x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
185.199.111.153301 Moved Permanently 162 B URL HTTP/1.1 x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
IP 185.199.111.153:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /malware%20analysis/2022/06/24/Snakekeylogger.html HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Server: GitHub.com
Content-Type: text/html
permissions-policy: interest-cohort=()
Location: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
X-GitHub-Request-Id: BA82:6D28:3339D15:34FB82F:641BBEB9
Accept-Ranges: bytes
Date: Thu, 23 Mar 2023 02:51:37 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1677-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1679539897.161755,VS0,VE117
Vary: Accept-Encoding
X-Fastly-Request-ID: 1db4276fec4812542e4ce515bb16fc350248651a
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7196
Expires: Thu, 23 Mar 2023 04:51:33 GMT
Date: Thu, 23 Mar 2023 02:51:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13022
Expires: Thu, 23 Mar 2023 06:28:39 GMT
Date: Thu, 23 Mar 2023 02:51:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7872
Expires: Thu, 23 Mar 2023 05:02:49 GMT
Date: Thu, 23 Mar 2023 02:51:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 02:15:05 GMT
content-type: application/json
age: 2192
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: D6udZ9Xy0IxJT3scz6GLj0VmnL32psE8rZr/op2OJjhNfAUvRCWBUSVPuww7/r9wiz/2XQDAvPY=
x-amz-request-id: XBKVBQZNS5T8M3AX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 01:59:45 GMT
age: 3112
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 02:51:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
185.199.108.153200 OK 15 kB URL HTTP/2 x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
IP 185.199.108.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1454)
Hash 906706fe02a5fc447b9640c36b9936a9
2ebb1eb5f9ab795c3119732450da83f5716f6b3b
15b57bcddc1bb2e46dd9fb368b10bf366939cbc03b94f77aa5db8b97865aa80d
GET /malware%20analysis/2022/06/24/Snakekeylogger.html HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-1270d"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A91E:C020:18AE66A:1978FE7:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539897.457962,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 7e68e29dc0ee7e58f5948f4c32665b30e89f0097
content-length: 15433
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
151.101.129.229200 OK 13 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
IP 151.101.129.229:0
File type ASCII text, with very long lines (59119)
Hash 58721799d48d698aeb076b80b66240f9
750ab001ef09c41c9ed2b7797ee8cc7eba5cdc7d
c5b9b15ca6330e0771731d46468e86cca7ed484dc183bde0c1556d0fe34dbf4a
GET /npm/@fortawesome/fontawesome-free@5/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.15.4
x-jsd-version-type: version
etag: W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
age: 6697
x-served-by: cache-fra-eddf8230089-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13056
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
151.101.130.133200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 151.101.130.133:0
Hash 989f8670765784fe74d2a7934130bbd5
e792a2ec7b385ce6065d7106d87aa2fc78a16436
3b24026ece365512a5986cbbb3cbe3e4b254caaeead6991b959f0e90fc9b54c2
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "8B42FEED59FEBEA64AA21EB7E9A48FE9C4AE5B50"
Expires: Thu, 23 Mar 2023 14:00:00 UTC
Last-Modified: Thu, 23 Mar 2023 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Thu, 23 Mar 2023 02:51:37 GMT
Via: 1.1 varnish
Age: 3063
X-Served-By: cache-bma1651-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1679539898.843448,VS0,VE1
x-junior.github.io/assets/css/main.css
185.199.108.153200 OK 14 kB URL HTTP/2 x-junior.github.io/assets/css/main.css
IP 185.199.108.153:0
File type ASCII text, with very long lines (65146)
Hash ef39dee3a18855d63db8afbd69f9a51e
31fb68b50e5e472ee36fc3c36e366817e2a6d39f
ad39e389f30d6eb604aea31d1a10961795f848feaa9f777fd949476a77e0f06e
GET /assets/css/main.css HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-10c2c"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A376:DA1C:42058A6:443A175:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.735574,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 3f4d78d1f1b4b16e1903c8243bdac645b4af11fe
content-length: 13511
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/44.PNG
185.199.108.153200 OK 72 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/44.PNG
IP 185.199.108.153:0
File type PNG image data, 1246 x 685, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b0eecff5a4068c79f5d821e03562c6b
