urlscan.io logo urlscan.io
SecurityTrails logo

github.com Open in urlscan Pro
140.82.118.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://writeups.perfect.blue/
Effective URL: https://github.com/perfectblue/ctf-writeups
Submission: On September 09 via manual from KW
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 140.82.118.4, located in United States and belongs to GITHUB - GitHub, Inc., US. The main domain is github.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 8th 2018. Valid for: 2 years.
This is the only time github.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.255.119.245 22612 (NAMECHEAP...)
2 140.82.118.4 36459 (GITHUB)
7 185.199.109.154 54113 (FASTLY)
1 151.101.112.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.55.167.2 14618 (AMAZON-AES)
2 140.82.118.5 36459 (GITHUB)
14 7
1    162.255.119.245 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
writeups.perfect.blue
2    140.82.118.4 (United States)

ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-140-82-118-4-ams.github.com
github.com
7    185.199.109.154 (United States)

ASN54113 (FASTLY - Fastly, US)
github.githubassets.com
1    151.101.112.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
avatars1.githubusercontent.com
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    52.55.167.2 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-55-167-2.compute-1.amazonaws.com
collector.githubapp.com
2    140.82.118.5 (United States)

ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-140-82-118-5-ams.github.com
api.github.com
Domain Requested by
7 github.githubassets.com github.com
2 api.github.com github.githubassets.com
2 github.com github.githubassets.com
1 collector.githubapp.com
1 www.google-analytics.com github.githubassets.com
1 avatars1.githubusercontent.com github.com
1 writeups.perfect.blue 1 redirects
14 7
Subject Issuer Validity Valid
github.com
DigiCert SHA2 Extended Validation Server CA		 2018-05-08 -
2020-06-03		 2 years crt.sh
*.githubassets.com
DigiCert SHA2 High Assurance Server CA		 2018-10-29 -
2020-11-02		 2 years crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2017-03-23 -
2020-05-13		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-08-23 -
2019-11-21		 3 months crt.sh
*.githubapp.com
DigiCert SHA2 High Assurance Server CA		 2017-04-04 -
2020-04-28		 3 years crt.sh
*.github.com
DigiCert SHA2 High Assurance Server CA		 2019-07-08 -
2020-07-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://github.com/perfectblue/ctf-writeups
Frame ID: 67A2C815990DE0AD4280FD987973D69B
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://writeups.perfect.blue/ HTTP 302
    https://github.com/perfectblue/ctf-writeups Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • meta pjax-timeout /(?:)/i
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • meta pjax-timeout /(?:)/i

Page Statistics

14
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

318 kB
Transfer

1348 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://writeups.perfect.blue/ HTTP 302
    https://github.com/perfectblue/ctf-writeups Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ctf-writeups
github.com/perfectblue/
Redirect Chain
  • http://writeups.perfect.blue/
  • https://github.com/perfectblue/ctf-writeups
118 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://github.com/perfectblue/ctf-writeups
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.118.4 , United States, ASN36459 (GITHUB - GitHub, Inc., US),
Reverse DNS
lb-140-82-118-4-ams.github.com
Software
GitHub.com /
Resource Hash
d726245d5608f7525d102a5d9e05f82061ce4cdb2e984ce8d5b233d3aa35905e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Host
github.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Sep 2019 11:01:26 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Server
GitHub.com
Status
200 OK
Vary
X-PJAX Accept-Encoding
ETag
W/"d726245d5608f7525d102a5d9e05f820"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
has_recent_activity=1; path=/; expires=Mon, 09 Sep 2019 12:01:25 -0000 _octo=GH1.1.1457206328.1568026886; domain=.github.com; path=/; expires=Thu, 09 Sep 2021 11:01:26 -0000 logged_in=no; domain=.github.com; path=/; expires=Fri, 09 Sep 2039 11:01:26 -0000; secure; HttpOnly _gh_sess=RWlXMzZRMjJ4VjVjeFFSVjBlQ3hTVmo4czFyZ0N3MnBYMEpKcWJrUlhhTG1GeXAxYUV3bVBaZmEvaVV4Q1hRWGhReFdSWHliNkw0ZkpGR3dNQm16M0ExTlVqUHpKMnRUcGZ6b2Z1Q05CYjVnUzlGbjVaVTNtcS9FRGNnUmVzNU1HM2pXMVNZQmZJb1pOU2xHblJ1VlhPVnlQMUdHclhsZFdEMklMTEVPZ1ZDMmRHRDRuaEhJV3UzWjVnbUI4QU5KdkNnOEFySTY2R3l5VEZNQkpMUnBLUlRFVDFPVklFaG9mR01LZi90RTltZkZwMmdZN09ac21QWEpCMi9jb3BHR2FhckhOdStveWQwclViRi80alFCUUJER2RqZWtFNGVCV1BxcjU0bUYyUGM9LS10U3huZTFOdXpNZzAzdUNublE5Y2VRPT0%3D--256242138021cc9006975cf96eca0a79b483da63; path=/; secure; HttpOnly
X-Request-Id
8d9b97e7-ef50-4e0e-93a7-9fbcfa8bf37b
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
X-Frame-Options
deny
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Content-Encoding
gzip
X-GitHub-Request-Id
2D90:A709:29D8332:4127BE1:5D763105

