www.proofpoint.com Open in urlscan Pro
2a02:e980:d::87 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Submission: On August 17 via api (August 17th 2019, 5:35:16 am UTC) from US

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 48 HTTP transactions. The main IP is 2a02:e980:d::87, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.proofpoint.com.
TLS certificate: Issued by Thawte RSA CA 2018 on January 11th 2019. Valid for: a year.

This is the only time www.proofpoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2a02:e980:d::87 2a02:e980:d::87	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	2606:4700::68... 2606:4700::6810:252f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.111.251.133 104.111.251.133	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
48	6

42 2a02:e980:d::87 (United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)

www.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:252f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.maxmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.251.133 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-251-133.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	proofpoint.com www.proofpoint.com	4 MB
2	googleapis.com fonts.googleapis.com	2 KB
1	marketo.net munchkin.marketo.net	1 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	maxmind.com js.maxmind.com	2 KB
0	typography.com Failed cloud.typography.com Failed
48	6

	Domain	Requested by
42	www.proofpoint.com	www.proofpoint.com
2	fonts.googleapis.com	www.proofpoint.com
1	munchkin.marketo.net	www.proofpoint.com
1	www.googleadservices.com	www.proofpoint.com
1	js.maxmind.com	www.proofpoint.com
0	cloud.typography.com Failed	www.proofpoint.com
48	6

This site contains no links.

Subject Issuer	Validity	Valid
proofpoint.com Thawte RSA CA 2018	`2019-01-11` - `2020-02-06`	a year	crt.sh
*.maxmind.com COMODO RSA Organization Validation Secure Server CA	`2018-10-15` - `2020-11-06`	2 years	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Frame ID: 3C94D5E320C699E05855C047711E3F59
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

48
Requests

98 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

3729 kB
Transfer

4705 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request threat-actors-abuse-github-service-host-variety-phishing-kits Show response
www.proofpoint.com/us/threat-insight/post/ 67 KB
19 KB 352ms
352ms Document
text/html 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

9d39eee771b1ee7adf08bb7134bdeb838b4a67a27bb5220a2ee447b36cc90cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.proofpoint.com
:scheme: https
:path: /us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Sat, 17 Aug 2019 05:34:38 GMT
content-type: text/html; charset=utf-8
x-drupal-cache: MISS
x-content-type-options: nosniff
etag: "1566011617-0"
expires: Sun, 18 Aug 2019 03:13:37 GMT
x-frame-options: SAMEORIGIN
content-language: en
x-generator: Drupal 7 (http://drupal.org)
link: <https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits>; rel="canonical",<https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits>; rel="shortlink"
cache-control: public, max-age=86400
last-modified: Sat, 17 Aug 2019 03:13:37 GMT
vary: Cookie,Accept-Encoding
content-encoding: gzip
x-request-id: v-018276f8-c09d-11e9-9060-8703a6e112b0
x-ah-environment: prod
age: 8460
via: varnish
x-cache: HIT
x-cache-hits: 4
accept-ranges: bytes
set-cookie: visid_incap_177663=ekm+KkcwRn25kJ+C/E/ZYO2RV10AAAAAQUIPAAAAAAB75FllpDHabdAI0poLKyRl; expires=Sat, 15 Aug 2020 08:39:41 GMT; path=/; Domain=.proofpoint.com incap_ses_246_177663=Wi21MVpNfGzml+7r4PdpA+6RV10AAAAAG8E5PZm09nhypBZQ6jXjkg==; path=/; Domain=.proofpoint.com
x-iinfo: 7-32768458-32768459 NNNN CT(0 0 0) RT(1566020078014 0) q(0 0 0 0) r(1 3) U18
x-cdn: Incapsula

GET
H2 200 css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css
www.proofpoint.com/sites/default/files/css/ 4 KB
1 KB 8ms
6ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/css/css_rEI_5cK_B9hB4So2yZUtr5weuEV3heuAllCDE6XsIkI.css
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: ac423fe5c2bf07d841e12a36c9952daf9c1eb8457785eb8096508313a5ec2242