87f7f4b25bf05c5392d4eebb289b45949c1a605b
de455156dc1c66b0e10b9aabdec23f57f25bab834201eafd52984661f6c29277
GET /assets/Malware-Analysis/SnakeKeylogger/44.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1175b"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C9B8:C020:18AE678:1978FFD:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.745701,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: a753c2257b387e9d09a381ec82e4ee48692e2950
content-length: 71515
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/20.PNG
185.199.108.153200 OK 13 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/20.PNG
IP 185.199.108.153:0
File type PNG image data, 642 x 214, 8-bit/color RGBA, non-interlaced\012- data
Hash 61dd32d714e332ee742719b654c4fd1d
f3495b158a58a65bf1dc7f566486ad4496e76404
b4d3fdc3e2a22ea808ab5f151d5f746d46f80dfc7f1f93a95d3e43654809d7f0
GET /assets/Malware-Analysis/SnakeKeylogger/20.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-33ac"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 8C1A:AD3D:157B229:162B5AE:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.742551,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 159c028264e42cd2eacf4eea7d2b67017fc06760
content-length: 13228
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/37.PNG
185.199.108.153200 OK 10 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/37.PNG
IP 185.199.108.153:0
File type PNG image data, 924 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash a480537687b4534f1099a960f1838c4a
03a00979eee938193836f82ba9f17a21765cb667
e94897b87b22e5e82b56790aae90b63ee32e4d39d305825f009902143eb94d99
GET /assets/Malware-Analysis/SnakeKeylogger/37.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-290e"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1AD4:9DF4:294BFA3:2AB21E9:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.747658,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: fd271387797a574bc1e662b537fc7105c04c4d09
content-length: 10510
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/23.PNG
185.199.108.153200 OK 17 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/23.PNG
IP 185.199.108.153:0
File type PNG image data, 782 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash c91c265209ed581e4127620af8ab7ecb
adfb0f82791226eefff32767daee003f01db100b
24379d0f1f802c6682d67426bc4b5d77096d34427a0f0d7dc6d56eeabbef64fc
GET /assets/Malware-Analysis/SnakeKeylogger/23.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-4418"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: F4A2:30E4:144C12F:14F4E92:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.744450,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: 95e1146e6680e3113b4a6b36131bad72f03aaa9d
content-length: 17432
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/24.PNG
185.199.108.153200 OK 56 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/24.PNG
IP 185.199.108.153:0
File type PNG image data, 1210 x 652, 8-bit/color RGBA, non-interlaced\012- data
Hash 121a6df7d88081e1ea66b00c8978f924
73cec9f3c46c5e43b7890ce4aa54dc4a8da7643d
f382a583f2afb65696a278e097e26886cc41169b8e9e55c92fd6a4d1e4d3f90f
GET /assets/Malware-Analysis/SnakeKeylogger/24.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-d8e7"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3200:1097E:BB1EB4:C1681A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.743747,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: dd898da9d1ea670d992d7a632557f9da054154d4
content-length: 55527
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/3.PNG
185.199.108.153200 OK 33 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/3.PNG
IP 185.199.108.153:0
File type PNG image data, 656 x 426, 8-bit/color RGBA, non-interlaced\012- data
Hash ed11b4d977492322849e6d259d389201
fed16ba42ae7e4d81cf679e7b677346b9fd76787
0a9077753181141a93215cd841ffee3333de6729e42f248212cc4317bfa3cb6b
GET /assets/Malware-Analysis/SnakeKeylogger/3.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-81af"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 84FE:E198:9880F1:9CED71:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.756931,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: d3c39585a65529c86497cededb2a6d93b0bdda93
content-length: 33199
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/9.PNG
185.199.108.153200 OK 12 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/9.PNG
IP 185.199.108.153:0
File type PNG image data, 910 x 174, 8-bit/color RGBA, non-interlaced\012- data
Hash e04abde0eeb77a921a7c9b0808934b3f
bb72c4cbb5af853e26d28078647846b8f34f88fe
e7b133071b852914a1fc89a4d0e1db55befd285a3a3a5a85938d24357c659678
