github.com Open in urlscan Pro
192.30.253.113 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.facebook.com.reply-account.tk/
Effective URL:
https://github.com/kgretzky/evilginx2/issues/124
Submission: On April 03 via automatic, source certstream-suspicious (April 3rd 2019, 2:56:02 pm UTC)

Summary HTTP 21 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 192.30.253.113, located in San Francisco, United States and belongs to GITHUB - GitHub, Inc., US. The main domain is github.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 8th 2018. Valid for: 2 years.

This is the only time github.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	103.251.177.242 103.251.177.242	55330 (GCN-DCN-A...) (GCN-DCN-AS AFGHANTELECOM GOVERNMENT COMMUNICATION NETWORK)
1	192.30.253.113 192.30.253.113	36459 (GITHUB) (GITHUB - GitHub)
7	185.199.108.154 185.199.108.154	54113 (FASTLY) (FASTLY - Fastly)
7	151.101.0.133 151.101.0.133	54113 (FASTLY) (FASTLY - Fastly)
2	151.101.192.133 151.101.192.133	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.20.29.9 52.20.29.9	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	192.30.253.117 192.30.253.117	36459 (GITHUB) (GITHUB - GitHub)
1	192.30.253.116 192.30.253.116	36459 (GITHUB) (GITHUB - GitHub)
21	9

1 103.251.177.242 (Afghanistan) 1 redirects

ASN55330 (GCN-DCN-AS AFGHANTELECOM GOVERNMENT COMMUNICATION NETWORK, AF)

www.facebook.com.reply-account.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.30.253.113 (San Francisco, United States)

ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-113-iad.github.com

github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.199.108.154 (None, )

ASN54113 (FASTLY - Fastly, US)

github.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.0.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

avatars2.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars3.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars0.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.133 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

avatars1.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.29.9 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-20-29-9.compute-1.amazonaws.com

collector.githubapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.30.253.117 (San Francisco, United States)

ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-117-iad.github.com

api.github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.30.253.116 (San Francisco, United States)

ASN36459 (GITHUB - GitHub, Inc., US)
PTR: lb-192-30-253-116-iad.github.com

api.github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	githubusercontent.com avatars2.githubusercontent.com avatars1.githubusercontent.com avatars3.githubusercontent.com avatars0.githubusercontent.com	34 KB
7	githubassets.com github.githubassets.com	367 KB
3	github.com github.com api.github.com	26 KB
1	githubapp.com collector.githubapp.com	529 B
1	google-analytics.com www.google-analytics.com	102 B
1	reply-account.tk 1 redirects www.facebook.com.reply-account.tk	149 B
21	6

	Domain	Requested by
7	github.githubassets.com	github.com
3	avatars3.githubusercontent.com	github.com
2	api.github.com	github.githubassets.com
2	avatars0.githubusercontent.com	github.com
2	avatars1.githubusercontent.com	github.com
2	avatars2.githubusercontent.com	github.com
1	collector.githubapp.com
1	www.google-analytics.com	github.githubassets.com
1	github.com
1	www.facebook.com.reply-account.tk	1 redirects
21	10

This site contains links to these domains. Also see Links.

Domain
lab.github.com
opensource.guide
github.community
education.github.com
enterprise.github.com
help.github.com
twitter.com
youtube.com
www.youtube.com
i.gyazo.com
githubstatus.com
developer.github.com
training.github.com
github.blog

Subject Issuer	Validity	Valid
github.com DigiCert SHA2 Extended Validation Server CA	`2018-05-08` - `2020-06-03`	2 years	crt.sh
*.githubassets.com DigiCert SHA2 High Assurance Server CA	`2018-10-29` - `2020-11-02`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2017-03-23` - `2020-05-13`	3 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.githubapp.com DigiCert SHA2 High Assurance Server CA	`2017-04-04` - `2020-04-28`	3 years	crt.sh
*.github.com DigiCert SHA2 High Assurance Server CA	`2018-06-19` - `2019-07-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://github.com/kgretzky/evilginx2/issues/124
Frame ID: 04CAA726315C92399C9B4EADE5ED433F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.facebook.com.reply-account.tk/ HTTP 302
https://github.com/kgretzky/evilginx2/issues/124 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Page Statistics

21
Requests

100 %
HTTPS

11 %
IPv6

6
Domains

10
Subdomains

9
IPs

4
Countries

427 kB
Transfer

1367 kB
Size

4
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://lab.github.com/
Title: Learning Lab

