Report - ghgo.xyz/https:/github.com/kingparks/windsurf-vip/releases/download/latest/

Report Overview

Visited public
2024-12-27 13:14:18
Tags
URL
ghgo.xyz/https:/github.com/kingparks/windsurf-vip/releases/download/latest/
Finishing URL
ghgo.xyz/github.com/kingparks/coding/releases/download/latest
IP / ASN
140.83.35.89
#31898 ORACLE-BMC-31898
Title
ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest

Detections

urlquery

0

Network Intrusion Detection

2

Threat Detection Systems

0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ghgo.xyz	unknown	2024-12-19	2024-12-20	2024-12-27	2.6 kB	284 kB	150.136.252.237

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-27 13:13:54	low	150.136.252.237	Client IP	ET INFO Observed ZeroSSL Certificate for Suspicious TLD (.xyz)
2024-12-27 13:13:54	low	150.136.252.237	Client IP	ET INFO Observed ZeroSSL SSL/TLS Certificate

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (5)

	URL	IP	Response	Size
	ghgo.xyz/https:/github.com/kingparks/windsurf-vip/releases/download/latest/	150.136.252.237	301 Moved Permanently	0 B
URL User Request GET HTTP/2 ghgo.xyz/https:/github.com/kingparks/windsurf-vip/releases/download/latest/ IP 150.136.252.237:443 ASN #31898 ORACLE-BMC-31898 Certificate IssuerZeroSSL Subjectghgo.xyz Fingerprint1E:52:C2:EA:BA:CF:26:8F:97:B3:C9:35:5C:89:FF:68:1E:55:7A:42 ValidityThu, 19 Dec 2024 00:00:00 GMT - Wed, 19 Mar 2025 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /https:/github.com/kingparks/windsurf-vip/releases/download/latest/ HTTP/1.1 Host: ghgo.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 301 Moved Permanently server: nginx date: Fri, 27 Dec 2024 13:13:54 GMT content-type: text/html; charset=utf-8 content-length: 0 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With location: /https://github.com/kingparks/coding/releases/download/latest cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com .rel.tunnels.api.visualstudio.com wss://.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/ x-github-request-id: 95E0:325520:D32F691:156A53A2:676EA812 X-Firefox-Spdy: h2

	ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest	150.136.252.237	403 Forbidden	14 B
URL ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest IP 150.136.252.237:0 ASN #31898 ORACLE-BMC-31898 Certificate IssuerZeroSSL Subjectghgo.xyz Fingerprint1E:52:C2:EA:BA:CF:26:8F:97:B3:C9:35:5C:89:FF:68:1E:55:7A:42 ValidityThu, 19 Dec 2024 00:00:00 GMT - Wed, 19 Mar 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 14 B (14 bytes) Hash d3d11a221d183ce06a75950631e42cb1 a4da734e673f93d84bc52c955729495efa4b5ca8 a7596aa3beb103b542384e4c191806e0c5f2c0dffd6094c7a9e2e1185cd81e7c HTTP Headers GET /http://github.com/kingparks/coding/releases/download/latest HTTP/1.1 Host: ghgo.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 403 Forbidden server: nginx date: Fri, 27 Dec 2024 13:13:55 GMT content-type: text/html; charset=utf-8 content-length: 14 strict-transport-security: max-age=63072000 X-Firefox-Spdy: h2`

	ghgo.xyz/favicon.ico	150.136.252.237	200 OK	1.5 kB
URL GET HTTP/2 ghgo.xyz/favicon.ico IP 150.136.252.237:443 ASN #31898 ORACLE-BMC-31898 Requested by https://ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest Certificate IssuerZeroSSL Subjectghgo.xyz Fingerprint1E:52:C2:EA:BA:CF:26:8F:97:B3:C9:35:5C:89:FF:68:1E:55:7A:42 ValidityThu, 19 Dec 2024 00:00:00 GMT - Wed, 19 Mar 2025 23:59:59 GMT File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel Size 1.5 kB (1540 bytes) Hash a3b83d9ea6dc3eb100473b6c628efcb1 5b424ad00b76712d0d80035547a8d093df1134f4 d884be9f1f36321f3e6b903fd3ad404dd49161922c56ddf7db8adb96c545302f HTTP Headers `GET /favicon.ico HTTP/1.1 Host: ghgo.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK server: nginx date: Fri, 27 Dec 2024 13:13:55 GMT content-type: image/vnd.microsoft.icon content-length: 1540 accept-ranges: bytes access-control-allow-origin: * age: 726258 cache-control: max-age=300 content-disposition: inline; filename="favicon.ico" content-encoding: br etag: "a3b83d9ea6dc3eb100473b6c628efcb1" last-modified: Thu, 19 Dec 2024 03:29:36 GMT strict-transport-security: max-age=63072000 x-vercel-cache: HIT x-vercel-id: iad1::qwdpd-1735305235358-facdde11349e X-Firefox-Spdy: h2

	ghgo.xyz/https://github.com/kingparks/coding/releases/download/latest	150.136.252.237	404 Not Found	273 kB
URL User Request GET HTTP/2 ghgo.xyz/https://github.com/kingparks/coding/releases/download/latest IP 150.136.252.237:443 ASN #31898 ORACLE-BMC-31898 Certificate IssuerZeroSSL Subjectghgo.xyz Fingerprint1E:52:C2:EA:BA:CF:26:8F:97:B3:C9:35:5C:89:FF:68:1E:55:7A:42 ValidityThu, 19 Dec 2024 00:00:00 GMT - Wed, 19 Mar 2025 23:59:59 GMT File type Size 273 kB (273259 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /https://github.com/kingparks/coding/releases/download/latest HTTP/1.1 Host: ghgo.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 404 Not Found server: nginx date: Fri, 27 Dec 2024 13:13:54 GMT content-type: text/html; charset=utf-8 vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With cache-control: no-cache strict-transport-security: max-age=31536000; includeSubdomains; preload x-frame-options: deny x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: no-referrer-when-downgrade content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com .rel.tunnels.api.visualstudio.com wss://.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com .actions.githubusercontent.com wss://.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/ content-encoding: gzip x-github-request-id: 95E8:295F57:D41CFFB:15705D63:676EA812 X-Firefox-Spdy: h2

	ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest	150.136.252.237	403 Forbidden	14 B
URL User Request GET HTTP/2 ghgo.xyz/http://github.com/kingparks/coding/releases/download/latest IP 150.136.252.237:443 ASN #31898 ORACLE-BMC-31898 Certificate IssuerZeroSSL Subjectghgo.xyz Fingerprint1E:52:C2:EA:BA:CF:26:8F:97:B3:C9:35:5C:89:FF:68:1E:55:7A:42 ValidityThu, 19 Dec 2024 00:00:00 GMT - Wed, 19 Mar 2025 23:59:59 GMT File type ASCII text, with no line terminators Size 14 B (14 bytes) Hash d3d11a221d183ce06a75950631e42cb1 a4da734e673f93d84bc52c955729495efa4b5ca8 a7596aa3beb103b542384e4c191806e0c5f2c0dffd6094c7a9e2e1185cd81e7c HTTP Headers GET /http://github.com/kingparks/coding/releases/download/latest HTTP/1.1 Host: ghgo.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 403 Forbidden server: nginx date: Fri, 27 Dec 2024 13:13:55 GMT content-type: text/html; charset=utf-8 content-length: 14 strict-transport-security: max-age=63072000 X-Firefox-Spdy: h2`