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2019 21:17:20 GMT
x-cdn: Incapsula
etag: "a03afbf5"
content-type: text/css
status: 200
x-iinfo: 7-32768534-0 0CNN RT(1566020078371 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 1236
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 css_dflN4gznpSoqyE-fQqvdVodUm8IHE1_6p9W67RzHBgo.css
www.proofpoint.com/sites/default/files/css/ 21 KB
5 KB 9ms
7ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/css/css_dflN4gznpSoqyE-fQqvdVodUm8IHE1_6p9W67RzHBgo.css
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 75f94de20ce7a52a2ac84f9f42abdd5687549bc207135ffaa7d5baed1cc7060a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2019 22:51:13 GMT
x-cdn: Incapsula
etag: "e1b80d0d"
content-type: text/css
status: 200
x-iinfo: 7-32768535-0 0CNN RT(1566020078373 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 4794
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 css_YvthmAHmOujLQtPnmuEtkfiby4EqNavjYNQ2dGZqvJg.css
www.proofpoint.com/sites/default/files/css/ 5 KB
2 KB 10ms
8ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/css/css_YvthmAHmOujLQtPnmuEtkfiby4EqNavjYNQ2dGZqvJg.css
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 62fb619801e63ae8cb42d3e79ae12d91f89bcb812a35abe360d43674666abc98

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2019 21:17:21 GMT
x-cdn: Incapsula
etag: "f67e2f41"
content-type: text/css
status: 200
x-iinfo: 7-32768536-0 0CNN RT(1566020078374 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 1532
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 styles.css
www.proofpoint.com/sites/all/themes/proofpoint/css/ 341 KB
47 KB 11ms
9ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/css/styles.css?pwd29m
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 40c2df11fbebad9e05c5dfc4f9aad292a399642492254bc628e234089ec4e89b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 23:10:22 GMT
x-cdn: Incapsula
content-type: text/css
status: 200
x-iinfo: 7-32768537-0 0CNN RT(1566020078375 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 47890
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 proofpoint.css
www.proofpoint.com/sites/all/themes/proofpoint/css/ 1008 B
544 B 11ms
10ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/css/proofpoint.css?pwd29m
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: c6687d159fd14a00a4b187ecfa840c0e21d5a28f352003295d8508190fbdd826

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 07 Dec 2018 08:47:10 GMT
x-cdn: Incapsula
content-type: text/css
status: 200
x-iinfo: 7-32768538-0 0CNN RT(1566020078376 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 439
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 css_BrVgfOKhtkZMh1aQSbCs0fpt2AudRCY30O33nWe_hig.css
www.proofpoint.com/sites/default/files/css/ 197 KB
76 KB 12ms
10ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/css/css_BrVgfOKhtkZMh1aQSbCs0fpt2AudRCY30O33nWe_hig.css
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 06b5607ce2a1b6464c87569049b0acd1fa6dd80b9d442637d0edf79d67bf8628

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 16 Aug 2019 22:50:44 GMT
x-cdn: Incapsula
etag: "35d9f265"
content-type: text/css
status: 200
x-iinfo: 7-32768539-0 0CNN RT(1566020078377 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 77298
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 css_nQwtytNsztHNRD8oGYQyyja_LgjxLi44qLISIPyImuw.css
www.proofpoint.com/sites/default/files/css/ 113 B
227 B 16ms
14ms Stylesheet
text/css 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/css/css_nQwtytNsztHNRD8oGYQyyja_LgjxLi44qLISIPyImuw.css
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 9d0c2dcad36cced1cd443f28198432ca36bf2e08f12e2e38a8b21220fc889aec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2019 19:21:25 GMT
x-cdn: Incapsula
etag: "3c611d61"
content-type: text/css
status: 200
x-iinfo: 7-32768540-0 0CNN RT(1566020078378 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 113
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 js_jATlw3iucl8O1KM88pfP_buAg5xbrWmEgBVT94k-xFs.js Show response
www.proofpoint.com/sites/default/files/js/ 3 KB
2 KB 16ms
14ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_jATlw3iucl8O1KM88pfP_buAg5xbrWmEgBVT94k-xFs.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8c04e5c378ae725f0ed4a33cf297cffdbb80839c5bad6984801553f7893ec45b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2019 21:17:24 GMT
x-cdn: Incapsula
etag: "d70c6bae"
content-type: text/javascript
status: 200
x-iinfo: 7-32768541-0 0CNN RT(1566020078379 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 1583
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 js_Sd3E1-ubI8_oPJ3epUeNgAhdPIZsHFWzDl_t8nL-a0k.js Show response
www.proofpoint.com/sites/default/files/js/ 286 KB
86 KB 16ms
15ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_Sd3E1-ubI8_oPJ3epUeNgAhdPIZsHFWzDl_t8nL-a0k.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 49ddc4d7eb9b23cfe83c9ddea5478d80085d3c866c1c55b30e5fedf272fe6b49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 00:13:20 GMT
x-cdn: Incapsula
etag: "8d8cec88"
content-type: text/javascript
status: 200
x-iinfo: 7-32768542-0 0CNN RT(1566020078379 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201202, public
content-length: 87383
expires: Sat, 31 Aug 2019 03:14:40 GMT