GET /assets/Malware-Analysis/SnakeKeylogger/9.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-2cdd"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: E2F6:0E7F:3B5E790:3D6BF1B:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.759358,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: b7509d231862acecc0333d97927d51de54ee0fea
content-length: 11485
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/41.PNG
185.199.108.153200 OK 41 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/41.PNG
IP 185.199.108.153:0
File type PNG image data, 945 x 591, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c7356dd7a977a0f51986cb937282a77
ad6372a7ff0c10aa162fa673e59fc6a256ea78cd
88936e2ea35550a2c53bc8034807542c4e3d1e9c743549aff6f82aecac39fd6e
GET /assets/Malware-Analysis/SnakeKeylogger/41.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-9f0d"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D3A6:E733:22E4E1F:2404458:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.754571,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 54b54b0af2edf968f4c2e3fdaa735bc57acb7720
content-length: 40717
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/2.PNG
185.199.108.153200 OK 44 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/2.PNG
IP 185.199.108.153:0
File type PNG image data, 1372 x 335, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f6f9b8637d50452ce59e9c6c003a903
4bc8a460cfe91076a7f296cfa601f9d5ebfb669c
6f78718222f1973732f7b3da40fed7d5c610f38771367bfc508101f0852802fe
GET /assets/Malware-Analysis/SnakeKeylogger/2.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-aa36"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A2B8:E198:9880F1:9CED72:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.758737,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: d3bde8aadd45bbf1ee7ea87200123b164374fab9
content-length: 43574
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/43.PNG
185.199.108.153200 OK 5.2 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/43.PNG
IP 185.199.108.153:0
File type PNG image data, 535 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ab583a3711447bf509b37f46a0481e8
ae6805cddfc76cf3eac791e002d0d36fa714fe52
536ca721e09eef076f5d29c19cb79dc781385c64069eb74dcc2444b29d5df20c
GET /assets/Malware-Analysis/SnakeKeylogger/43.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1430"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4B80:0E7F:3B5E790:3D6BF1A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.753555,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: b673f66ea609e0158ee46863bcf01bf1ea767315
content-length: 5168
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/38.PNG
185.199.108.153200 OK 30 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/38.PNG
IP 185.199.108.153:0
File type PNG image data, 1039 x 370, 8-bit/color RGBA, non-interlaced\012- data
Hash 06c76f0ec7c89dce3a3fccd67cb1c880
0c690256b13eb7a6577a7098c6ca2909dc0e14e3
ccf5f2ef592d30923ce6359d3d2fb4e3caa523f25b5322349c22b41ddab0acdf
GET /assets/Malware-Analysis/SnakeKeylogger/38.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-76f3"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0A22:E733:22E4E1F:2404456:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.748366,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: ca96ea268d12a0b9f900e22457ec65de0959d0ee
content-length: 30451
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/36.PNG
185.199.108.153200 OK 87 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/36.PNG
IP 185.199.108.153:0
File type PNG image data, 1228 x 642, 8-bit/color RGBA, non-interlaced\012- data
Hash e32078364f93c2a374efb83649ee7ae2
b6a10cb80d047a42f04e8066790f34daaa2dcf33
bc046ce02d23f260392b5db4c0b07a1f5247b69725ac7c5c658b719072f42961
GET /assets/Malware-Analysis/SnakeKeylogger/36.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-153e6"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: BAA0:07FF:73F67F:77544A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.747127,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: 5d00e2aa8ab01b790a5ba24123bc94f43ac8ef21
content-length: 87014
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/46.PNG
185.199.108.153200 OK 58 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/46.PNG
IP 185.199.108.153:0
File type PNG image data, 450 x 660, 8-bit/color RGBA, non-interlaced\012- data
Hash b1c0965b3ab7073de6f332daab0ad556
7f60c2158c4fbb1c32f061235df56ef3cfd3fbb5
2255ba1f95b5ce58d588a7bf22b212810f4dbfeab930eaa60d166a8a95245ef0
GET /assets/Malware-Analysis/SnakeKeylogger/46.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-e1ec"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3206:EEA0:355C7EB:3728F3B:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.756298,VS0,VE137