Search URL Search Domain Scan URL

URL: https://opensource.guide/
Title: Open source guides

Search URL Search Domain Scan URL

URL: https://github.community/
Title: Community forum

Search URL Search Domain Scan URL

URL: https://education.github.com/
Title: GitHub Education

Search URL Search Domain Scan URL

URL: https://enterprise.github.com/contact
Title: Contact Sales

Search URL Search Domain Scan URL

URL: https://help.github.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://help.github.com/privacy
Title: privacy statement

Search URL Search Domain Scan URL

URL: https://twitter.com/%5Buser%5D
Title: https://twitter.com/[user]

Search URL Search Domain Scan URL

URL: https://youtube.com/
Title: https://youtube.com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=dQw4w9WgXcQ
Title: https://www.youtube.com/watch?v=dQw4w9WgXcQ

Search URL Search Domain Scan URL

URL: https://i.gyazo.com/ff56086f430556fb3d50ee2133c241ee.png
Title: https://i.gyazo.com/ff56086f430556fb3d50ee2133c241ee.png

Search URL Search Domain Scan URL

URL: https://githubstatus.com/
Title: Status

Search URL Search Domain Scan URL

URL: https://help.github.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://developer.github.com/
Title: API

Search URL Search Domain Scan URL

URL: https://training.github.com/
Title: Training

Search URL Search Domain Scan URL

URL: https://github.blog/
Title: Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.facebook.com.reply-account.tk/ HTTP 302
https://github.com/kgretzky/evilginx2/issues/124 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set 124 Show response
github.com/kgretzky/evilginx2/issues/
Redirect Chain

https://www.facebook.com.reply-account.tk/
https://github.com/kgretzky/evilginx2/issues/124

104 KB
24 KB

757ms
756ms

Document
text/html

192.30.253.113
GitHub

General

Check archive.org

Show headers Download Go to

Full URL

https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.30.253.113 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US),

Reverse DNS

lb-192-30-253-113-iad.github.com

Software

GitHub.com /

Resource Hash

3c03cad8963b3bbd667800db8dd6761f330c667ccc326b9fb18198055cf25dfe

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Host: github.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: GitHub.com
Date: Wed, 03 Apr 2019 14:55:45 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Status: 200 OK
Vary: X-PJAX,Accept
ETag: W/"3c03cad8963b3bbd667800db8dd6761f"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: has_recent_activity=1; path=/; expires=Wed, 03 Apr 2019 15:55:44 -0000 logged_in=no; domain=.github.com; path=/; expires=Sun, 03 Apr 2039 14:55:45 -0000; secure; HttpOnly _gh_sess=RkE1MDN6c3FVdXNRLzhuVkcrbGF0b0RRMUUweUI3d2w5NDN4R1oxY2N4VktRNkc1OHI0ajZHTWdTeEtPbGEzVXpocFd0MytJTzJVakFQZklsTHB6TU03QTZRa1M5eFJibDVyUlZOL01OaW0rZXk5am9SdzlNUkJnYlQycDNZT2JOcUc3WmxSR1V3a0E4TmdMTGtNNkVDZXBXaGwxY21wMVRIQ1lRRDRGN25WMFdQZUttRlBiQTgrbnp6YlNZbys3RGpRZWk2eEQrUzVhSzZ2U1F2L1NzQXNLVy8xdVhEUmFoL09EbGRmRUdoaVhsbWJPdnd0SjNGTzZORmFmcCtjZmZHUFNSaDJUdFcwYWFZZUxhUG9xVEE9PS0tTGovL3dhWHRNQnlKN3cwNXlLaCswdz09--83acfff92f7b0cba8dc654cbb09778529ffc171a; path=/; secure; HttpOnly
X-Request-Id: 11a0557f-8784-46cc-b5c1-815975808219
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Options: deny
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Content-Encoding: gzip
X-GitHub-Request-Id: CA6C:3821:501218:8C1057:5CA4C945

Redirect headers

Connection: close
Content-Type: text/html
Location: https://github.com/kgretzky/evilginx2/issues/124
Transfer-Encoding: chunked

GET
H2 200 frameworks-abba74d6e28a6842788159fec056bf26.css
github.githubassets.com/assets/ 133 KB
23 KB 13ms
8ms Stylesheet
text/css 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://github.githubassets.com/assets/frameworks-abba74d6e28a6842788159fec056bf26.css
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c856609cbd345cde3ec04a4b37ad3450c4492db5878b5d568266d37b96469b26

