URL: https://gist.github.com/plamber/7186fad364fb671b7d6ebe06347ef68c.js?file=deletemessage.ps1
Submission: On June 30 via manual from US

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions.
The main IP is 140.82.118.4, located in United States and belongs to GITHUB, US. The main domain is gist.github.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 22nd 2020. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 140.82.118.4 36459 (GITHUB)
1 1
Domain
Subdomains
Transfer
1 github.com
3 KB
1 1
Domain Requested by
1 gist.github.com
1 1

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
*.github.com
DigiCert SHA2 High Assurance Server CA
2020-06-22 -
2022-08-17
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^GitHub\.com$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

1 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 7186fad364fb671b7d6ebe06347ef68c.js?file=deletemessage.ps1
/plamber
7 KB
3 KB
Document
General
Full URL
https://gist.github.com/plamber/7186fad364fb671b7d6ebe06347ef68c.js?file=deletemessage.ps1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.118.4 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-140-82-118-4-ams.github.com
Software
GitHub.com /
Resource Hash
099be75c7ec83946014bf845a3cf9a0461529c7f2f6dcc863d512324d50fc768
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Host
gist.github.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 21:57:44 GMT
content-type
text/javascript; charset=utf-8
server
GitHub.com
status
200 OK
vary
X-PJAX, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
etag
W/"099be75c7ec83946014bf845a3cf9a04"
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-frame-options
deny
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
expect-ct
max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js
Content-Encoding
gzip
Set-Cookie
_gh_sess=uE7iL2jFrCRaFOlrn%2Fn%2B%2BjvD56qoNSPMADbS0TaAYbO%2Bi8CD1VLQoP%2BIskeGW3bvfvpgVPLsye0SK1zHWqg8I1PLDg4NIZWOh%2B55mxvhG%2BqfaDonIJG2vGThcE0Nd3G77Rcfc5ud7QgqQWkhsMQ1jVGqnsvnItPWPd1XvcL1vlN%2FO%2BrzVhbpcKyn0vjeskbZX3qbyoIwYCLBDorjRhNqZe4MsODXJ4lvf5q48VUSWohQBiTBo95TOmCsf9ulApkPhkCfDOtZjHh0zkCcwr1DEA%3D%3D--%2Fs9Phk%2F1s2WZWQx8--FfnRKwE%2Fn%2FLu%2FolIaAOLxQ%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax _octo=GH1.1.54694111.1593554264; Path=/; Domain=github.com; Expires=Wed, 30 Jun 2021 21:57:44 GMT; Secure; SameSite=Lax logged_in=no; Path=/; Domain=github.com; Expires=Wed, 30 Jun 2021 21:57:44 GMT; HttpOnly; Secure; SameSite=Lax
Accept-Ranges
bytes
Content-Length
1138
X-GitHub-Request-Id
2872:C5FD:5CF953:85F5F4:5EFBB558

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Domain/Path Name / Value
.github.com/ Name: logged_in
Value: no
.github.com/ Name: _octo
Value: GH1.1.54694111.1593554264
gist.github.com/ Name: _gh_sess
Value: uE7iL2jFrCRaFOlrn%2Fn%2B%2BjvD56qoNSPMADbS0TaAYbO%2Bi8CD1VLQoP%2BIskeGW3bvfvpgVPLsye0SK1zHWqg8I1PLDg4NIZWOh%2B55mxvhG%2BqfaDonIJG2vGThcE0Nd3G77Rcfc5ud7QgqQWkhsMQ1jVGqnsvnItPWPd1XvcL1vlN%2FO%2BrzVhbpcKyn0vjeskbZX3qbyoIwYCLBDorjRhNqZe4MsODXJ4lvf5q48VUSWohQBiTBo95TOmCsf9ulApkPhkCfDOtZjHh0zkCcwr1DEA%3D%3D--%2Fs9Phk%2F1s2WZWQx8--FfnRKwE%2Fn%2FLu%2FolIaAOLxQ%3D%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

gist.github.com


140.82.118.4

099be75c7ec83946014bf845a3cf9a0461529c7f2f6dcc863d512324d50fc768