GET
H2 200 js_5vQZfnw555SB_O3f6hT7WgFdY4KMR-8z4yzVohnQouU.js Show response
www.proofpoint.com/sites/default/files/js/ 32 KB
11 KB 18ms
17ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_5vQZfnw555SB_O3f6hT7WgFdY4KMR-8z4yzVohnQouU.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: e6f4197e7c39e79481fceddfea14fb5a015d63828c47ef33e32cd5a219d0a2e5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 00:13:20 GMT
x-cdn: Incapsula
etag: "04b95502"
content-type: text/javascript
status: 200
x-iinfo: 7-32768543-0 0CNN RT(1566020078380 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 10968
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 js_oYQw43wAjKdM3p6nU1hLDI3mDgL3UfCyqPsngNU6GnY.js Show response
www.proofpoint.com/sites/default/files/js/ 2 KB
738 B 19ms
18ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_oYQw43wAjKdM3p6nU1hLDI3mDgL3UfCyqPsngNU6GnY.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: a18430e37c008ca74cde9ea753584b0c8de60e02f751f0b2a8fb2780d53a1a76

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2019 19:21:26 GMT
x-cdn: Incapsula
etag: "f5226ed5"
content-type: text/javascript
status: 200
x-iinfo: 7-32768544-0 0CNN RT(1566020078381 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 600
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 js_zDz6OD0aee_SzC8Md9FNnnSFgxJWG22Pihtjt166tQA.js Show response
www.proofpoint.com/sites/default/files/js/ 78 KB
28 KB 19ms
18ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_zDz6OD0aee_SzC8Md9FNnnSFgxJWG22Pihtjt166tQA.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: cc3cfa383d1a79efd2cc2f0c77d14d9e74858312561b6d8f8a1b63b75ebab500

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 00:14:34 GMT
x-cdn: Incapsula
etag: "3f7241c5"
content-type: text/javascript
status: 200
x-iinfo: 7-32768545-0 0CNN RT(1566020078381 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201467, public
content-length: 28482
expires: Sat, 31 Aug 2019 03:19:05 GMT

GET
H2 200 js_V59Lq7kRtaAiYM_YS8pC0OFMBYJk_jt8nNK4UA1wlGk.js Show response
www.proofpoint.com/sites/default/files/js/ 8 KB
2 KB 20ms
19ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_V59Lq7kRtaAiYM_YS8pC0OFMBYJk_jt8nNK4UA1wlGk.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 579f4babb911b5a02260cfd84bca42d0e14c058264fe3b7c9cd2b8500d709469

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 23:10:38 GMT
x-cdn: Incapsula
etag: "240d3ade"
content-type: text/javascript
status: 200
x-iinfo: 7-32768546-0 0CNN RT(1566020078382 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 1934
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 geoip2.js Show response
js.maxmind.com/js/apis/geoip2/v2.1/ 4 KB
2 KB 684ms
16ms Script
application/javascript 2606:4700::6810:252f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.maxmind.com/js/apis/geoip2/v2.1/geoip2.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:252f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69666124ea4313cf5b2da94871c86acd68bcbc4d50b360fdebc4dc3b977dde21

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Aug 2019 18:06:10 GMT
server: cloudflare
age: 1515
etag: W/"5d559f12-f39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=43200
cf-ray: 507947b93997dfeb-FRA
expires: Sat, 17 Aug 2019 17:34:39 GMT

GET
H2 200 js_W5fEOeIW0TWunhDVrtJI2tfSDJsF5U0-qYgg5VUhN50.js Show response
www.proofpoint.com/sites/default/files/js/ 13 KB
4 KB 20ms
19ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_W5fEOeIW0TWunhDVrtJI2tfSDJsF5U0-qYgg5VUhN50.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 5b97c439e216d135ae9e10d5aed248dad7d20c9b05e54d3ea98820e55521379d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2019 19:21:26 GMT
x-cdn: Incapsula
etag: "d82693c3"
content-type: text/javascript
status: 200
x-iinfo: 7-32768547-0 0CNN RT(1566020078383 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201201, public
content-length: 3712
expires: Sat, 31 Aug 2019 03:14:39 GMT

GET
H2 200 js_QYIwceR_SVGaqvz86mmMZdtTBRKXyXKeCBDanqK3AoM.js Show response
www.proofpoint.com/sites/default/files/js/ 146 KB
43 KB 20ms
19ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_QYIwceR_SVGaqvz86mmMZdtTBRKXyXKeCBDanqK3AoM.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 41823071e47f49519aaafcfcea698c65db53051297c9729e0810da9ea2b70283