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com

Response headers

x-fastly-request-id: 8314ab23d4214aa3c1861dc899803a5dacbdb689
date: Wed, 03 Apr 2019 14:55:45 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age: 2667
x-cache: HIT, HIT
status: 200
content-length: 23414
x-served-by: cache-iad2145-IAD, cache-hhn1551-HHN
access-control-allow-origin: *
last-modified: Fri, 22 Mar 2019 10:16:23 GMT
server: AmazonS3
x-timer: S1554303345.149516,VS0,VE0
etag: "f092c73ae8d2924412cb063ea805fccf"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/css
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1, 1898

GET
H2 200 site-fb3830abec4858c7644fa8b4f8759252.css
github.githubassets.com/assets/ 55 KB
10 KB 12ms
7ms Stylesheet
text/css 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://github.githubassets.com/assets/site-fb3830abec4858c7644fa8b4f8759252.css
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a20cb5d1433304b40efb10477917e489d570a01964a57e8f69984764c095eccf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com

Response headers

x-fastly-request-id: 9fa0dde97d49f2d7414b89c709175852c7fd500b
date: Wed, 03 Apr 2019 14:55:45 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age: 1492
x-cache: HIT, HIT
status: 200
content-length: 10515
x-served-by: cache-iad2132-IAD, cache-hhn1551-HHN
access-control-allow-origin: *
last-modified: Tue, 02 Apr 2019 18:28:50 GMT
server: AmazonS3
x-timer: S1554303345.149519,VS0,VE0
etag: "b14d675593b8cafa53a4f40b88347b24"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/css
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1, 1133

GET
H2 200 github-075cbca7db412e75878ec493711218f4.css
github.githubassets.com/assets/ 369 KB
70 KB 12ms
8ms Stylesheet
text/css 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://github.githubassets.com/assets/github-075cbca7db412e75878ec493711218f4.css
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b39350cb0ed00f249bba6eda0d1d930b9a1c9557e79b0823f1edd2b64dcf2e21

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com

Response headers

x-fastly-request-id: 56b2380ea78b1bcc831789959609f724fb3985e7
date: Wed, 03 Apr 2019 14:55:45 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age: 1219
x-cache: HIT, HIT
status: 200
content-length: 71589
x-served-by: cache-iad2142-IAD, cache-hhn1551-HHN
access-control-allow-origin: *
last-modified: Tue, 02 Apr 2019 23:33:46 GMT
server: AmazonS3
x-timer: S1554303345.149537,VS0,VE0
etag: "2d7a2e8c532e52999ed31493e65182d8"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/css
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 2, 1498

GET
H2 200 search-key-slash.svg
github.githubassets.com/images/ 462 B
814 B 11ms
7ms Image
image/svg+xml 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://github.githubassets.com/images/search-key-slash.svg
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e2d30caebb4fdfbbb2cdfbf93e1877d14f4fe7ab030c80b28e4973604a4c16e

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fastly-request-id: 059434415381b226a7c4faa56f245d1f72e2737a
date: Wed, 03 Apr 2019 14:55:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 3267
x-cache: HIT, HIT
status: 200
access-control-max-age: 3600
content-length: 462
x-served-by: cache-iad2120-IAD, cache-hhn1524-HHN
last-modified: Wed, 28 Nov 2018 19:43:05 GMT
server: AmazonS3
x-timer: S1554303345.149428,VS0,VE0
etag: "decb466e149b4a9f623c03768e0722f4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1, 1192