Redirect headers

Server
nginx
Date
Mon, 09 Sep 2019 11:01:25 GMT
Content-Type
text/html; charset=utf-8
Content-Length
66
Connection
keep-alive
Location
https://github.com/perfectblue/ctf-writeups
X-Served-By
Namecheap URL Forward
frameworks-6b8b7859c4b8fbe3ab45f8ab0905a9f8.css
github.githubassets.com/assets/ 		141 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/frameworks-6b8b7859c4b8fbe3ab45f8ab0905a9f8.css
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f099e112c132bbd6c1d5ffcdc9d8811fd57dbec4b28adfaf17dac08cc6874876

Request headers

Sec-Fetch-Mode
cors
Referer
https://github.com/perfectblue/ctf-writeups
Origin
https://github.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
eb01390832ec815a1d11d3827e6014912626608e
date
Mon, 09 Sep 2019 11:01:26 GMT
content-encoding
gzip
age
2186
x-cache
HIT, HIT
status
200
access-control-max-age
3600
content-length
24851
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad2145-IAD, cache-hhn4066-HHN
last-modified
Wed, 04 Sep 2019 18:21:55 GMT
server
AmazonS3
x-timer
S1568026886.304085,VS0,VE0
etag
"bf25ea39e1517d08603430e823819829"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
4, 855
site-b046b27487428b94fc20941868838997.css
github.githubassets.com/assets/ 		75 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/site-b046b27487428b94fc20941868838997.css
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a67ef81a5458be6711fb55d62374ac7db74b271c569e58a133645e6eca71195

Request headers

Sec-Fetch-Mode
cors
Referer
https://github.com/perfectblue/ctf-writeups
Origin
https://github.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
2c06fb831fa6e766d95034266c9010361af5cc3b
date
Mon, 09 Sep 2019 11:01:26 GMT
content-encoding
gzip
age
2186
x-cache
HIT, HIT
status
200
access-control-max-age
3600
content-length
13658
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad2126-IAD, cache-hhn4066-HHN
last-modified
Wed, 04 Sep 2019 18:21:57 GMT
server
AmazonS3
x-timer
S1568026886.306954,VS0,VE0
etag
"faf04b8a0695dd1e40be5f5031e94f8e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
4, 570
github-291843805c7223f6580992fec16768ed.css
github.githubassets.com/assets/ 		390 KB
74 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/github-291843805c7223f6580992fec16768ed.css
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bff717d9d359362fe20e7cf5b2848274d597d7a4d4a3bb9d13c10078869eebc0

