mortadelobir.github.io Open in urlscan Pro
2606:50c0:8000::153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mortadelobir.github.io/beautysalon/
Submission: On August 22 via api (August 22nd 2023, 10:05:43 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:50c0:8000::153, located in United States and belongs to FASTLY, US. The main domain is mortadelobir.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.

This is the only time mortadelobir.github.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
5	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
4 7	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:77:... 2a04:4e42:77::720	54113 (FASTLY) (FASTLY)
3	2606:4700:e4:... 2606:4700:e4::ac40:a707	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
16	6

5 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

mortadelobir.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:7baf (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a707 (United States)

ASN13335 (CLOUDFLARENET, US)

randomuser.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	unpkg.com 4 redirects unpkg.com — Cisco Umbrella Rank: 1146	57 KB
5	github.io mortadelobir.github.io	12 KB
3	randomuser.me randomuser.me — Cisco Umbrella Rank: 307352	16 KB
2	gstatic.com fonts.gstatic.com	44 KB
2	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 10900	65 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	1 KB
16	6

	Domain	Requested by
7	unpkg.com	4 redirects mortadelobir.github.io
5	mortadelobir.github.io	mortadelobir.github.io
3	randomuser.me	mortadelobir.github.io
2	fonts.gstatic.com	fonts.googleapis.com
2	images.unsplash.com	mortadelobir.github.io
1	fonts.googleapis.com	mortadelobir.github.io
16	6

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
instagram.com
facebook.com
youtube.com

Subject Issuer	Validity	Valid
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
images.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-12` - `2024-04-12`	a year	crt.sh
randomuser.me GTS CA 1P5	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mortadelobir.github.io/beautysalon/
Frame ID: 200440370B454C48A760CC9455CECFE3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OriginSix

Detected technologies

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-sr(?:-id)

Page Statistics

16
Requests

81 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

195 kB
Transfer

359 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=+5584986063573&text=Oi!%20Gostaria%20de%20agendar%20um%20hor%C3%A1rio
Title: Entrar em contato

Search URL Search Domain Scan URL

URL: https://instagram.com/

Search URL Search Domain Scan URL

URL: https://facebook.com/

Search URL Search Domain Scan URL

URL: https://youtube.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@10.2.0/swiper-bundle.min.css

Request Chain 9

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@10.2.0/swiper-bundle.min.js

Request Chain 10

https://unpkg.com/scrollreveal HTTP 302
https://unpkg.com/scrollreveal@4.0.9 HTTP 302
https://unpkg.com/scrollreveal@4.0.9/dist/scrollreveal.js

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mortadelobir.github.io/beautysalon/ 10 KB
3 KB 36ms
22ms Document
text/html 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2c61bc0ecd1ae84002c77793a76099fc11f434878a6f4f2670a74ca4c8fd3749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 2531
content-type: text/html; charset=utf-8
date: Tue, 22 Aug 2023 22:05:37 GMT
etag: W/"6202cb3e-2745"
expires: Tue, 22 Aug 2023 22:15:37 GMT
last-modified: Tue, 08 Feb 2022 19:57:50 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 419baf0531210449ec8829ae13378f498ac7f07d
x-github-request-id: 61AA:9E69:2D95C09:4176472:64E53131
x-proxy-cache: MISS
x-served-by: cache-lga21957-LGA
x-timer: S1692741938.910653,VS0,VE17

GET
H2 200 style.css
mortadelobir.github.io/beautysalon/assets/fonts/ 1 KB
674 B 22ms
21ms Stylesheet
text/css 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mortadelobir.github.io/beautysalon/assets/fonts/style.css

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

d1074a259c495f1f02be2b1688e811962047c69eef4c3f4f8fec977bd465d88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/beautysalon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: 84a06e00cecb00394b4a54d4dc213525464aefcb
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 22 Aug 2023 22:05:37 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 514
x-served-by: cache-lga21957-LGA
last-modified: Tue, 08 Feb 2022 19:57:50 GMT
server: GitHub.com
x-github-request-id: C012:04AA:2B8B475:3CCB667:64E53131
x-timer: S1692741938.939543,VS0,VE16
etag: W/"6202cb3e-567"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 22 Aug 2023 22:15:37 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@10.2.0/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@10.2.0/swiper-bundle.min.css

18 KB
5 KB

18ms
17ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@10.2.0/swiper-bundle.min.css