GET
H/1.1 200
OK 26556921
avatars2.githubusercontent.com/u/ 2 KB
2 KB 72ms
9ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/26556921?s=52&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4b5f59f77dca77d8f1f8754d2b93596d8bd0c9773618c4231f2a8a49f55023b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: 28de1b4dc0ba96e7c4ca164ff2279acb2d564a48
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 1538
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1540-HHN
Last-Modified: Sun, 29 Mar 2009 01:42:58 GMT
X-GitHub-Request-Id: E1D0:78C6:4B7B0:56ADE:5C9B608E
X-Timer: S1554303345.209793,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 616674
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "34235cd1fe6cdc583976638e0a323dde2f44f84f"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 19260967
avatars1.githubusercontent.com/u/ 368 B
1 KB 52ms
13ms Image
image/png 151.101.192.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars1.githubusercontent.com/u/19260967?s=52&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6291a718a8bf38eac081aae2ad0893b04766e02bac471e13c871362db011376e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: 2032f72b788e01151b5b0abc333ccbf3beca26fc
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 368
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1539-HHN
Last-Modified: Wed, 15 Jun 2016 15:18:12 GMT
X-GitHub-Request-Id: 686C:113E:4B3D60:550FDF:5CA09FE5
X-Timer: S1554303345.185498,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 272779
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "a94765dfca75f40247bac9031969160f6a705978"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 45371795
avatars3.githubusercontent.com/u/ 2 KB
2 KB 71ms
7ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/45371795?s=52&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1e4fe4235f2fdb6903e235665896ab5f9714447cda90161b308050bbac806df8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: 372b1f3190de7b2c013d1300a8dafd6b2ece88f0
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 1540
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1535-HHN
Last-Modified: Sun, 29 Mar 2009 01:42:58 GMT
X-GitHub-Request-Id: 19EE:4E80:137F11:16360E:5C9E758A
X-Timer: S1554303345.209736,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 414691
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "7f98642734be5c1fc61bee5d6842381652845e8c"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 28802649
avatars0.githubusercontent.com/u/ 6 KB
7 KB 78ms
15ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/28802649?s=52&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

052dedbc9ec5734971f46573407d84bc1e09c0314f3f185eadb932dba2dba583

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: fc4f92b56e0edb250f41ce53c99a73f6307e5cdb
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 5984
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1543-HHN
Last-Modified: Tue, 14 Aug 2012 12:24:28 GMT
X-GitHub-Request-Id: 392C:1522:97210:AA941:5CA4C96E
X-Timer: S1554303345.210105,VS0,VE8
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 0
X-Frame-Options: deny
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 26556921
avatars1.githubusercontent.com/u/ 2 KB
2 KB 51ms
13ms Image
image/png 151.101.192.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars1.githubusercontent.com/u/26556921?s=88&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.192.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

4b5f59f77dca77d8f1f8754d2b93596d8bd0c9773618c4231f2a8a49f55023b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: 2eb3767043e33e38e0811fc5120e3de1604e74f1
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 1538
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1525-HHN
Last-Modified: Sun, 29 Mar 2009 01:42:58 GMT
X-GitHub-Request-Id: 93B0:4350:F95DB:11B4AE:5C9D686D
X-Timer: S1554303345.185602,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 483587
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "34235cd1fe6cdc583976638e0a323dde2f44f84f"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 19260967
avatars2.githubusercontent.com/u/ 363 B
1 KB 70ms
7ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars2.githubusercontent.com/u/19260967?s=88&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

2aeac899f9e46d227d85753d17392bab0e317c0a0efbe27a2e3deae3d245761e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: bf6e8f3b568021045f230f4db9e85175a890e0f9
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 363
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1532-HHN
Last-Modified: Wed, 15 Jun 2016 15:18:12 GMT
X-GitHub-Request-Id: 308C:0BCC:3A5E30:3EF4E5:5C834F76
X-Timer: S1554303345.209903,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 2193915
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "99c02b92290c54d3f4d7e3664b113a566faf8134"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 45371795
avatars0.githubusercontent.com/u/ 2 KB
2 KB 67ms
8ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars0.githubusercontent.com/u/45371795?s=88&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1e4fe4235f2fdb6903e235665896ab5f9714447cda90161b308050bbac806df8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: dc3616a476177b36b7763b1a8fe3e3b7965407c5
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 1540
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1526-HHN
Last-Modified: Sun, 29 Mar 2009 01:42:59 GMT
X-GitHub-Request-Id: 383C:39BB:600471:6D4EBB:5CA31CEF
X-Timer: S1554303345.209969,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 109697
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "7f98642734be5c1fc61bee5d6842381652845e8c"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 28802649
avatars3.githubusercontent.com/u/ 14 KB
14 KB 67ms
8ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/28802649?s=88&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

708ba15f5e18fba9654bb88407c61d7c82d1e7693dac39490af261cb61a5af71

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: 4ab4dc2a36c2db177c2d7cb998245da489d03ebe
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Vary: Authorization,Accept-Encoding
Content-Length: 13963
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1521-HHN
Last-Modified: Tue, 14 Aug 2012 12:24:28 GMT
X-GitHub-Request-Id: 49BE:1E11:A05E8:B3ADD:5CA4C970
X-Timer: S1554303345.209894,VS0,VE1
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 0
X-Frame-Options: deny
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H/1.1 200
OK 19260967
avatars3.githubusercontent.com/u/ 394 B
1 KB 66ms
8ms Image
image/png 151.101.0.133
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://avatars3.githubusercontent.com/u/19260967?s=60&v=4