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 16 Aug 2019 22:50:44 GMT
x-cdn: Incapsula
etag: "3ecef68e"
content-type: text/javascript
status: 200
x-iinfo: 7-32768548-0 0CNN RT(1566020078383 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201202, public
content-length: 43727
expires: Sat, 31 Aug 2019 03:14:40 GMT

GET
H2 200 logo-reg.svg
www.proofpoint.com/sites/all/themes/proofpoint/ 3 KB
1 KB 8ms
5ms Image
image/svg+xml 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/logo-reg.svg
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 07 Dec 2018 08:47:10 GMT
x-cdn: Incapsula
etag: "13fdd2ef"
content-type: image/svg+xml
status: 200
x-iinfo: 7-32768555-0 0CNN RT(1566020078393 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1209588, public
content-length: 1124
expires: Sat, 31 Aug 2019 05:34:26 GMT

GET
H2 200 cybersecurity-guide.png
www.proofpoint.com/sites/all/themes/proofpoint/images/ 120 KB
120 KB 7ms
6ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/images/cybersecurity-guide.png
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 3140e03d8dd88ddfc2a9eefc88a3ae4b233c3f6182423775f83e22e16d072cd5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
last-modified: Wed, 24 Apr 2019 16:02:59 GMT
x-cdn: Incapsula
etag: "a3bc78f0"
content-type: image/png
status: 200
x-iinfo: 7-32768556-0 0CNN RT(1566020078394 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201202, public
content-length: 123158
expires: Sat, 31 Aug 2019 03:14:40 GMT

GET
H2 200 home.svg
www.proofpoint.com/sites/all/themes/proofpoint/images/ 784 B
646 B 6ms
6ms Image
image/svg+xml 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/images/home.svg
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 0e41e449d2997692fc3631d239e51c964577b35502ee9e138eead4a960682806

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:54 GMT
content-encoding: gzip
last-modified: Tue, 18 Jun 2019 16:19:41 GMT
x-cdn: Incapsula
etag: "4c25cdee"
content-type: image/svg+xml
status: 200
x-iinfo: 14-100731732-0 0CNN RT(1566020094575 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1209573, public
content-length: 477
expires: Sat, 31 Aug 2019 05:34:27 GMT

GET
H2 200 ghfishingpolesmall.png
www.proofpoint.com/sites/default/files/styles/image_1920_x_400/public/images/Blog/ 938 KB
942 KB 347ms
347ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/styles/image_1920_x_400/public/images/Blog/ghfishingpolesmall.png?itok=q0AJ3Ya9&timestamp=1556124190

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

841952bcdcc335641386c247ef3282649e33a2c391427b62bbd5131adb9a622a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:55 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100731735-100728250 2NNN RT(1566020094582 0) q(0 0 0 -1) r(4 4) U18
x-ah-environment: prod
content-length: 961015
x-request-id: v-be599b72-c0b0-11e9-bc53-ff37cf662294
last-modified: Wed, 24 Apr 2019 17:24:26 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:55 GMT

GET
H2 200 ghf1_blur.png
www.proofpoint.com/sites/default/files/ 248 KB
249 KB 187ms
187ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf1_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

c69516207bb9088b4da2ed581874fa16daf19897a750a7cca31665192f17f88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:56 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732045-100728250 2NNN RT(1566020095736 0) q(0 0 0 1) r(2 2) U18
x-ah-environment: prod
content-length: 253959
x-request-id: v-bf09ccae-c0b0-11e9-b66a-bf482e7c3b6c
last-modified: Wed, 24 Apr 2019 17:00:58 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:56 GMT

GET
H2 200 ghf2_blur.png
www.proofpoint.com/sites/default/files/ 104 KB
105 KB 524ms
523ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf2_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

3bff410dd311042d5efe13efc68f52c959202d1e8eb0768a018175296f4a050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:56 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732077-100721537 2NNN RT(1566020095930 0) q(0 0 0 -1) r(5 5) U18
x-ah-environment: prod
content-length: 106195
x-request-id: v-bf276ba6-c0b0-11e9-9f09-27e9a32ac35a
last-modified: Wed, 24 Apr 2019 17:01:22 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:56 GMT

GET
H2 200 ghf3_blur.png
www.proofpoint.com/sites/default/files/ 89 KB
90 KB 364ms
363ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf3_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

fde5989699185a25e4fc4f7812860e83011fa54f3e45c73cd11b6da0cdd80c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:57 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732297-100724168 2NNN RT(1566020096777 0) q(0 0 0 -1) r(4 4) U18
x-ah-environment: prod
content-length: 91236
x-request-id: v-bfa9e1f8-c0b0-11e9-8b40-ef5c36281171
last-modified: Wed, 24 Apr 2019 17:04:46 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:57 GMT