vary: Accept-Encoding
x-fastly-request-id: a9af7404113caf6c77bb9cbca3c4261fa4a49114
content-length: 57836
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/10.PNG
185.199.108.153200 OK 24 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/10.PNG
IP 185.199.108.153:0
File type PNG image data, 1204 x 303, 8-bit/color RGBA, non-interlaced\012- data
Hash e24c061bafed2f84be03b33506c97263
fd4cfb91ae104879616a46eeb8ac836401bea0e4
bf2813b1d1137e2ad18dcf57ba0e7a7da2dc1ed509be71d3c40b17687cdbdbac
GET /assets/Malware-Analysis/SnakeKeylogger/10.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-5ed3"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 98B0:0BF7:34EDDC9:36AC92C:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.760393,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: 1ccd76280b8a9be9b50068a91d301fdda6d8c728
content-length: 24275
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/29.PNG
185.199.108.153200 OK 37 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/29.PNG
IP 185.199.108.153:0
File type PNG image data, 1917 x 232, 8-bit/color RGBA, non-interlaced\012- data
Hash 4293dea76499f88d9e76a23c21584d4f
3fbd95a219bf2f37ed40445019f189947aa53cd4
bb321366ca1a213f0c7b9f33b3830ae0c60eaf9db90418ae5cf48a25689d084f
GET /assets/Malware-Analysis/SnakeKeylogger/29.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-91b6"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D590:DD9B:34D9B13:36A6294:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.752343,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: f8ed3e868f9b5a262fc743c4668a624c1c0f43e7
content-length: 37302
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/21.PNG
185.199.108.153200 OK 15 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/21.PNG
IP 185.199.108.153:0
File type PNG image data, 694 x 217, 8-bit/color RGBA, non-interlaced\012- data
Hash 63645695b71de19f10ff319eff7c62a1
aad41f139ae6d441e6a019144fe928c7fa603fc2
9a0f16e95a27642fbde6f8391b96e4460e6d24d0dfa1b3ed51583929e219bd24
GET /assets/Malware-Analysis/SnakeKeylogger/21.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-3b96"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 702C:E198:9880F1:9CED6E:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.743178,VS0,VE154
vary: Accept-Encoding
x-fastly-request-id: b42903203a7f0f1d0e4dd527194f9b37bf4491ee
content-length: 15254
X-Firefox-Spdy: h2
x-junior.github.io/assets/js/lunr/lunr-en.js
185.199.108.153200 OK 818 B URL HTTP/2 x-junior.github.io/assets/js/lunr/lunr-en.js
IP 185.199.108.153:0
File type HTML document, ASCII text
Hash 473f50ea28b3f3068be96287e995a996
91a8192f1c1395149216ab4c92ce45531f7f9f76
49a3f84f598f3700ef55d7b414a63c0a354b99073f53c61de484e272f23fcfdc
GET /assets/js/lunr/lunr-en.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-9bd"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 60F4:8973:3C1A472:3E2BA1E:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.782361,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 2f3b102a82027cda8dbcf5b3f57cf6b64dc18324
content-length: 818
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/1.PNG
185.199.108.153200 OK 36 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/1.PNG
IP 185.199.108.153:0
File type PNG image data, 592 x 407, 8-bit/color RGBA, non-interlaced\012- data
Hash a0b4870b3866628085f5f8c8914d0913
7fa5ad2dd882d767bf98590f0bb8ea6acc7c3ea1
d4223d5de24d6dd66c7992285c02f8a718006240bbb8e84965e0b1876f9e5f7e
GET /assets/Malware-Analysis/SnakeKeylogger/1.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-8c4f"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B7AE:11502:3760E19:393D49A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.758171,VS0,VE148
vary: Accept-Encoding
x-fastly-request-id: d1dccfe8efb76e1a7d2b55dfe4ed068dc76ee9dc
content-length: 35919
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/4.PNG
185.199.108.153200 OK 38 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/4.PNG
IP 185.199.108.153:0
File type PNG image data, 1309 x 396, 8-bit/color RGBA, non-interlaced\012- data
Hash 12d89e1b0b1ed6ef3d1320df9e5cfe5a
aa1423fd41b5e3875679f85d9f7d4e8054308d31
3e2527da3aca42443f06ab6d205172fd22d857e88f63fd0348f2ea479e70ffa0
GET /assets/Malware-Analysis/SnakeKeylogger/4.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-9639"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A8C6:30E4:144C12F:14F4E93:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.757492,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: 5f21dc5ef15e9ac9571436795bca6ce1197bb21d