Requested by

Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bb8c24529fda273420cff3bec25a1a8ed6b5ebfe4ff8e892a1308eb341021fb1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Fastly-Request-ID: fca306b57fcfbafa7eb61e9b6b1b30e47e03a305
Content-Security-Policy: default-src 'none'
Via: 1.1 varnish
X-Content-Type-Options: nosniff
X-Cache: HIT
Connection: keep-alive
Content-Length: 394
X-Xss-Protection: 1; mode=block
X-Served-By: cache-hhn1534-HHN
Last-Modified: Wed, 15 Jun 2016 15:18:12 GMT
X-GitHub-Request-Id: A898:720E:1D06BE:20DD8F:5C96A77F
X-Timer: S1554303345.209984,VS0,VE1
X-Frame-Options: deny
Date: Wed, 03 Apr 2019 14:55:45 GMT
Source-Age: 926194
Vary: Authorization,Accept-Encoding
Strict-Transport-Security: max-age=31557600
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Wed, 03 Apr 2019 15:00:45 GMT
Cache-Control: max-age=300
Etag: "fa9bce37ea8c84e1e558a3d4221615caa9590d0a"
Accept-Ranges: bytes
Timing-Allow-Origin: https://github.com
X-Cache-Hits: 1

GET
H2 200 frameworks-c3fed18a.js Show response
github.githubassets.com/assets/ 265 KB
81 KB 8ms
8ms Script
application/javascript 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://github.githubassets.com/assets/frameworks-c3fed18a.js
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31db1246962ff981361a828af39de673e6cef5283bc5775902901b04deb2799c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com

Response headers

x-fastly-request-id: 3961583f487389ac26cb90e3f420a144645e3056
date: Wed, 03 Apr 2019 14:55:45 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age: 2356
x-cache: HIT, HIT
status: 200
content-length: 82306
x-served-by: cache-iad2137-IAD, cache-hhn1551-HHN
access-control-allow-origin: *
last-modified: Mon, 01 Apr 2019 20:48:36 GMT
server: AmazonS3
x-timer: S1554303345.156179,VS0,VE0
etag: "e2299e757b19975bd842ee7801faeb0c"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 1, 926

GET
H2 200 github-bootstrap-6b0ab542.js Show response
github.githubassets.com/assets/ 316 KB
84 KB 10ms
8ms Script
application/javascript 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://github.githubassets.com/assets/github-bootstrap-6b0ab542.js
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb828f2042321400c99432b477b98314d59b01f2e651c7f0c3fd977b9e0f6119

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com

Response headers

x-fastly-request-id: ba035741c9b615c61075fc4ea653ca72a6fd2a16
date: Wed, 03 Apr 2019 14:55:45 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
age: 3527
x-cache: MISS, HIT
status: 200
content-length: 85276
x-served-by: cache-iad2133-IAD, cache-hhn1551-HHN
access-control-allow-origin: *
last-modified: Wed, 03 Apr 2019 13:55:17 GMT
server: AmazonS3
x-timer: S1554303345.161564,VS0,VE0
etag: "335ad45d8d7f4af290da3d4bc4af9a27"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
x-cache-hits: 0, 12344

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 site-signup-prompt.png
github.githubassets.com/images/modules/site/ 98 KB
98 KB 10ms
9ms Image
image/png 185.199.108.154
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://github.githubassets.com/images/modules/site/site-signup-prompt.png
Requested by: Host: github.com
URL: https://github.com/kgretzky/evilginx2/issues/124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.154 -, , ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0493cf9fd169f58d9548e4a778508d671f63ba72e113133d0675c496dcc35cc5

Request headers

Referer: https://github.githubassets.com/assets/site-fb3830abec4858c7644fa8b4f8759252.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fastly-request-id: 5a1a76e8d9da942619bdcd08ccb82f7432c13cd9
date: Wed, 03 Apr 2019 14:55:45 GMT
via: 1.1 varnish, 1.1 varnish
age: 4966
x-cache: HIT, HIT
status: 200
access-control-max-age: 3600
content-length: 99909
x-served-by: cache-iad2141-IAD, cache-hhn1524-HHN
last-modified: Fri, 09 Nov 2018 22:10:08 GMT
server: AmazonS3
x-timer: S1554303345.220602,VS0,VE0
etag: "75c0f64ad08dc8036a4daacb75cd9c0f"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1, 572