GET
H2 200 ghf4.png
www.proofpoint.com/sites/default/files/ 75 KB
76 KB 186ms
185ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf4.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

493962532fd1f27c6d8f1117c0e4de92363fefc89e3ce47d6adc91bb875ed6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:57 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732415-100721537 2NNN RT(1566020097311 0) q(0 0 0 -1) r(1 1) U18
x-ah-environment: prod
content-length: 76982
x-request-id: v-bffa31bc-c0b0-11e9-a432-1b74f7c3d7c8
last-modified: Wed, 24 Apr 2019 16:56:31 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:57 GMT

GET
H2 200 ghf5.png
www.proofpoint.com/sites/default/files/ 265 KB
265 KB 185ms
185ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf5.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

503ff8a9793dbd0b99bc29e517e0fc1db89506965ed8cade4d85e67a879a4d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:58 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732518-100728250 2NNN RT(1566020097657 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 271182
x-request-id: v-c02edbb0-c0b0-11e9-807d-170263557d9d
last-modified: Wed, 24 Apr 2019 16:57:10 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:58 GMT

GET
H2 200 ghf6_blur.png
www.proofpoint.com/sites/default/files/ 57 KB
58 KB 354ms
353ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf6_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

ca118445b64c0fd2d7d7f9e3bf9f9fafde46bf413701ca1a9d3cd420d139ea22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:58 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732599-100728266 2NNN RT(1566020097985 0) q(0 0 0 -1) r(4 4) U18
x-ah-environment: prod
content-length: 58553
x-request-id: v-c0610658-c0b0-11e9-80bb-ab307dc05b62
last-modified: Wed, 24 Apr 2019 17:06:25 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:58 GMT

GET
H2 200 ghf7_blur.png
www.proofpoint.com/sites/default/files/ 69 KB
70 KB 187ms
186ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf7_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

9f213cb4c06a9cd206e551cb522d9aa95c1cddf61914f00bc6ca29ff66afee3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:58 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732688-100721537 2NNN RT(1566020098325 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 70598
x-request-id: v-c094db22-c0b0-11e9-aae9-b7a4f585ab8b
last-modified: Wed, 24 Apr 2019 17:07:14 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:58 GMT

GET
H2 200 ghf8_blur.png
www.proofpoint.com/sites/default/files/ 60 KB
60 KB 343ms
342ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf8_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

fb50d55ae0cc3da5beb776cf148a80c436c40318f6f51284f69955f9fcd4fa7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:59 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732740-100721572 2NNN RT(1566020098503 0) q(0 0 0 -1) r(3 3) U18
x-ah-environment: prod
content-length: 61357
x-request-id: v-c0afe7fa-c0b0-11e9-bcc7-fbe3b1d5304a
last-modified: Wed, 24 Apr 2019 17:07:41 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:59 GMT

GET
H2 200 ghf9.png
www.proofpoint.com/sites/default/files/ 98 KB
99 KB 378ms
377ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf9.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

19e2992b38ae1b1fb44692bff2bba9d1f07fe22d59426fc996906026c369f953

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:59 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732814-100724168 2NNN RT(1566020098832 0) q(0 0 0 -1) r(4 4) U18
x-ah-environment: prod
content-length: 100531
x-request-id: v-c0e37bf6-c0b0-11e9-8a8a-3f6594a4737e
last-modified: Wed, 24 Apr 2019 16:59:30 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:59 GMT

GET
H2 200 ghf10.png
www.proofpoint.com/sites/default/files/ 68 KB
68 KB 185ms
184ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf10.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

a614f10f83ebd039b5cb9cb9c77528a5e8ae76eafc9eb5c1611e37b43ea9dfec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:59 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732876-100728266 2NNN RT(1566020099006 0) q(0 0 0 -1) r(1 1) U18
x-ah-environment: prod
content-length: 69390
x-request-id: v-c0fc9154-c0b0-11e9-8d33-8f98b98e0f51
last-modified: Wed, 24 Apr 2019 17:00:10 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:59 GMT

GET
H2 200 ghf11_blur.png
www.proofpoint.com/sites/default/files/ 121 KB
122 KB 360ms
360ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf11_blur.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

9b94aac94221a37c8bac113f30649d3d929af66fad1a8f0f633e24d8a85f42b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:59 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732948-100720389 2NNN RT(1566020099352 0) q(0 0 0 -1) r(4 4) U18
x-ah-environment: prod
content-length: 124115
x-request-id: v-c132c1fc-c0b0-11e9-a474-075b9087e4d3
last-modified: Wed, 24 Apr 2019 17:08:36 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:59 GMT