Request headers

Sec-Fetch-Mode
cors
Referer
https://github.com/perfectblue/ctf-writeups
Origin
https://github.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
d0fa12b3eb00398effc57fae7327adcaa9617bfb
date
Mon, 09 Sep 2019 11:01:26 GMT
content-encoding
gzip
age
2780
x-cache
HIT, HIT
status
200
access-control-max-age
3600
content-length
75657
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad2137-IAD, cache-hhn4066-HHN
last-modified
Mon, 09 Sep 2019 04:13:07 GMT
server
AmazonS3
x-timer
S1568026886.306536,VS0,VE0
etag
"f16c541174dd3e0042cd4496f3ecdcba"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
3, 2325
search-key-slash.svg
github.githubassets.com/images/ 		462 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://github.githubassets.com/images/search-key-slash.svg
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e2d30caebb4fdfbbb2cdfbf93e1877d14f4fe7ab030c80b28e4973604a4c16e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
2d63266e48f1836c9481098d8c952eb07258060c
date
Mon, 09 Sep 2019 11:01:26 GMT
via
1.1 varnish, 1.1 varnish
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
age
2817
x-cache
HIT, HIT
status
200
content-length
462
x-served-by
cache-iad2144-IAD, cache-hhn4027-HHN
last-modified
Wed, 28 Nov 2018 19:43:05 GMT
server
AmazonS3
x-timer
S1568026886.296988,VS0,VE0
etag
"decb466e149b4a9f623c03768e0722f4"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1, 291
17103094
avatars1.githubusercontent.com/u/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars1.githubusercontent.com/u/17103094?s=60&v=4
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.133 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
c396a380bff9dfbda245a9ebedcd27e406dee325b8bcd9090bc66ca3d829983c
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Fastly-Request-ID
c468491981eca73d588196ba125abcc9dab960cd
Content-Security-Policy
default-src 'none'
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Cache
HIT
X-Cache-Hits
1
Connection
keep-alive
Vary
Authorization,Accept-Encoding
Content-Length
2955
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4053-HHN
Last-Modified
Sun, 08 Jul 2018 13:26:00 GMT
X-GitHub-Request-Id
8EE6:453F:1E960C:298851:5D62A947
X-Timer
S1568026886.291156,VS0,VE1
X-Frame-Options
deny
Date
Mon, 09 Sep 2019 11:01:26 GMT
Source-Age
1279935
Strict-Transport-Security
max-age=31557600
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Etag
"7c6db1cd7b96d4ae96c4ebb6e37f117e2f32f21b"
Accept-Ranges
bytes
Timing-Allow-Origin
https://github.com
Expires
Mon, 09 Sep 2019 11:06:26 GMT
octocat-spinner-32.gif
github.githubassets.com/images/spinners/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://github.githubassets.com/images/spinners/octocat-spinner-32.gif
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1acde73950ab1f4e01d477ebe9217a76b540b4833c369e89246ba2a59b0a5339

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
6acc17fc29ab4c57af9979c6ba58e3f59b480c4f
date
Mon, 09 Sep 2019 11:01:26 GMT
via
1.1 varnish, 1.1 varnish
age
3667
x-cache
HIT, HIT
status
200
content-length
2308
x-served-by
cache-iad2138-IAD, cache-hhn4027-HHN
last-modified
Wed, 12 Dec 2018 18:17:07 GMT
server
AmazonS3
x-timer
S1568026886.297029,VS0,VE0
etag
"a275d0ff02eb0e006fa365f2f725b010"
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2, 374
frameworks-d5c43622.js
github.githubassets.com/assets/ 		143 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/frameworks-d5c43622.js
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a454ddbcfc9e3097f45f11d77557a4ac61eb4e7cf384d48500cbeefa8c1c2c3

Request headers

Sec-Fetch-Mode
cors
Referer
https://github.com/perfectblue/ctf-writeups
Origin
https://github.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
169c69697968a16d8d7eeef2a6c22c1c1530c990
date
Mon, 09 Sep 2019 11:01:26 GMT
content-encoding
gzip
age
3356
x-cache
HIT, HIT
status
200
access-control-max-age
3600
content-length
48166
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad2128-IAD, cache-hhn4066-HHN
last-modified
Fri, 06 Sep 2019 14:47:12 GMT
server
AmazonS3
x-timer
S1568026886.307373,VS0,VE0
etag
"62155cc3241298db4f19a6441c7a36e7"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1, 253
github-bootstrap-c9c5a12d.js
github.githubassets.com/assets/ 		475 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://github.githubassets.com/assets/github-bootstrap-c9c5a12d.js
Requested by
Host: github.com
URL: https://github.com/perfectblue/ctf-writeups
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.109.154 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21fb629971e24debf57d9badd4e0a07e494c88b1ee775b884e7cf93a5b07048b

