dev-alvandi.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dev-alvandi.github.io/movieApp-react-node-deploy/
Submission: On October 15 via api (October 15th 2024, 9:35:08 pm UTC) from CA — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2606:50c0:8003::153, located in United States and belongs to FASTLY, US. The main domain is dev-alvandi.github.io.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 15th 2024. Valid for: a year.

This is the only time dev-alvandi.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Netflix (Online)

Domain & IP information

	IP Address	AS Autonomous System
9	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.80.99 142.250.80.99	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26f... 2600:9000:26fa:f600:c:174a:c400:93a1	16509 (AMAZON-02) (AMAZON-02)
13	4

9 2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)

dev-alvandi.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26fa:f600:c:174a:c400:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.themoviedb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	github.io dev-alvandi.github.io	2 MB
2	gstatic.com fonts.gstatic.com	36 KB
1	themoviedb.org api.themoviedb.org — Cisco Umbrella Rank: 48607	749 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
13	4

	Domain	Requested by
9	dev-alvandi.github.io	dev-alvandi.github.io
2	fonts.gstatic.com	fonts.googleapis.com
1	api.themoviedb.org	dev-alvandi.github.io
1	fonts.googleapis.com	dev-alvandi.github.io
13	4

This site contains no links.

Subject Issuer	Validity	Valid
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.themoviedb.org Amazon RSA 2048 M02	`2024-07-20` - `2025-08-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dev-alvandi.github.io/movieApp-react-node-deploy/
Frame ID: E14038178219C4C62A645B333E745805
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netflix Clone

Detected technologies

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1658 kB
Transfer

2028 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dev-alvandi.github.io/movieApp-react-node-deploy/ 783 B
827 B 89ms
45ms Document
text/html 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

ea45d1c51c76019761b74def7090998713f720610bdab8a1ee8b01c478562701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 404
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 21:35:01 GMT
etag: W/"670ead59-30f"
expires: Tue, 15 Oct 2024 21:07:40 GMT
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-fastly-request-id: eefd5ff8b081b19123a479cb817e04cb5bc9ef12
x-github-request-id: 2254:2F5815:6EF4891:795405C:670ED743
x-proxy-cache: MISS
x-served-by: cache-yul1970051-YUL
x-timer: S1729028102.945794,VS0,VE27

GET
H2 200 main.fd912bc8.js Show response
dev-alvandi.github.io/movieApp-react-node-deploy/static/js/ 470 KB
138 KB 42ms
41ms Script
application/javascript 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/static/js/main.fd912bc8.js

Requested by

Host: dev-alvandi.github.io
URL: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

d9c931d81ac4aaee8b8c97fb85ede3ac8f8182f8bd0932588f69c40b0cabadb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: 35c89a92a05f6e36f076b8694cc9c478a2155dde
content-encoding: gzip
etag: W/"670ead59-759ce"
age: 0
x-github-request-id: BCE2:34604E:7394306:7DF3CE9:670ED743
expires: Tue, 15 Oct 2024 21:07:40 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.998500,VS0,VE24
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 140795
server: GitHub.com

GET
H2 200 main.2f550eb7.css
dev-alvandi.github.io/movieApp-react-node-deploy/static/css/ 661 B
640 B 41ms
41ms Stylesheet
text/css 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/static/css/main.2f550eb7.css

Requested by

Host: dev-alvandi.github.io
URL: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

70954f07cfd310aaa9b03393d569ca47c3f1fd2e4e350acdf4fa65109d871428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: e34ad3e83893e8fd6572633820185c842fb69a4a
content-encoding: gzip
etag: W/"670ead59-295"
age: 0
x-github-request-id: BD50:EC47F:6D72C61:77D26FD:670ED744
expires: Tue, 15 Oct 2024 21:07:40 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.998523,VS0,VE23
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 454
server: GitHub.com

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 115ms
47ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Requested by

Host: dev-alvandi.github.io
URL: https://dev-alvandi.github.io/movieApp-react-node-deploy/static/css/main.2f550eb7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fb0c742719aac32bb34917d73def535324211d08bbf38bba5051875a5c518b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 15 Oct 2024 21:35:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 15 Oct 2024 19:46:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 Logo.77ba64d8813d5a26e7e7.png
dev-alvandi.github.io/movieApp-react-node-deploy/static/media/ 32 KB
32 KB 61ms
61ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/static/media/Logo.77ba64d8813d5a26e7e7.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