GET
H2 200 ghf12.png
www.proofpoint.com/sites/default/files/ 141 KB
142 KB 204ms
203ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf12.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

b3d819b192da5317c9cfe744c8a4c677bc2929863482cd18e49ae53f85a99219

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:00 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100732957-100724168 2NNN RT(1566020099389 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 144564
x-request-id: v-c1384226-c0b0-11e9-98f0-4752e09fa342
last-modified: Wed, 24 Apr 2019 17:09:01 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:34:59 GMT

GET
H2 200 ghf13.png
www.proofpoint.com/sites/default/files/ 254 KB
255 KB 196ms
196ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf13.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

754dcd176a3df2e3e0fe2533b0d08aef0358a4ca60b3aa289c82fa33068f9980

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:00 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733061-100724168 2NNN RT(1566020099761 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 259924
x-request-id: v-c1711a42-c0b0-11e9-98fa-ab4734a9b351
last-modified: Wed, 24 Apr 2019 17:09:37 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:00 GMT

GET
H2 200 ghf14.png
www.proofpoint.com/sites/default/files/ 132 KB
133 KB 202ms
202ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf14.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

8d4c1148ccbe7227b2dfa0193f061ebbd964537333be39dd00a14acf4640a240

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:00 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733135-100720389 2NNN RT(1566020100053 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 135149
x-request-id: v-c19dcd9e-c0b0-11e9-9acf-0fdfc21ff9cc
last-modified: Wed, 24 Apr 2019 17:10:07 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:00 GMT

GET
H2 200 ghf15.png
www.proofpoint.com/sites/default/files/ 32 KB
33 KB 354ms
354ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf15.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

972df8cdadac0cb2f26ffa67b3d78311940dc567fd863ffa5e1a5ac80c63c753

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:00 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733155-100721572 2NNN RT(1566020100127 0) q(0 0 0 -1) r(3 3) U18
x-ah-environment: prod
content-length: 33202
x-request-id: v-c1a77088-c0b0-11e9-8a29-4b9d62458865
last-modified: Wed, 24 Apr 2019 17:10:38 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:00 GMT

GET
H2 200 ghf16.png
www.proofpoint.com/sites/default/files/ 103 KB
104 KB 345ms
345ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf16.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

08993bce770b72f3678f86303df78726242e373a469162ff1da7fd095ac50dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:01 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733214-100721537 2NNN RT(1566020100427 0) q(0 0 0 -1) r(3 3) U18
x-ah-environment: prod
content-length: 105954
x-request-id: v-c1d56d94-c0b0-11e9-bf10-838aef6ed0e3
last-modified: Wed, 24 Apr 2019 17:11:06 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:01 GMT

GET
H2 200 ghf17.png
www.proofpoint.com/sites/default/files/ 97 KB
98 KB 181ms
181ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf17.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

2785f73705fc4d409dbae7f5f7b48b2b4386eea96c61a8e04af9c37c749b1405

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:01 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733241-100721572 2NNN RT(1566020100482 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 99795
x-request-id: v-c1dd9b9a-c0b0-11e9-aacb-a3452579c550
last-modified: Wed, 24 Apr 2019 17:11:27 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:01 GMT

GET
H2 200 ghf18.png
www.proofpoint.com/sites/default/files/ 97 KB
97 KB 342ms
342ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf18.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

125796c140c18a5d60560a75c0f67a9362a30746ef449b76905409521b5322b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:01 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733306-100728266 2NNN RT(1566020100824 0) q(0 0 0 -1) r(3 3) U18
x-ah-environment: prod
content-length: 98893
x-request-id: v-c21202fe-c0b0-11e9-b208-db5ec6cb0ef7
last-modified: Wed, 24 Apr 2019 17:11:50 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:01 GMT

GET
H2 200 ghf19.png
www.proofpoint.com/sites/default/files/ 171 KB
172 KB 181ms
181ms Image
image/png 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.proofpoint.com/sites/default/files/ghf19.png

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

ca8ed58fccbe99ea8ffb6f9383498ec3be1ccbb7de979b6dcc1c051628a2c8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:35:01 GMT
via: varnish
x-content-type-options: nosniff
x-cdn: Incapsula
age: 0
x-cache: MISS
status: 200
x-iinfo: 14-100733382-100721537 2NNN RT(1566020101094 0) q(0 0 0 -1) r(2 2) U18
x-ah-environment: prod
content-length: 175371
x-request-id: v-c23b4b0a-c0b0-11e9-9046-fb48d420ab61
last-modified: Wed, 24 Apr 2019 17:12:55 GMT
server: nginx
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sat, 31 Aug 2019 05:35:01 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 19577ms
86ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