Request headers

Sec-Fetch-Mode
cors
Referer
https://github.com/perfectblue/ctf-writeups
Origin
https://github.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
928e8675e2aca0d691e7997d79f15ea56eec90f3
date
Mon, 09 Sep 2019 11:01:26 GMT
content-encoding
gzip
age
2782
x-cache
HIT, HIT
status
200
access-control-max-age
3600
content-length
122723
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad2135-IAD, cache-hhn4066-HHN
last-modified
Mon, 09 Sep 2019 04:13:07 GMT
server
AmazonS3
x-timer
S1568026886.302913,VS0,VE0
etag
"c9e58abf04b2bf7ee108ca276e7991f9"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
2, 2187
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
contributors_size
github.com/perfectblue/ctf-writeups/ 		706 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://github.com/perfectblue/ctf-writeups/contributors_size
Requested by
Host: github.githubassets.com
URL: https://github.githubassets.com/assets/frameworks-d5c43622.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.118.4 , United States, ASN36459 (GITHUB - GitHub, Inc., US),
Reverse DNS
lb-140-82-118-4-ams.github.com
Software
GitHub.com /
Resource Hash
3459e1e8cc3a98d9ffc26811af774dcf9c5f9ab506c61c97c2e96ab1ca3ad74e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html
Referer
https://github.com/perfectblue/ctf-writeups
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Mon, 09 Sep 2019 11:01:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Status
200 OK
Vary
X-PJAX, Accept-Encoding
X-XSS-Protection
1; mode=block
X-Request-Id
54d50796-f684-4dd9-bc73-c51c2e811396
Server
GitHub.com
X-GitHub-Request-Id
2D90:A709:29D83B9:4127C57:5D763106
X-Frame-Options
deny
ETag
W/"3459e1e8cc3a98d9ffc26811af774dcf"
Expect-CT
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Content-Type
text/html; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
X-HTML-Safe
d2fdac17b2d56cad7795e6b9364d54a697e260f9
collect
www.google-analytics.com/r/ 		35 B
143 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: github.githubassets.com
URL: https://github.githubassets.com/assets/frameworks-d5c43622.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Sep 2019 11:01:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
https://github.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
page_view
collector.githubapp.com/github/ 		35 B
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://collector.githubapp.com/github/page_view?dimensions[page]=https%3A%2F%2Fgithub.com%2Fperfectblue%2Fctf-writeups&dimensions[title]=GitHub%20-%20perfectblue%2Fctf-writeups%3A%20Perfect%20Blue%27s%20CTF%20Writeups&dimensions[referrer]=&dimensions[user_agent]=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dimensions[screen_resolution]=1600x1200&dimensions[pixel_ratio]=1&dimensions[browser_resolution]=1600x1200&dimensions[tz_seconds]=7200&dimensions[timestamp]=1568026886453&dimensions[request_id]=2D90%3AA709%3A29D8332%3A4127BE1%3A5D763105&dimensions[region_edge]=ams&dimensions[region_render]=iad&dimensions[ga_id]=2112625021.1568026886&dimensions[visitor_id]=6258653523852275974&dimensions[user_id]=41891886&dimensions[user_login]=perfectblue&dimensions[repository_id]=133306580&dimensions[repository_nwo]=perfectblue%2Fctf-writeups&dimensions[repository_public]=true&dimensions[repository_is_fork]=false&dimensions[repository_network_root_id]=133306580&dimensions[repository_network_root_nwo]=perfectblue%2Fctf-writeups&dimensions[repository_explore_github_marketplace_ci_cta_shown]=false&&measures[performance_timing]=1-398-348-1055-962-961-961-810-348-347-346--1055-0---398-854-800-353--&&&dimensions[cid]=1457206328.1568026886
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.167.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-55-167-2.compute-1.amazonaws.com
Software
GitHub.com /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 09 Sep 2019 11:01:26 GMT
X-Rack-Cache
miss
Last-Modified
Mon, 09 Sep 2019 11:01:26 GMT
Server
GitHub.com
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif; charset=utf-8
Expires
Sat, 25 Nov 2000 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, private
Connection
keep-alive
X-Runtime
0.006610
Content-Length
35
X-Request-Id
21283821516ca77ee4212d3d92d2daae
X-UA-Compatible
IE=Edge,chrome=1
stats
api.github.com/_private/browser/ 		5 B
930 B 		Other
General
Check archive.org
Download Go to
Full URL
https://api.github.com/_private/browser/stats
Requested by
Host: github.githubassets.com
URL: https://github.githubassets.com/assets/frameworks-d5c43622.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.118.5 , United States, ASN36459 (GITHUB - GitHub, Inc., US),
Reverse DNS
lb-140-82-118-5-ams.github.com
Software
GitHub.com /
Resource Hash
8e1d794b49e35ea828279c6a8c95282bbb9a0787cf5c9385256c2cc9d17baeb7
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 09 Sep 2019 11:01:26 GMT
X-Content-Type-Options
nosniff
X-GitHub-Media-Type
github.v3; format=json
Status
200 OK
X-RateLimit-Limit
60
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Vary
Accept-Encoding
Content-Length
5
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
0910:3524E:4580B67:546CA0C:5D763106
X-Frame-Options
deny
X-RateLimit-Remaining
60
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type
Cache-Control
no-cache
X-RateLimit-Reset
1568030486
Content-Security-Policy
default-src 'none'
errors
api.github.com/_private/browser/ 		5 B
929 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.github.com/_private/browser/errors
Requested by
Host: github.githubassets.com
URL: https://github.githubassets.com/assets/github-bootstrap-c9c5a12d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.118.5 , United States, ASN36459 (GITHUB - GitHub, Inc., US),
Reverse DNS
lb-140-82-118-5-ams.github.com
Software
GitHub.com /
Resource Hash
8e1d794b49e35ea828279c6a8c95282bbb9a0787cf5c9385256c2cc9d17baeb7
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://github.com/perfectblue/ctf-writeups
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 09 Sep 2019 11:01:36 GMT
X-Content-Type-Options
nosniff
X-GitHub-Media-Type
github.v3; format=json
Status
200 OK
X-RateLimit-Limit
60
Strict-Transport-Security
max-age=31536000; includeSubdomains; preload
Vary
Accept-Encoding
Content-Length
5
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
GitHub.com
X-GitHub-Request-Id
0BC4:17AA:3284A70:3D66AEC:5D763110
X-Frame-Options
deny
X-RateLimit-Remaining
60
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type
Cache-Control
no-cache
X-RateLimit-Reset
1568030486
Content-Security-Policy
default-src 'none'

