![](/screenshots/caef5d66-84b0-48d1-a352-0d0838586506.png)
gitlab.com
Open in
urlscan Pro
35.231.145.151
Public Scan
Effective URL: https://gitlab.com/users/sign_in
Submission: On March 25 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 27th 2019. Valid for: a year.
This is the only time gitlab.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 35.185.44.232 35.185.44.232 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 35.231.145.151 35.231.145.151 | 15169 (GOOGLE) (GOOGLE) | |
15 | 2a04:4e42:400... 2a04:4e42:400::561 | 54113 (FASTLY) (FASTLY) | |
3 | 2a00:1450:400... 2a00:1450:4001:806::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 3.218.125.188 3.218.125.188 | 14618 (AMAZON-AES) (AMAZON-AES) | |
22 | 6 |
ASN15169 (GOOGLE, US)
PTR: 232.44.185.35.bc.googleusercontent.com
metalurgicatesei.clients.badperros.com | |
projects.gitlab.io |
ASN15169 (GOOGLE, US)
PTR: 151.145.231.35.bc.googleusercontent.com
gitlab.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-125-188.compute-1.amazonaws.com
snowplow.trx.gitlab.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
gitlab-static.net
assets.gitlab-static.net |
1 MB |
3 |
google.com
www.google.com |
546 B |
2 |
gitlab.net
snowplow.trx.gitlab.net |
571 B |
2 |
gitlab.com
1 redirects
gitlab.com |
12 KB |
1 |
gstatic.com
www.gstatic.com |
93 KB |
1 |
gitlab.io
1 redirects
projects.gitlab.io |
517 B |
1 |
badperros.com
1 redirects
metalurgicatesei.clients.badperros.com |
507 B |
22 | 7 |
Domain | Requested by | |
---|---|---|
15 | assets.gitlab-static.net |
gitlab.com
|
3 | www.google.com |
gitlab.com
www.gstatic.com |
2 | snowplow.trx.gitlab.net |
assets.gitlab-static.net
|
2 | gitlab.com | 1 redirects |
1 | www.gstatic.com |
www.google.com
|
1 | projects.gitlab.io | 1 redirects |
1 | metalurgicatesei.clients.badperros.com | 1 redirects |
22 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
about.gitlab.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gitlab.com Sectigo RSA Domain Validation Secure Server CA |
2019-06-27 - 2020-05-11 |
a year | crt.sh |
m2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2019-10-04 - 2020-06-13 |
8 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
snowplow.trx.gitlab.net Sectigo RSA Domain Validation Secure Server CA |
2019-05-05 - 2020-07-03 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://gitlab.com/users/sign_in
Frame ID: 85224E23DA718095614E70D15E88D185
Requests: 21 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfAERQTAAAAAL4GYSiAMGLbcLyUIBSfPrDNJgeC&co=aHR0cHM6Ly9naXRsYWIuY29tOjQ0Mw..&hl=en&v=P6KLRNy7h3K160ZmYNUOAce7&size=normal&cb=x8nxdbi2d6p9
Frame ID: 32FD6BE02C1E5FA350F7C567C9AC9DD0
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=P6KLRNy7h3K160ZmYNUOAce7&k=6LfAERQTAAAAAL4GYSiAMGLbcLyUIBSfPrDNJgeC&cb=ugsximvp805y
Frame ID: B17A26834FFA20DA4FC6EA631637B911
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/caef5d66-84b0-48d1-a352-0d0838586506.png)
Page URL History Show full URLs
-
https://metalurgicatesei.clients.badperros.com/
HTTP 302
https://projects.gitlab.io/auth?domain=https://metalurgicatesei.clients.badperros.com&state=sPlDkXCGBK-... HTTP 302
https://gitlab.com/oauth/authorize?client_id=5059a88907e1b093c23df47d996183b101a862a5e53e099b56... HTTP 302
https://gitlab.com/users/sign_in Page URL
Detected technologies
Detected patterns
- html /<meta content="https?:\/\/[^/]+\/assets\/gitlab_logo-/i
- meta og:site_name /^GitLab$/i
![](/vendor/wappa/icons/Ruby.png)
Detected patterns
- meta csrf-param /^authenticity_token$/i
- html /<meta content="https?:\/\/[^/]+\/assets\/gitlab_logo-/i
- meta og:site_name /^GitLab$/i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/Ruby on Rails.png)
Detected patterns
- meta csrf-param /^authenticity_token$/i
- html /<meta content="https?:\/\/[^/]+\/assets\/gitlab_logo-/i
- meta og:site_name /^GitLab$/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: More information about GitLab.com