94880f4d8b391421ea1a5447903697dbc761d879cf9ec89faa637d0bf2f331c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9355
x-xss-protection: 0
server: cafe
etag: 4252369854121413696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 17 Aug 2019 05:34:58 GMT

GET
H2 200 js_VGWVxZzZSi3YQD4B3uHe9fBD5c_2NSz4TEx3cL9dx1Q.js Show response
www.proofpoint.com/sites/default/files/js/ 78 KB
19 KB 6ms
6ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_VGWVxZzZSi3YQD4B3uHe9fBD5c_2NSz4TEx3cL9dx1Q.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 546595c59cd94a2dd8403e01dee1def5f043e5cff6352cf84c4c7770bf5dc754

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 00:13:20 GMT
x-cdn: Incapsula
etag: "e5a57fbc"
content-type: text/javascript
status: 200
x-iinfo: 7-32768561-0 0CNN RT(1566020078401 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201202, public
content-length: 19613
expires: Sat, 31 Aug 2019 03:14:40 GMT

GET
H2 200 js_pLyroj8w56o5oEuhy9M3_UPhli8Yg1Zq5LxhrROPoWs.js Show response
www.proofpoint.com/sites/default/files/js/ 11 KB
4 KB 6ms
6ms Script
text/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/default/files/js/js_pLyroj8w56o5oEuhy9M3_UPhli8Yg1Zq5LxhrROPoWs.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: a4bcaba23f30e7aa39a04ba1cbd337fd43e1962f1883566ae4bc61ad138fa16b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:38 GMT
content-encoding: gzip
last-modified: Fri, 26 Jul 2019 00:13:44 GMT
x-cdn: Incapsula
etag: "7b7608a9"
content-type: text/javascript
status: 200
x-iinfo: 7-32768563-0 0CNN RT(1566020078407 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1201467, public
content-length: 4376
expires: Sat, 31 Aug 2019 03:19:05 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 16137ms
24ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 17 Aug 2019 05:34:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 02:53:44 GMT
Server: Apache
ETag: "54520320df20b526337717d6d28181fc:1554432824"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 script.js Show response
www.proofpoint.com/sites/all/themes/proofpoint/js/ 23 KB
6 KB 18ms
7ms Script
application/javascript 2a02:e980:d::87
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.proofpoint.com/sites/all/themes/proofpoint/js/script.js?pwd29m
Requested by: Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:e980:d::87 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: c42a41f50ddc0d98adce6ed747e7a4ccef6278990d7f7413ecde1284ecb9d530

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 17 Aug 2019 05:34:54 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 00:14:19 GMT
x-cdn: Incapsula
content-type: application/javascript
status: 200
x-iinfo: 14-100731728-0 0CNN RT(1566020094567 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=1201186, public
content-length: 5890
expires: Sat, 31 Aug 2019 03:14:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
725 B 603ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700|Open+Sans+Condensed:300

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

7772e3d0bc6fba46755057c1ca0154dfda1100214439321c2702fa8ad468158b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 17 Aug 2019 05:34:39 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 17 Aug 2019 05:34:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sat, 17 Aug 2019 05:34:39 GMT

GET fonts.css
cloud.typography.com/7639856/7486392/css/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 3 KB
892 B 602ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fjalla+One|Roboto+Condensed

Requested by

Host: www.proofpoint.com
URL: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

74166c3ce466a4afbab3fee3dc53106c377de2217ddb142774eb4b59fe65c6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.proofpoint.com/us/threat-insight/post/threat-actors-abuse-github-service-host-variety-phishing-kits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 17 Aug 2019 05:34:39 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 17 Aug 2019 05:34:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sat, 17 Aug 2019 05:34:39 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloud.typography.com
URL: https://cloud.typography.com/7639856/7486392/css/fonts.css

