github.io
URL: https://albert-off.github.io/pordz3index/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

425bd9f4d7d58124fd54ab22823bd0614df272bea17666d738449f288be73bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://albert-off.github.io/pordz3index/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: a2f9bcc13d79c2fdd3a04dd3b7f0665e80becdcd
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 13 Dec 2023 15:13:03 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 217
x-served-by: cache-ams21052-AMS
last-modified: Fri, 20 May 2022 22:24:09 GMT
server: GitHub.com
x-github-request-id: D514:36C119:F763BB:FBAF42:6579C9FF
x-timer: S1702480384.740862,VS0,VE101
etag: W/"62881509-141"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 13 Dec 2023 15:23:03 GMT

GET
H2

200

104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2
fdn.fontcdn.ir/Fonts/SFProDisplay/
Redirect Chain

https://cdn.fontcdn.ir/Fonts/SFProDisplay/104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2
https://fdn.fontcdn.ir/Fonts/SFProDisplay/104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2

97 KB
97 KB

106ms
33ms

Font
font/woff2

2a01:4f8:c012:b293::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fdn.fontcdn.ir/Fonts/SFProDisplay/104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2
Requested by: Host: v1.fontapi.ir
URL: https://v1.fontapi.ir/css/SFProDisplay:300;400
Protocol: H2
Server: 2a01:4f8:c012:b293::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://v1.fontapi.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 15:13:01 GMT
last-modified: Fri, 08 Jan 2021 21:43:13 GMT
server: nginx
etag: "5ff8d1f1-18368"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=604800, stale-while-revalidate=1296000
accept-ranges: bytes
content-length: 99176

Redirect headers

location: https://fdn.fontcdn.ir/Fonts/SFProDisplay/104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce.woff2
access-control-allow-origin: *
date: Wed, 13 Dec 2023 15:13:01 GMT
server: nginx
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

albert-off.github.io
cdn.fontcdn.ir
de03.cdn.servr.ir
fdn.fontcdn.ir
v1.fontapi.ir
2606:50c0:8003::153
2a01:4f8:1c1b:1b4d::1
2a01:4f8:c012:b293::1
104802c6c6dc7a3d84d629a79b78046847a9cc8caac8f73ea07e2dddfb5e31ce
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
26581d58415ba135ad578b2380e2decb81bae245a1ff89b2ba5b57c6c4baf52c
425bd9f4d7d58124fd54ab22823bd0614df272bea17666d738449f288be73bc3
4a3ef93bf19f06884e866b52c88cc34842457649fc961f7f50e6938c18655957
5bc1142d5fc993d2ec21a8fa93a17718818e8172dffc649b7d8a3ab459cfbf9c
6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42
98aa70c17be4062d3c35046b30204157d3ee7a710060c7647febc6cf7e8fccb1
ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5
d3c3354bb13c4c3180b9fedffc50ba1776c0c5cbbd8727f2c776157e27939cf2

albert-off.github.io Open in urlscan Pro 2606:50c0:8003::153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

80 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

3 IPs

2 Countries

192 kBTransfer

209 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

albert-off.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

80 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

192 kB
Transfer

209 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!