94e277b7fd0aa31c86e646c079a8e27507efd39375d08eea8bd9d8ae6543ffca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: 9c1200f0eb30c3f25b79ed8e4acbb386e833e135
etag: "670ead59-7e09"
age: 0
x-github-request-id: 9B9B:C9131:7423C93:7E83952:670ED745
expires: Tue, 15 Oct 2024 21:07:41 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: image/png
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.228727,VS0,VE20
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32265
x-origin-cache: HIT
server: GitHub.com

GET
H2 200 home.50437ccc5be095543be4.jpg
dev-alvandi.github.io/movieApp-react-node-deploy/static/media/ 480 KB
481 KB 62ms
62ms Image
image/jpeg 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/static/media/home.50437ccc5be095543be4.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

739de8c4377b4d0a19d45207f29a4f2df8abd1159537766329071ee6a1012851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: 75583c7dddb17c8522e7940f6d7d2709cc393dd6
etag: "670ead59-78129"
age: 0
x-github-request-id: D6F3:2F5815:6EF4B45:795433C:670ED745
expires: Tue, 15 Oct 2024 21:07:41 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.228716,VS0,VE22
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 491817
server: GitHub.com

GET
H2 200 MovieLogo.fc254ed412371b32ab68.png
dev-alvandi.github.io/movieApp-react-node-deploy/static/media/ 657 KB
658 KB 37ms
37ms Image
image/png 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/static/media/MovieLogo.fc254ed412371b32ab68.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

3c15eb37702eaa76d2be98b1b382bd799ed06ac5e7fa629ba32c6c92a8e0016b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: 3ed66d408513169174439f652db4ab71f99f6fe9
etag: "670ead59-a4379"
age: 0
x-github-request-id: 23F1:DB4A1:75B8F2D:8018A03:670ED745
expires: Tue, 15 Oct 2024 21:07:41 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: image/png
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.228680,VS0,VE19
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 672633
x-origin-cache: HIT
server: GitHub.com

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 522ms
26ms Font
font/woff2 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://dev-alvandi.github.io
Referer: https://fonts.googleapis.com/

Response headers

age: 551430
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 09 Oct 2025 12:24:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 12:24:32 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 526ms
30ms Font
font/woff2 142.250.80.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://dev-alvandi.github.io
Referer: https://fonts.googleapis.com/

Response headers

age: 21475
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 15:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 15:37:07 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

GET
H2 200 list Show response
api.themoviedb.org/3/genre/movie/ 547 B
749 B 515ms
25ms XHR
application/json 2600:9000:26fa:f600:c:174a:c400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.themoviedb.org/3/genre/movie/list?api_key=aeef44d48a0de9d819f5417a68b25a8d
Requested by: Host: dev-alvandi.github.io
URL: https://dev-alvandi.github.io/movieApp-react-node-deploy/static/js/main.fd912bc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26fa:f600:c:174a:c400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 98d6f4fb3a0e0c77544a7277f32baebb720f7ca199b3337cabd037072c0449ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://dev-alvandi.github.io/

Response headers

access-control-expose-headers: *
content-encoding: gzip
etag: W/"98d6f4fb3a0e0c77544a7277f32baebb"
age: 11777
x-memc-expires: 18044
x-memc: HIT
x-cache: Hit from cloudfront
x-amz-cf-id: mVeqVF6sI-KIQczx5SB-z-CskHrHVWH6NMX592meVzUcYaFuj-dF6Q==
date: Tue, 15 Oct 2024 18:18:45 GMT
alt-svc: h3=":443"; ma=86400
content-type: application/json;charset=utf-8
vary: Accept-Encoding,accept-encoding
cache-control: public, max-age=18044
x-memc-age: 8822
x-memc-key: f781971c95c323df5625e30d17cbce76
via: 1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: JFK52-P1
server: openresty