POST
H2 200 collect
www.google-analytics.com/r/ 35 B
102 B 13ms
13ms Other
image/gif 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/r/collect

Requested by

Host: github.githubassets.com
URL: https://github.githubassets.com/assets/frameworks-c3fed18a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Apr 2019 14:55:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: https://github.com
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK page_view
collector.githubapp.com/github/ 35 B
529 B 108ms
106ms Image
image/gif 52.20.29.9
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://collector.githubapp.com/github/page_view?dimensions[page]=https%3A%2F%2Fgithub.com%2Fkgretzky%2Fevilginx2%2Fissues%2F124&dimensions[title]=Evilginx%20doesn%27t%20redirect%20to%20URL%20parameter%20set%20with%20get-url%20%C2%B7%20Issue%20%23124%20%C2%B7%20kgretzky%2Fevilginx2%20%C2%B7%20GitHub&dimensions[referrer]=&dimensions[user_agent]=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&dimensions[screen_resolution]=1600x1200&dimensions[pixel_ratio]=1&dimensions[browser_resolution]=1600x1200&dimensions[tz_seconds]=0&dimensions[timestamp]=1554303345767&dimensions[request_id]=CA6C%3A3821%3A501218%3A8C1057%3A5CA4C945&dimensions[region_edge]=iad&dimensions[region_render]=iad&dimensions[user_id]=19260967&dimensions[user_login]=kgretzky&dimensions[repository_id]=140412864&dimensions[repository_nwo]=kgretzky%2Fevilginx2&dimensions[repository_public]=true&dimensions[repository_is_fork]=false&dimensions[repository_network_root_id]=140412864&dimensions[repository_network_root_nwo]=kgretzky%2Fevilginx2&dimensions[repository_explore_github_marketplace_ci_cta_shown]=false&&measures[performance_timing]=1-933-933-2324-2094-2093-2092-1695-933-933-933--2324-0---934-1693-1691---&&&dimensions[cid]=1908433794.1554303346

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.29.9 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-20-29-9.compute-1.amazonaws.com

Software

GitHub.com /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://github.com/kgretzky/evilginx2/issues/124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Apr 2019 14:55:45 GMT
Last-Modified: Wed, 03 Apr 2019 14:55:45 GMT
Server: GitHub.com
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif; charset=utf-8
X-Request-Id: 0b3796932b1f3a7bf6982389271587d5
Cache-Control: no-store, no-cache, must-revalidate, private
X-UA-Compatible: IE=Edge,chrome=1
Connection: keep-alive
X-Runtime: 0.003062
Content-Length: 35
X-Rack-Cache: miss
Expires: Sat, 25 Nov 2000 05:00:00 GMT

POST
H/1.1 200
OK stats
api.github.com/_private/browser/ 0
904 B 478ms
282ms Other
application/json 192.30.253.117
GitHub

General

Check archive.org

Show headers Download Go to

Full URL

https://api.github.com/_private/browser/stats

Requested by

Host: github.githubassets.com
URL: https://github.githubassets.com/assets/frameworks-c3fed18a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.30.253.117 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US),

Reverse DNS

lb-192-30-253-117-iad.github.com

Software

GitHub.com /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://github.com
Accept-Encoding: gzip, deflate, br
Host: api.github.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain
Accept: */*
Cache-Control: no-cache
Referer: https://github.com/kgretzky/evilginx2/issues/124
Cookie: _ga=GA1.2.84655993.1554303346; _gat=1; _octo=GH1.1.1908433794.1554303346
Connection: keep-alive
Content-Length: 11182
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 03 Apr 2019 14:55:46 GMT
X-Content-Type-Options: nosniff
X-GitHub-Media-Type: github.v3; format=json
Status: 200 OK
X-RateLimit-Limit: 60
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 5
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: 81E4:4011:37DADA:7A41C0:5CA4C971
X-Frame-Options: deny
X-RateLimit-Remaining: 60
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type
Cache-Control: no-cache
X-RateLimit-Reset: 1554306946
Content-Security-Policy: default-src 'none'

POST
H/1.1 200
OK errors Show response
api.github.com/_private/browser/ 5 B
904 B 369ms
131ms Fetch
application/json 192.30.253.116
GitHub