content-length: 38457
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/25.PNG
185.199.108.153200 OK 64 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/25.PNG
IP 185.199.108.153:0
File type PNG image data, 1209 x 661, 8-bit/color RGBA, non-interlaced\012- data
Hash b13c4b30a2a2c2c4715e1ae4206fc31b
3ce47c5906035ddbbee832c43c3fb37ba1e21611
651b3815c59b03bf5957d9e8df5f81a4549248135fa210c652d9670be15f147a
GET /assets/Malware-Analysis/SnakeKeylogger/25.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-fbc4"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 7036:8973:3C1A471:3E2BA15:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.745044,VS0,VE162
vary: Accept-Encoding
x-fastly-request-id: 9fca46f28e1e88da0adb30c4edc14e3a4381d4f1
content-length: 64452
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/33.PNG
185.199.108.153200 OK 49 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/33.PNG
IP 185.199.108.153:0
File type PNG image data, 1234 x 482, 8-bit/color RGBA, non-interlaced\012- data
Hash 321e90c4563c0caa9d1edb6c952e9697
7777a9811510768d6ca44fc05117b116f9f6945e
877aece1bb82f8672b70862df85eb0615a3ada20a66259832f947adcce145073
GET /assets/Malware-Analysis/SnakeKeylogger/33.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-be70"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A920:DA1C:42058A6:443A178:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.748961,VS0,VE155
vary: Accept-Encoding
x-fastly-request-id: 131c4fb5d570d263e118ee8b5b9182a49b026c22
content-length: 48752
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/6.PNG
185.199.108.153200 OK 58 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/6.PNG
IP 185.199.108.153:0
File type PNG image data, 1094 x 427, 8-bit/color RGBA, non-interlaced\012- data
Hash d2d3a1ebb314f08cb3cb9983ff53bbb8
7501eeaf0ea94836799cd9ecd1b6da8141a3569c
75fdb285cd59ae2880289fbbcaba6be3b23ef315f2c798901235eb2fed856ed2
GET /assets/Malware-Analysis/SnakeKeylogger/6.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-e2df"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: BA82:6D28:3339D32:34FB84C:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.761192,VS0,VE140
vary: Accept-Encoding
x-fastly-request-id: e6984cd3dd5003a34655c0123ccd4935f5733d80
content-length: 58079
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/42.PNG
185.199.108.153200 OK 119 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/42.PNG
IP 185.199.108.153:0
File type PNG image data, 1275 x 632, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (119211 bytes)
Hash 08c46361f6da7065ddf98ea2c6374e2b
1c16ab5ada3c2f40d9320c4dadc308956e3f51d9
668a2c5255f88dc1c3695c4acdaa568cc7979db8636352f69df9a7d4e03456a1
GET /assets/Malware-Analysis/SnakeKeylogger/42.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1d1ab"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B748:0E52:AF134D:B4E37D:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.755062,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: 7154d2b5d7df9a0ccf7549d2cd2c3a35051f5a9e
content-length: 119211
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/12.PNG
185.199.108.153200 OK 31 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/12.PNG
IP 185.199.108.153:0
File type PNG image data, 680 x 440, 8-bit/color RGBA, non-interlaced\012- data
Hash 950666e26e16cfe42303bc4a8b1a9bdf
41824b48b44648b051f6f0e90a8888f67aeb02be
da6c83a476ed6fd48f2a876703e9d29fa35854d86dcc4a874ddeafd4dc60692b
GET /assets/Malware-Analysis/SnakeKeylogger/12.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-7a68"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 64F8:8973:3C1A471:3E2BA1B:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.774333,VS0,VE140
vary: Accept-Encoding
x-fastly-request-id: 2f2b05fc9f86185a970ce64545c3290e21166db0
content-length: 31336
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/14.PNG
185.199.108.153200 OK 51 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/14.PNG
IP 185.199.108.153:0
File type PNG image data, 842 x 433, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d341ae2322e6d59b275868229d2f30f
9e1ed5837a588b423d28fd4d29566c36364f8d40
d6fdddcc228c96ece66ce42df71b9ab3531505a8697f04ac7add275fb9c834d0
GET /assets/Malware-Analysis/SnakeKeylogger/14.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-c795"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DD5A:EEA0:355C7EB:3728F3E:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.775751,VS0,VE141
vary: Accept-Encoding
x-fastly-request-id: 79b6a8b03c68a415dfe8d945f1ff19e3921e3fe9
content-length: 51093
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/40.PNG