Search URL Search Domain Scan URL
Title: GitLab Homepage
Search URL Search Domain Scan URL
Title: Privacy policy
Search URL Search Domain Scan URL
Title: GitLab.com Terms
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://metalurgicatesei.clients.badperros.com/
HTTP 302
https://projects.gitlab.io/auth?domain=https://metalurgicatesei.clients.badperros.com&state=sPlDkXCGBK-W6U5CQzKSDg== HTTP 302
https://gitlab.com/oauth/authorize?client_id=5059a88907e1b093c23df47d996183b101a862a5e53e099b563120d1308db2c1&redirect_uri=https://projects.gitlab.io/auth&response_type=code&state=sPlDkXCGBK-W6U5CQzKSDg== HTTP 302
https://gitlab.com/users/sign_in Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
![]() gitlab.com/users/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-2c6a88289ad593f97c8997881c2e0cf4bba55de92e15615ef6bb9fa86d75292c.css
assets.gitlab-static.net/assets/ |
1 MB 167 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
white-a20fa0d18cb98944b079c02ad5a6f46cb362f986ffd703fda24b3e8e2a4a8874.css
assets.gitlab-static.net/assets/highlight/themes/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.8783f00a.bundle.js
assets.gitlab-static.net/assets/webpack/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5378a427.chunk.js
assets.gitlab-static.net/assets/webpack/ |
3 MB 818 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sentry.7ff64986.chunk.js
assets.gitlab-static.net/assets/webpack/ |
40 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons~pages.admin.sessions~pages.groups.omniauth_callbacks~pages.ldap.omniauth_callbacks~pages.omn~c0fb5ac0.6091eef7.chunk.js
assets.gitlab-static.net/assets/webpack/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
commons~pages.sessions.new~pages.trial_registrations.new.5b3e1cd4.chunk.js
assets.gitlab-static.net/assets/webpack/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages.sessions.new.4b56418f.chunk.js
assets.gitlab-static.net/assets/webpack/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
674 B 546 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print-74c3df10dad473d66660c828e3aa54ca3bfeac6d8bb708643331403fe7211e60.css
assets.gitlab-static.net/assets/ |
673 B 752 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sp-e10fd598642f1a4dd3e9e0e026f6a1ffa3c31b8a40efd92db3f92d32873baed6.js
assets.gitlab-static.net/assets/snowplow/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/P6KLRNy7h3K160ZmYNUOAce7/ |
260 KB 93 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 32FD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
tp2
snowplow.trx.gitlab.net/com.snowplowanalytics.snowplow/ |
0 261 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bframe
www.google.com/recaptcha/api2/ Frame B17A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google_64-9ab7462cd2115e11f80171018d8c39bd493fc375e83202fbb6d37a487ad01908.png
assets.gitlab-static.net/assets/auth_buttons/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
github_64-84041cd0ea392220da96f0fb9b9473c08485c4924b98c776be1bd33b0daab8c0.png
assets.gitlab-static.net/assets/auth_buttons/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter_64-86860edb139fb2f62fc25ef62a4213a5c8b20122fd8752ab0df09e740eb53deb.png
assets.gitlab-static.net/assets/auth_buttons/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bitbucket_64-267f322b8bedf1a39970bc215a2eb9e862c8c8033ff2390840607cb0e2dd0daf.png
assets.gitlab-static.net/assets/auth_buttons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
salesforce_64-3f0cb95b231cc615e09bb96d54ccaf562d729b21f255270e03d98b17466bd61f.png
assets.gitlab-static.net/assets/auth_buttons/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tp2
snowplow.trx.gitlab.net/com.snowplowanalytics.snowplow/ |