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a4ce161e2b6ff959bbd464b72cbabe683bf4a4eefe416b3938125852c998e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 477590
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H81D1E6CWATX84AA8SM5ARWT-lga
server: cloudflare
etag: W/"4814-8FuJfvoLVNWF9zNusmBsDRcl6D4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fae6b1859c118ea-EWR

Redirect headers

date: Tue, 22 Aug 2023 22:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H8FMFKJNXY710HKMHKEFKSHP-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 23
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@10.2.0/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7fae6b1849a918ea-EWR

GET
H2 200 style.css
mortadelobir.github.io/beautysalon/ 10 KB
3 KB 23ms
22ms Stylesheet
text/css 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mortadelobir.github.io/beautysalon/style.css

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

6e7ac00e995e3f71b95fb90c9718a099e73c3e2aba1b4e978b737b9c488caf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/beautysalon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: 4ea81dc9cb83f9b10ed308f29c4cf15db47b81a5
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 22 Aug 2023 22:05:37 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 2499
x-served-by: cache-lga21957-LGA
last-modified: Tue, 08 Feb 2022 19:57:50 GMT
server: GitHub.com
x-github-request-id: CFDC:0474:2D8EE9A:416FF30:64E53131
x-timer: S1692741938.939508,VS0,VE18
etag: W/"6202cb3e-272f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 22 Aug 2023 22:15:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 46ms
20ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&family=Poppins:wght@400;500;700&display=swap

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ec47a5dc628ae567498b75ba309d3196a144adcde57fa5ce0408dd443d2c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 22:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 22:05:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 22:05:37 GMT

GET
H2 200 photo-1562322140-8baeececf3df
images.unsplash.com/ 25 KB
25 KB 56ms
12ms Image
image/avif 2a04:4e42:77::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1562322140-8baeececf3df?ixid=MnwxMjA3fDB8MHxzZWFyY2h8MXx8aGFpcmRyZXNzZXJ8ZW58MHx8MHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=500&q=60

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

2ebc534ff98d61dbe7e437cadcdfa6c69d7360a586a9396283a2792d1f125bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
x-content-type-options: nosniff
age: 714893
x-cache: HIT, HIT
x-imgix-id: 9cd7b94b5b3b64568901acd195ce5fd79d8eafd0
cross-origin-resource-policy: cross-origin
content-length: 25954
x-served-by: cache-sjc10043-SJC, cache-iad-kiad7000138-IAD
x-imgix-render-farm: 01.140360
last-modified: Mon, 14 Aug 2023 15:30:44 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 photo-1559599101-f09722fb4948
images.unsplash.com/ 40 KB
40 KB 55ms
12ms Image
image/avif 2a04:4e42:77::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1559599101-f09722fb4948?ixid=MnwxMjA3fDB8MHxzZWFyY2h8Mnx8aGFpcmRyZXNzZXJ8ZW58MHx8MHx8&ixlib=rb-1.2.1&auto=format&fit=crop&w=500&q=60

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:77::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

53ac32c0796a28376cf8266ef589af13ece8591566496bf3f8b302d27a20431c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
x-content-type-options: nosniff
age: 1336389
x-cache: HIT, HIT
x-imgix-id: 3a0b2e40534101e09bcacb81992ff1b254ef5e9f
cross-origin-resource-policy: cross-origin
content-length: 40532
x-served-by: cache-sjc1000117-SJC, cache-iad-kiad7000138-IAD
x-imgix-render-farm: 01.140360
last-modified: Mon, 07 Aug 2023 10:52:28 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 76.jpg
randomuser.me/api/portraits/women/ 5 KB
5 KB 50ms
15ms Image
image/jpeg 2606:4700:e4::ac40:a707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/76.jpg
Requested by: Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a707 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff82cabc9eaa7687ddf1590dac7f77f7d15222c4bdcd907e0efbb1831bc7d19b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 286575
alt-svc: h3=":443"; ma=86400
content-length: 4688
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
server: cloudflare
etag: "62c38589-1250"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fkp0k1Cstr11FWxhSgRXcmqj701BoC8YTOiu1LTdJCXii8oWvpzRhnEMchFsgIHt5R%2FFUd34zfJfcqZRXvy%2FyCF3tr6fovqpwIzzzBhqx5H%2BnB8tk1vrQictSiSDRFH9gpZem68shwa3uECv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fae6b185dc8c340-EWR
expires: Mon, 18 Sep 2023 14:29:22 GMT