General

Check archive.org

Show headers Download Go to

Full URL

https://api.github.com/_private/browser/errors

Requested by

Host: github.githubassets.com
URL: https://github.githubassets.com/assets/frameworks-c3fed18a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

192.30.253.116 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US),

Reverse DNS

lb-192-30-253-116-iad.github.com

Software

GitHub.com /

Resource Hash

8e1d794b49e35ea828279c6a8c95282bbb9a0787cf5c9385256c2cc9d17baeb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://github.com
Accept-Encoding: gzip, deflate, br
Host: api.github.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Cache-Control: no-cache
Referer: https://github.com/kgretzky/evilginx2/issues/124
Connection: keep-alive
Content-Length: 556
Referer: https://github.com/kgretzky/evilginx2/issues/124
Origin: https://github.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 03 Apr 2019 14:55:56 GMT
X-Content-Type-Options: nosniff
X-GitHub-Media-Type: github.v3; format=json
Status: 200 OK
X-RateLimit-Limit: 60
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 5
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: GitHub.com
X-GitHub-Request-Id: B7C8:4FF2:3BD9B9:817139:5CA4C97C
X-Frame-Options: deny
X-RateLimit-Remaining: 60
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type
Cache-Control: no-cache
X-RateLimit-Reset: 1554306956
Content-Security-Policy: default-src 'none'

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
github.com/	1969-12-31 23:59:59	Name: tz Value: UTC
.github.com/	1970-01-18 23:45:03	Name: _gat Value: 1
.github.com/	1970-01-19 17:16:15	Name: _octo Value: GH1.1.1908433794.1554303346
.github.com/	1970-01-19 17:16:15	Name: _ga Value: GA1.2.84655993.1554303346

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.github.com
avatars0.githubusercontent.com
avatars1.githubusercontent.com
avatars2.githubusercontent.com
avatars3.githubusercontent.com
collector.githubapp.com
github.com
github.githubassets.com
www.facebook.com.reply-account.tk
www.google-analytics.com
103.251.177.242
151.101.0.133
151.101.192.133
185.199.108.154
192.30.253.113
192.30.253.116
192.30.253.117
2a00:1450:4001:81e::200e
52.20.29.9
0493cf9fd169f58d9548e4a778508d671f63ba72e113133d0675c496dcc35cc5
052dedbc9ec5734971f46573407d84bc1e09c0314f3f185eadb932dba2dba583
1e4fe4235f2fdb6903e235665896ab5f9714447cda90161b308050bbac806df8
2aeac899f9e46d227d85753d17392bab0e317c0a0efbe27a2e3deae3d245761e
31db1246962ff981361a828af39de673e6cef5283bc5775902901b04deb2799c
3c03cad8963b3bbd667800db8dd6761f330c667ccc326b9fb18198055cf25dfe
4b5f59f77dca77d8f1f8754d2b93596d8bd0c9773618c4231f2a8a49f55023b1
6291a718a8bf38eac081aae2ad0893b04766e02bac471e13c871362db011376e
708ba15f5e18fba9654bb88407c61d7c82d1e7693dac39490af261cb61a5af71
7e2d30caebb4fdfbbb2cdfbf93e1877d14f4fe7ab030c80b28e4973604a4c16e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1d794b49e35ea828279c6a8c95282bbb9a0787cf5c9385256c2cc9d17baeb7
a20cb5d1433304b40efb10477917e489d570a01964a57e8f69984764c095eccf
b39350cb0ed00f249bba6eda0d1d930b9a1c9557e79b0823f1edd2b64dcf2e21
bb8c24529fda273420cff3bec25a1a8ed6b5ebfe4ff8e892a1308eb341021fb1
c856609cbd345cde3ec04a4b37ad3450c4492db5878b5d568266d37b96469b26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb828f2042321400c99432b477b98314d59b01f2e651c7f0c3fd977b9e0f6119

github.com Open in urlscan Pro 192.30.253.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

11 %IPv6

6 Domains

10 Subdomains

9 IPs

4 Countries

427 kBTransfer

1367 kBSize

4 Cookies

16 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

github.com Open in urlscan Pro
192.30.253.113 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

11 %
IPv6

6
Domains

10
Subdomains

9
IPs

4
Countries

427 kB
Transfer

1367 kB
Size

4
Cookies

21 HTTP transactions
1 data transactions