185.199.108.153200 OK 55 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/40.PNG
IP 185.199.108.153:0
File type PNG image data, 1227 x 666, 8-bit/color RGBA, non-interlaced\012- data
Hash 8eb17664349ac1175fe299c51ba6ac8e
5a18f70f603f4f76f0d58a0ce1a73471de4be74d
3f23b6a9f6e1ad0f1233c2b7d61d29e6bc296d387173adef1ac26dde460cc966
GET /assets/Malware-Analysis/SnakeKeylogger/40.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-d537"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: AC3C:0E52:AF134D:B4E37C:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.752929,VS0,VE165
vary: Accept-Encoding
x-fastly-request-id: f8ce6f7ae7926dfdbca661de7b82314efdb7f0d8
content-length: 54583
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/19.PNG
185.199.108.153200 OK 24 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/19.PNG
IP 185.199.108.153:0
File type PNG image data, 880 x 392, 8-bit/color RGBA, non-interlaced\012- data
Hash c313ab5d71b324f6843e5d843cd96d27
fa6575c09892312ca5f84c8236b64bd5ff32d0ed
9168039668045173a65e92ff320361f48aca803a78005c115a9063385c35ab1f
GET /assets/Malware-Analysis/SnakeKeylogger/19.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-5ce7"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B7A2:EEA0:355C7EB:3728F3D:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.773620,VS0,VE147
vary: Accept-Encoding
x-fastly-request-id: 7b4e690c3991ff5dc1b92da24a3e281df406a1d9
content-length: 23783
X-Firefox-Spdy: h2
x-junior.github.io/assets/js/main.min.js
185.199.108.153200 OK 43 kB URL HTTP/2 x-junior.github.io/assets/js/main.min.js
IP 185.199.108.153:0
File type Unicode text, UTF-8 text, with very long lines (32015)
Hash cd283d5aab90766e40a3d8ad7fd0622b
6cd37f3267fddd05248b269c97db343346ff7805
e3d165238e3ae41363a4f938160a8b18e7594d25173c5f7cae4a69033f7e41a3
GET /assets/js/main.min.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a1-1de72"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4C72:0E52:AF1351:B4E383:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.777420,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: b6fc64ca2f83d4e786a0d0e08cbefb0f1970ab3a
content-length: 42605
X-Firefox-Spdy: h2
x-junior.github.io/assets/js/lunr/lunr-store.js
185.199.108.153200 OK 40 kB URL HTTP/2 x-junior.github.io/assets/js/lunr/lunr-store.js
IP 185.199.108.153:0
File type Unicode text, UTF-8 text, with very long lines (48091)
Hash fc58ab7a347c8a899c9cc7068252a0bb
f0fd03ecd79ed215010fcde2afe25ab65e037fa0
7e2dab7cd0dddda0c6a391422d7118128c45f684268a6d6b06b3117daba99fb7
Analyzer Verdict Alert urlquery suspicious Suspicious - Suspicious JS code
GET /assets/js/lunr/lunr-store.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-20303"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A2C8:9DF4:294BFA6:2AB21EE:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.778885,VS0,VE142
vary: Accept-Encoding
x-fastly-request-id: 1ffbf0810bdf41b732db3e0aeae452e89efdb8ed
content-length: 40049
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/15.PNG
185.199.108.153200 OK 49 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/15.PNG
IP 185.199.108.153:0
File type PNG image data, 679 x 433, 8-bit/color RGBA, non-interlaced\012- data
Hash 8832333fc25131da4834425d54832b03
02c6b85cfe50b4bb91f7b28f281d31b1c5e2bbeb
3a6d81bee572c16139a0a5c512a99e1eb5ce39f4222a32fd62b533cf54669048
GET /assets/Malware-Analysis/SnakeKeylogger/15.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-bf1b"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 98B4:DA1C:42058A9:443A179:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.776663,VS0,VE146
vary: Accept-Encoding
x-fastly-request-id: 3435a3ae11d04dc8aa58e3225d6441da453e6bcc
content-length: 48923
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/35.PNG
185.199.108.153200 OK 119 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/35.PNG
IP 185.199.108.153:0
File type PNG image data, 1233 x 639, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (119083 bytes)
Hash 939922013fd5d70d9441e79f5fcb1d41
ed2041a3eb949f38b8a61308921ff8ebec787210
6b165e57a96accd6eb0e8b5249a51c92ca3eddce534766a9fc3c46552a1ff78a
GET /assets/Malware-Analysis/SnakeKeylogger/35.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1d12b"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 747E:6D28:3339D30:34FB849:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.746177,VS0,VE177
vary: Accept-Encoding
x-fastly-request-id: 78497911a60bac72ccc3470f558fe771b14a7c20
content-length: 119083
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/18.PNG
185.199.108.153200 OK 84 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/18.PNG