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.typography.com
fonts.googleapis.com
js.maxmind.com
munchkin.marketo.net
www.googleadservices.com
www.proofpoint.com
cloud.typography.com
104.111.251.133
172.217.16.194
2606:4700::6810:252f
2a00:1450:4001:820::200a
2a02:e980:d::87
06b5607ce2a1b6464c87569049b0acd1fa6dd80b9d442637d0edf79d67bf8628
08993bce770b72f3678f86303df78726242e373a469162ff1da7fd095ac50dd5
0e41e449d2997692fc3631d239e51c964577b35502ee9e138eead4a960682806
125796c140c18a5d60560a75c0f67a9362a30746ef449b76905409521b5322b3
19e2992b38ae1b1fb44692bff2bba9d1f07fe22d59426fc996906026c369f953
2785f73705fc4d409dbae7f5f7b48b2b4386eea96c61a8e04af9c37c749b1405
3140e03d8dd88ddfc2a9eefc88a3ae4b233c3f6182423775f83e22e16d072cd5
3bff410dd311042d5efe13efc68f52c959202d1e8eb0768a018175296f4a050b
40c2df11fbebad9e05c5dfc4f9aad292a399642492254bc628e234089ec4e89b
41823071e47f49519aaafcfcea698c65db53051297c9729e0810da9ea2b70283
493962532fd1f27c6d8f1117c0e4de92363fefc89e3ce47d6adc91bb875ed6cb
49ddc4d7eb9b23cfe83c9ddea5478d80085d3c866c1c55b30e5fedf272fe6b49
4c858ea92bdc30e89d30d477c30228c47b19648e1539829bb2303a176f0c23dd
503ff8a9793dbd0b99bc29e517e0fc1db89506965ed8cade4d85e67a879a4d4f
546595c59cd94a2dd8403e01dee1def5f043e5cff6352cf84c4c7770bf5dc754
579f4babb911b5a02260cfd84bca42d0e14c058264fe3b7c9cd2b8500d709469
5b97c439e216d135ae9e10d5aed248dad7d20c9b05e54d3ea98820e55521379d
62fb619801e63ae8cb42d3e79ae12d91f89bcb812a35abe360d43674666abc98
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
69666124ea4313cf5b2da94871c86acd68bcbc4d50b360fdebc4dc3b977dde21
74166c3ce466a4afbab3fee3dc53106c377de2217ddb142774eb4b59fe65c6e8
754dcd176a3df2e3e0fe2533b0d08aef0358a4ca60b3aa289c82fa33068f9980
75f94de20ce7a52a2ac84f9f42abdd5687549bc207135ffaa7d5baed1cc7060a
7772e3d0bc6fba46755057c1ca0154dfda1100214439321c2702fa8ad468158b
841952bcdcc335641386c247ef3282649e33a2c391427b62bbd5131adb9a622a
8c04e5c378ae725f0ed4a33cf297cffdbb80839c5bad6984801553f7893ec45b
8d4c1148ccbe7227b2dfa0193f061ebbd964537333be39dd00a14acf4640a240
94880f4d8b391421ea1a5447903697dbc761d879cf9ec89faa637d0bf2f331c4
972df8cdadac0cb2f26ffa67b3d78311940dc567fd863ffa5e1a5ac80c63c753
9b94aac94221a37c8bac113f30649d3d929af66fad1a8f0f633e24d8a85f42b4
9d0c2dcad36cced1cd443f28198432ca36bf2e08f12e2e38a8b21220fc889aec
9d39eee771b1ee7adf08bb7134bdeb838b4a67a27bb5220a2ee447b36cc90cad
9f213cb4c06a9cd206e551cb522d9aa95c1cddf61914f00bc6ca29ff66afee3e
a18430e37c008ca74cde9ea753584b0c8de60e02f751f0b2a8fb2780d53a1a76
a4bcaba23f30e7aa39a04ba1cbd337fd43e1962f1883566ae4bc61ad138fa16b
a614f10f83ebd039b5cb9cb9c77528a5e8ae76eafc9eb5c1611e37b43ea9dfec
ac423fe5c2bf07d841e12a36c9952daf9c1eb8457785eb8096508313a5ec2242
b3d819b192da5317c9cfe744c8a4c677bc2929863482cd18e49ae53f85a99219
c42a41f50ddc0d98adce6ed747e7a4ccef6278990d7f7413ecde1284ecb9d530
c6687d159fd14a00a4b187ecfa840c0e21d5a28f352003295d8508190fbdd826
c69516207bb9088b4da2ed581874fa16daf19897a750a7cca31665192f17f88f
ca118445b64c0fd2d7d7f9e3bf9f9fafde46bf413701ca1a9d3cd420d139ea22
ca8ed58fccbe99ea8ffb6f9383498ec3be1ccbb7de979b6dcc1c051628a2c8dc
cc3cfa383d1a79efd2cc2f0c77d14d9e74858312561b6d8f8a1b63b75ebab500
e6f4197e7c39e79481fceddfea14fb5a015d63828c47ef33e32cd5a219d0a2e5
fb50d55ae0cc3da5beb776cf148a80c436c40318f6f51284f69955f9fcd4fa7a
fde5989699185a25e4fc4f7812860e83011fa54f3e45c73cd11b6da0cdd80c0c

www.proofpoint.com Open in urlscan Pro 2a02:e980:d::87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

60 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

3729 kBTransfer

4705 kBSize

0 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.proofpoint.com Open in urlscan Pro
2a02:e980:d::87 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

3729 kB
Transfer

4705 kB
Size

0
Cookies

48 HTTP transactions
0 data transactions