GET
H2 200 40.jpg
randomuser.me/api/portraits/women/ 4 KB
5 KB 53ms
18ms Image
image/jpeg 2606:4700:e4::ac40:a707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/40.jpg
Requested by: Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a707 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6abca15a3368f2699dbd8459137aa31115e2a35933d83d3e24ae98a0252c4134

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2337179
alt-svc: h3=":443"; ma=86400
content-length: 4442
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
server: cloudflare
etag: "62c38589-115a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIXp7Ew3ftQIRtftI29Y9iLWlFXMgGPEDSVxHZA3lsh4SFTb4isj8ziteRqnJ%2Bo9sQtmSRtv5MHax653km17RndWUhPxN0S3Pnhx%2BAZmNKEIKGVzaiddp6Vgj6Uacpq5KgDuKyMCB0cJg6Cm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fae6b185dcbc340-EWR
expires: Fri, 25 Aug 2023 20:52:38 GMT

GET
H2 200 73.jpg
randomuser.me/api/portraits/women/ 6 KB
6 KB 54ms
19ms Image
image/jpeg 2606:4700:e4::ac40:a707
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://randomuser.me/api/portraits/women/73.jpg
Requested by: Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a707 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88445d944fdf0bc52a4f79ddf5cffde16e42eec01bdd3e32ab6234cef44411b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176852
alt-svc: h3=":443"; ma=86400
content-length: 5709
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
server: cloudflare
etag: "62c38589-164d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOsl8g5KbCdpuMz7VzmHcBnMDm0mZghMRLY0oogC9Wrfh82102wCjLltrZhTtIQ3%2B3znvuev2lNtdRaCsm%2Bbb7aPjMWQfxeeehTx70eiAFRzyEmumaFEih8XFfpwYpUp0VfEQ%2B2MkgXP3Abe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fae6b185dccc340-EWR
expires: Tue, 19 Sep 2023 20:58:05 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@10.2.0/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@10.2.0/swiper-bundle.min.js

138 KB
40 KB

15ms
15ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@10.2.0/swiper-bundle.min.js

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b511ebcc9d064aa644dd6c0edfcb3095954f19324fb10d9a14fa47d01ddef43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 477852
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H81CSE5D36WJ6T4760ECMBE0-lga
server: cloudflare
etag: W/"22786-l3/T0Ce48jSCcMjlZKoz0Dx/UcQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fae6b1859c218ea-EWR

Redirect headers

date: Tue, 22 Aug 2023 22:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H8FMAFAY0QPRKM2FAS9QYSNX-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 191
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@10.2.0/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7fae6b1849aa18ea-EWR

GET
H2

200

scrollreveal.js Show response
unpkg.com/scrollreveal@4.0.9/dist/
Redirect Chain

https://unpkg.com/scrollreveal
https://unpkg.com/scrollreveal@4.0.9
https://unpkg.com/scrollreveal@4.0.9/dist/scrollreveal.js

44 KB
12 KB

13ms
13ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/scrollreveal@4.0.9/dist/scrollreveal.js

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9950165233dd7f4d3d8cbc26f01991de31105bd4c7bc52dfaed9e5e4d24e3e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 22:05:38 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7045495
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G4HTABK7QXZ4FGYA8TPSBCZ7-lga
server: cloudflare
etag: W/"ae61-Tlazq3bfXt/haKJNzDuVoMezqkc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fae6b1889f718ea-EWR

Redirect headers

date: Tue, 22 Aug 2023 22:05:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H6SZWEXNFNA5CQVX4WHMFK48-lga
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1800007
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /scrollreveal@4.0.9/dist/scrollreveal.js
cache-control: public, max-age=31536000
cf-ray: 7fae6b1869c618ea-EWR

GET
H2 200 main.js Show response
mortadelobir.github.io/beautysalon/ 3 KB
1 KB 23ms
20ms Script
application/javascript 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mortadelobir.github.io/beautysalon/main.js