IP 185.199.108.153:0
File type PNG image data, 1098 x 401, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e394874b25ad494eb9e881bb10bf663
6a30981b3fb25868480959c8f1dfdce658897db0
959b81f6b80dae52d18aa2f9eac53b2f3aa002135b0c356565e98add560ca491
GET /assets/Malware-Analysis/SnakeKeylogger/18.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-14768"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6502:8973:3C1A471:3E2BA19:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.772988,VS0,VE166
vary: Accept-Encoding
x-fastly-request-id: fbda4cdd9dcb9d94b3f89bb5f00f1b6358211b10
content-length: 83816
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/34.PNG
185.199.108.153200 OK 33 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/34.PNG
IP 185.199.108.153:0
File type PNG image data, 645 x 490, 8-bit/color RGBA, non-interlaced\012- data
Hash 41fc33d8e8d859a7822445c7a7be710f
1d302d1b01f928fa31c6e42a6fc8f6114be7d0de
ec04e08e15c6f48caaf38bb0363c5a2f6a234e720b5e6c1543e0b3b9ef15eb5a
GET /assets/Malware-Analysis/SnakeKeylogger/34.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-8053"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3334:9DF4:294BFAA:2AB21F0:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.738104,VS0,VE210
vary: Accept-Encoding
x-fastly-request-id: 6465c9085999a9db5ca8f1e2a3ea6aab934a8a0c
content-length: 32851
X-Firefox-Spdy: h2
x-junior.github.io/assets/js/lunr/lunr.min.js
185.199.108.153200 OK 8.3 kB URL HTTP/2 x-junior.github.io/assets/js/lunr/lunr.min.js
IP 185.199.108.153:0
File type ASCII text, with very long lines (29370), with no line terminators
Hash 53d12c4a20fa6de261a1721ef3a305ec
32a2e82b4d5739e5b1ca1826d80a34792968dc71
fb356651ad7b957d6d95b249be4ad711567ecc77a5b131ef5664d2d5572bac1a
GET /assets/js/lunr/lunr.min.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a1-72ba"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B754:0C56:3C0355A:3E0B8DB:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.778205,VS0,VE170
vary: Accept-Encoding
x-fastly-request-id: bbd92bc4ccd2fea99b7b8aaa34964b183aa6307a
content-length: 8349
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/45.PNG
185.199.108.153200 OK 38 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/45.PNG
IP 185.199.108.153:0
File type PNG image data, 437 x 607, 8-bit/color RGBA, non-interlaced\012- data
Hash 87799423e6782e8575dc7f2a0a9f9e69
33fb69976e2834b028905c3e8dd99b17809f8829
8f988ee721651d64a75b29391d369ca8f090154c63e78b2e0b7909adc56191cd
GET /assets/Malware-Analysis/SnakeKeylogger/45.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-9551"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 68A8:0E7F:3B5E794:3D6BF21:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.755758,VS0,VE206
vary: Accept-Encoding
x-fastly-request-id: 0970fa1d3b99dc99f234b0b94a597639f375bdef
content-length: 38225
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/8.PNG
185.199.108.153200 OK 18 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/8.PNG
IP 185.199.108.153:0
File type PNG image data, 1287 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d6896d1e5524900f624212a9b7770d2
e3db0755f8b2feb9c88a97cccdc68b1fd84fff5b
96c2b54d8570a118531b2bebe43e2fa56a4d0c3fe0cbd7e6875b2f22ef8eac77
GET /assets/Malware-Analysis/SnakeKeylogger/8.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-4503"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 9650:9DF4:294BFAD:2AB21F2:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.762112,VS0,VE219
vary: Accept-Encoding
x-fastly-request-id: 69134e6153ce672871a41ec7cec4a3389df62fca
content-length: 17667
X-Firefox-Spdy: h2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/13.PNG
185.199.108.153200 OK 43 kB URL HTTP/2 x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/13.PNG
IP 185.199.108.153:0
File type PNG image data, 1121 x 430, 8-bit/color RGBA, non-interlaced\012- data
Hash f19a12c434599cbec2ce0c0bc8b616f8
1e0a9e7ef5a8302aa5bd808aaaeeb4c137be4e48
803f1edc86b4e363f984a4ae86b527cd82c133dc403c41dc5a01518345b7b658
GET /assets/Malware-Analysis/SnakeKeylogger/13.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-a735"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1AE2:0BF7:34EDDCD:36AC92F:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.774927,VS0,VE216
vary: Accept-Encoding
x-fastly-request-id: a0496e71214ad136813248fb717c5578b9b1f12f
content-length: 42805
X-Firefox-Spdy: h2
x-junior.github.io/assets/images/logo.png
185.199.108.153200 OK 264 kB URL HTTP/2 x-junior.github.io/assets/images/logo.png
IP 185.199.108.153:0
File type PNG image data, 3116 x 3001, 8-bit/color RGBA, non-interlaced\012- data