2 B 310 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| gon object| GlobalSnowplowNamespace function| snowplow object| snowplowOptions object| gl object| webpackJsonp object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client function| _typeof object| Snowplow object| __SENTRY__ function| Flash object| timeago object| Mousetrap function| jQuery function| $ object| recaptcha object| closure_lm_1695264 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gitlab.com/ | Name: _sp_ses.6b85 Value: * |
|
.gitlab.com/ | Name: experimentation_subject_id Value: ImZlM2YxZTBkLTQ5OWItNDkyYi1hMTcyLWZjODUzOGU0MTJiYSI%3D--0db8708e3f7193ef24351627b82121946f3492d8 |
|
.gitlab.com/ | Name: _sp_id.6b85 Value: 07245a3a-62c7-404e-8f43-8ae5946545f3.1585173296.1.1585173296.1585173296.42631fba-3ea6-4253-9287-3c0e76da7996 |
|
gitlab.com/ | Name: _gitlab_session Value: a6699deaae29837f70001a21bffbf06e |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | connect-src 'self' https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net wss://gitlab.com https://sentry.gitlab.net https://customers.gitlab.com https://snowplow.trx.gitlab.net https://sourcegraph.com https://ec2.ap-east-1.amazonaws.com https://ec2.ap-northeast-1.amazonaws.com https://ec2.ap-northeast-2.amazonaws.com https://ec2.ap-northeast-3.amazonaws.com https://ec2.ap-south-1.amazonaws.com https://ec2.ap-southeast-1.amazonaws.com https://ec2.ap-southeast-2.amazonaws.com https://ec2.ca-central-1.amazonaws.com https://ec2.eu-central-1.amazonaws.com https://ec2.eu-north-1.amazonaws.com https://ec2.eu-west-1.amazonaws.com https://ec2.eu-west-2.amazonaws.com https://ec2.eu-west-3.amazonaws.com https://ec2.me-south-1.amazonaws.com https://ec2.sa-east-1.amazonaws.com https://ec2.us-east-1.amazonaws.com https://ec2.us-east-2.amazonaws.com https://ec2.us-west-1.amazonaws.com https://ec2.us-west-2.amazonaws.com https://iam.amazonaws.com; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-cloudresourcemanager.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://*.codesandbox.io; img-src * data: blob:; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/ https://apis.google.com 'nonce-SHtJ/vT3GA4V7kNSxYZ//g=='; style-src 'self' 'unsafe-inline' https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net; worker-src https://assets.gitlab-static.net https://gl-canary.freetls.fastly.net https://gitlab.com blob: |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.gitlab-static.net
gitlab.com
metalurgicatesei.clients.badperros.com
projects.gitlab.io
snowplow.trx.gitlab.net
www.google.com
www.gstatic.com
2a00:1450:4001:806::2004
2a00:1450:4001:820::2003
2a04:4e42:400::561
3.218.125.188
35.185.44.232
35.231.145.151
07f9a520960b7fb5b5224764364b83de24af1f4b2ebac9d0b804d51760c35251
08c5066be013ed15992acba4603573e289dcf7b47c3d2bc7acaf33c4b5e5dd42
235b0912d783ecf01784e38e8ea7e3a0b3f93c4b806a4391c363fd72741d3597
267f322b8bedf1a39970bc215a2eb9e862c8c8033ff2390840607cb0e2dd0daf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3f0cb95b231cc615e09bb96d54ccaf562d729b21f255270e03d98b17466bd61f
6cbc8367d156c3b45b157a9b8d18416cacef8e8758d3f1dbb5598419986224db
74c3df10dad473d66660c828e3aa54ca3bfeac6d8bb708643331403fe7211e60
84041cd0ea392220da96f0fb9b9473c08485c4924b98c776be1bd33b0daab8c0
86623016a1fa007876b13d70c731f771d22aeb768691e54cb33634492a90c22b
86860edb139fb2f62fc25ef62a4213a5c8b20122fd8752ab0df09e740eb53deb
9115c100274e52ecad9c1ee442e8ab46957b919fe0f381ee69a2f95cee3c7754
9ab7462cd2115e11f80171018d8c39bd493fc375e83202fbb6d37a487ad01908
a20fa0d18cb98944b079c02ad5a6f46cb362f986ffd703fda24b3e8e2a4a8874
b2d6fcca7b06d9b949f7f407e9229e0323cb2a75cb6ee4ad35b53e25cf161605
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
beb58d113da73001dfcbbb97b0e041c737361f1ae0050e6c60c96c14d69a46a7
c76571c865398c09f0c0bacdea5b2f1d66c89f4dcab8332a00b3b57d37a27d59
d228fcc06d0cfeff17b000838b5c77046446f296e3ed15fe4db3d779cc726a38
e10fd598642f1a4dd3e9e0e026f6a1ffa3c31b8a40efd92db3f92d32873baed6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855