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| System object| litHtmlVersions function| AutocompleteElement function| RemoteInputElement function| TaskListsElement function| ga object| gaplugins function| AutoCheckElement function| ClipboardCopyElement function| DetailsDialogElement function| DetailsMenuElement function| GEmojiElement function| ImageCropElement function| IncludeFragmentElement function| MarkdownHeaderButtonElement function| MarkdownBoldButtonElement function| MarkdownItalicButtonElement function| MarkdownQuoteButtonElement function| MarkdownCodeButtonElement function| MarkdownLinkButtonElement function| MarkdownUnorderedListButtonElement function| MarkdownOrderedListButtonElement function| MarkdownTaskListButtonElement function| MarkdownMentionButtonElement function| MarkdownRefButtonElement function| MarkdownToolbarElement function| TabContainerElement function| TextExpanderElement function| LocalTimeElement function| RelativeTimeElement function| TimeAgoElement function| TimeUntilElement function| PollIncludeFragmentElement function| FuzzyListElement function| PasswordStrengthElement object| _octo function| FileAttachmentElement object| gaGlobal function| PreciseTimeAgoElement function| ProgressBarElement object| gaData

7 Cookies

Domain/Path Name / Value
github.com/ Name: tz
Value: Europe%2FBerlin
.github.com/ Name: _gat
Value: 1
.github.com/ Name: _octo
Value: GH1.1.1457206328.1568026886
.github.com/ Name: logged_in
Value: no
.github.com/ Name: _ga
Value: GA1.2.2112625021.1568026886
github.com/ Name: _gh_sess
Value: RWlXMzZRMjJ4VjVjeFFSVjBlQ3hTVmo4czFyZ0N3MnBYMEpKcWJrUlhhTG1GeXAxYUV3bVBaZmEvaVV4Q1hRWGhReFdSWHliNkw0ZkpGR3dNQm16M0ExTlVqUHpKMnRUcGZ6b2Z1Q05CYjVnUzlGbjVaVTNtcS9FRGNnUmVzNU1HM2pXMVNZQmZJb1pOU2xHblJ1VlhPVnlQMUdHclhsZFdEMklMTEVPZ1ZDMmRHRDRuaEhJV3UzWjVnbUI4QU5KdkNnOEFySTY2R3l5VEZNQkpMUnBLUlRFVDFPVklFaG9mR01LZi90RTltZkZwMmdZN09ac21QWEpCMi9jb3BHR2FhckhOdStveWQwclViRi80alFCUUJER2RqZWtFNGVCV1BxcjU0bUYyUGM9LS10U3huZTFOdXpNZzAzdUNublE5Y2VRPT0%3D--256242138021cc9006975cf96eca0a79b483da63
github.com/ Name: has_recent_activity
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block