Size 264 kB (263875 bytes)
Hash 062dd4eec56e0c80344aaa72b292cd2d
b0630e50ba32bb4c71af28182b3cc9667d328aa8
8d0f6b7ce3272502074cae684ce7d6a05cfa3e63835934947d788a979af786c9
GET /assets/images/logo.png HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-406c3"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B74A:AD3D:157B22D:162B5B1:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:38 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.736882,VS0,VE283
vary: Accept-Encoding
x-fastly-request-id: 940cdd70585ead293ab1842d864dbef20a6162f0
content-length: 263875
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 02:14:33 GMT
age: 2225
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19611
Expires: Thu, 23 Mar 2023 08:18:29 GMT
Date: Thu, 23 Mar 2023 02:51:38 GMT
Connection: keep-alive
x-junior.github.io/assets/images/logo5.jpg
185.199.108.153200 OK 3.5 MB URL HTTP/2 x-junior.github.io/assets/images/logo5.jpg
IP 185.199.108.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x2160, components 3\012- data
Size 3.5 MB (3528762 bytes)
Hash 7844edb18eea75e09c8b27095890dafe
75057cc21a9215c2780d5cc3c8d04c0b4a3a8f6a
12db233fb45d4dbddbadc829072dea95132b7343eaf35c603cf33118060aa126
GET /assets/images/logo5.jpg HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-35d83a"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 60FC:E198:9880F1:9CED0B:641BBEB8
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:38 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.737561,VS0,VE323
vary: Accept-Encoding
x-fastly-request-id: 5d0669ebae74802dfa9f27b634a78fd7956fda8c
content-length: 3528762
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.83.222.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.222.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4hnrNLV7OmA2NO0NF2SGZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p3pnc1MCxKzDi9rEs9wDElJIz44=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b877c9b1fa2292db9a135eff3c3995c
919df81af94dd2dc33516bba4632c417d4313d9f
e6d61f94237d97be08a89d16b3c86c44e624c021906e6d94c74395751caf8d4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10239
x-amzn-requestid: 3df584e9-63cf-42c6-8b3a-d212a9b1b9ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBGTLH3wIAMFpFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b747-4deaa0770aae24c17c4e4edf;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:18:31 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: pNoGlkaYZhWFCF11qRn6HVWBUiz2Rm7jmwB_N-6hXM0xYuTMeNgoEQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:06:49 GMT
age: 17090
etag: "919df81af94dd2dc33516bba4632c417d4313d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 18235
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fdf1ed2958d8db65b7e247e1584eb841
a6385a641fbb1445ca73e632d06d691970b1e3f8
49fda09ea2e648aa8a09b7e72735a3402e8e87572cc188155c292a0d9fd6159b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5971
x-amzn-requestid: a3b249e1-616a-492b-bfc5-12df811361cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFV9H5XIAMFb9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5bf-4d51c9467af0c8485d7d98c0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:11:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qv0F14NgbMfCze9mmFykEDHdCG8yCNvFNa4smLDa1Tmg3_aaZakVoQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 10:34:59 GMT
age: 58600
etag: "a6385a641fbb1445ca73e632d06d691970b1e3f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: 672e5b15-9c0c-45e0-9c7b-bcf8403859fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFarEW6oAMFW-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5dd-6a8ddbde77a15cf91f5d411e;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: uA55p7FpwrkKSmMXMQl2rQEu5yLHWIDe81khrzVE96mrqYuQW-wYSw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:54:24 GMT
age: 68235
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3aa18378fc5715083fb26bd0d62f382
ee683e481a4501d2ab8ca63d1426d6fab6f2b064
8aade71c4b55f6a9daab28a05a90bcc3c6c01b700aa48d2f8ccdb1992fa5ee81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10816
x-amzn-requestid: 60a537d2-1b8a-4ae2-967c-a7e57c818cc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xY0EHqoAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6415629e-1be08f9f3a13492717fdaa48;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFf9EtVQUyRcUOT6Aj_L88__ZyBlVX61cOmPi70WnyxxPteVUFFXEw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 23404
etag: "ee683e481a4501d2ab8ca63d1426d6fab6f2b064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 23404
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2