GET
H2 200 favicon.ico
dev-alvandi.github.io/movieApp-react-node-deploy/ 17 KB
2 KB 56ms
55ms Other
image/vnd.microsoft.icon 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: fd7bc06389a4c8978b33badaa31524101e44fa7f
content-encoding: gzip
etag: W/"670ead59-423e"
age: 0
x-github-request-id: D0A0:EC47F:6D74792:77D4553:670ED75E
expires: Tue, 15 Oct 2024 21:08:07 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.251916,VS0,VE23
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1769
x-origin-cache: HIT
server: GitHub.com

GET
H2 200 backgroundImage.9673a5d8d466c60a3692.jpg
dev-alvandi.github.io/movieApp-react-node-deploy/static/media/ 308 KB
309 KB 51ms
49ms Image
image/jpeg 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev-alvandi.github.io/movieApp-react-node-deploy/static/media/backgroundImage.9673a5d8d466c60a3692.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

48913ba2ddeb1f1275577493841b0a1edee10ebea301fe288b0b9bf1450ef9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: b6849c98efbea76b3cbf0a7258dd10f7e1e04429
etag: "670ead59-4d1db"
age: 0
x-github-request-id: BA97:2E5F9A:73F383D:7E52FED:670ED745
expires: Tue, 15 Oct 2024 21:07:41 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: image/jpeg
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
strict-transport-security: max-age=31556952
cache-control: max-age=600
x-timer: S1729028102.265637,VS0,VE22
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 315867
server: GitHub.com

GET
H2 200 favicon.ico
dev-alvandi.github.io/movieApp-react-node-deploy/ 17 KB
0 0ms
0ms Other
image/vnd.microsoft.icon 2606:50c0:8003::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://dev-alvandi.github.io/movieApp-react-node-deploy/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://dev-alvandi.github.io/movieApp-react-node-deploy/

Response headers

x-fastly-request-id: fd7bc06389a4c8978b33badaa31524101e44fa7f
content-encoding: gzip
etag: W/"670ead59-423e"
age: 0
x-github-request-id: D0A0:EC47F:6D74792:77D4553:670ED75E
expires: Tue, 15 Oct 2024 21:08:07 GMT
x-proxy-cache: MISS
x-cache: HIT
date: Tue, 15 Oct 2024 21:35:02 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 15 Oct 2024 17:58:49 GMT
x-served-by: cache-yul1970051-YUL
x-cache-hits: 0
vary: Accept-Encoding
cache-control: max-age=600
x-timer: S1729028102.251916,VS0,VE23
via: 1.1 varnish
permissions-policy: interest-cohort=()
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1769
x-origin-cache: HIT
server: GitHub.com

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://dev-alvandi.github.io/movieApp-react-node-deploy/#/login Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.themoviedb.org
dev-alvandi.github.io
fonts.googleapis.com
fonts.gstatic.com
142.250.80.99
2600:9000:26fa:f600:c:174a:c400:93a1
2606:50c0:8003::153
2607:f8b0:4006:80b::200a
0fb0c742719aac32bb34917d73def535324211d08bbf38bba5051875a5c518b7
3c15eb37702eaa76d2be98b1b382bd799ed06ac5e7fa629ba32c6c92a8e0016b
48913ba2ddeb1f1275577493841b0a1edee10ebea301fe288b0b9bf1450ef9fd
70954f07cfd310aaa9b03393d569ca47c3f1fd2e4e350acdf4fa65109d871428
739de8c4377b4d0a19d45207f29a4f2df8abd1159537766329071ee6a1012851
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
94e277b7fd0aa31c86e646c079a8e27507efd39375d08eea8bd9d8ae6543ffca
98d6f4fb3a0e0c77544a7277f32baebb720f7ca199b3337cabd037072c0449ea
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
d9c931d81ac4aaee8b8c97fb85ede3ac8f8182f8bd0932588f69c40b0cabadb0
ea45d1c51c76019761b74def7090998713f720610bdab8a1ee8b01c478562701

dev-alvandi.github.io Open in urlscan Pro 2606:50c0:8003::153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

1658 kBTransfer

2028 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

dev-alvandi.github.io Open in urlscan Pro
2606:50c0:8003::153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1658 kB
Transfer

2028 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!