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2713708d84cd5f7df4ee8a7c4e862c8bcf85146b4e5a866e6370cf26e9711609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: en-US,en;q=0.9
Referer: https://mortadelobir.github.io/beautysalon/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: 72f6ee55ca4cda6ab769887a732266dfd154e2ff
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 22 Aug 2023 22:05:37 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 1071
x-served-by: cache-lga21957-LGA
last-modified: Tue, 08 Feb 2022 19:57:50 GMT
server: GitHub.com
x-github-request-id: 29B2:0567:2EBC105:3FFC70F:64E53131
x-timer: S1692741938.943584,VS0,VE15
etag: W/"6202cb3e-b24"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Tue, 22 Aug 2023 22:15:37 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 28ms
9ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mortadelobir.github.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 08:45:28 GMT
x-content-type-options: nosniff
age: 480010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 08:45:28 GMT

GET
H2 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v14/ 36 KB
37 KB 24ms
6ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v14/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&family=Poppins:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mortadelobir.github.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 03:11:25 GMT
x-content-type-options: nosniff
age: 500053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37000
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 22:08:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 03:11:25 GMT

GET
H2 200 icomoon.ttf
mortadelobir.github.io/beautysalon/assets/fonts/fonts/ 7 KB
5 KB 17ms
17ms Font
font/ttf 2606:50c0:8000::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mortadelobir.github.io/beautysalon/assets/fonts/fonts/icomoon.ttf?zbasg7

Requested by

Host: mortadelobir.github.io
URL: https://mortadelobir.github.io/beautysalon/assets/fonts/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

983cfa61537e7d8d97428f7731c217962863a3f23800ce738a7a4ae57bd17f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Referer: https://mortadelobir.github.io/beautysalon/assets/fonts/style.css
Origin: https://mortadelobir.github.io
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-fastly-request-id: 1e3749cbb0d813c20b45a457dfa34f10da874a0d
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Tue, 22 Aug 2023 22:05:38 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 4496
x-served-by: cache-lga21957-LGA
last-modified: Tue, 08 Feb 2022 19:57:50 GMT
server: GitHub.com
x-github-request-id: CFDC:0474:2D8EEA6:416FF3B:64E53131
x-timer: S1692741938.054179,VS0,VE12
etag: W/"6202cb3e-1cb4"
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 22 Aug 2023 22:15:38 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
images.unsplash.com
mortadelobir.github.io
randomuser.me
unpkg.com
2606:4700::6810:7baf
2606:4700:e4::ac40:a707
2606:50c0:8000::153
2607:f8b0:4006:80f::200a
2607:f8b0:4006:821::2003
2a04:4e42:77::720
2713708d84cd5f7df4ee8a7c4e862c8bcf85146b4e5a866e6370cf26e9711609
2c61bc0ecd1ae84002c77793a76099fc11f434878a6f4f2670a74ca4c8fd3749
2ebc534ff98d61dbe7e437cadcdfa6c69d7360a586a9396283a2792d1f125bc6
53ac32c0796a28376cf8266ef589af13ece8591566496bf3f8b302d27a20431c
54a4ce161e2b6ff959bbd464b72cbabe683bf4a4eefe416b3938125852c998e5
5b511ebcc9d064aa644dd6c0edfcb3095954f19324fb10d9a14fa47d01ddef43
6abca15a3368f2699dbd8459137aa31115e2a35933d83d3e24ae98a0252c4134
6e7ac00e995e3f71b95fb90c9718a099e73c3e2aba1b4e978b737b9c488caf61
88445d944fdf0bc52a4f79ddf5cffde16e42eec01bdd3e32ab6234cef44411b3
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
983cfa61537e7d8d97428f7731c217962863a3f23800ce738a7a4ae57bd17f30
9950165233dd7f4d3d8cbc26f01991de31105bd4c7bc52dfaed9e5e4d24e3e0d
d1074a259c495f1f02be2b1688e811962047c69eef4c3f4f8fec977bd465d88d
f2113de896c7ffcc1d75fe539e9ba823bb93ada5cbf6fa83873d35a042b2ca46
f4ec47a5dc628ae567498b75ba309d3196a144adcde57fa5ce0408dd443d2c94
ff82cabc9eaa7687ddf1590dac7f77f7d15222c4bdcd907e0efbb1831bc7d19b

mortadelobir.github.io Open in urlscan Pro 2606:50c0:8000::153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

81 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

6 IPs

1 Countries

195 kBTransfer

359 kBSize

0 Cookies

4 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

mortadelobir.github.io Open in urlscan Pro
2606:50c0:8000::153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

81 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

195 kB
Transfer

359 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!