Report - x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html

Report Overview

Submitted URL
x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
IP
185.199.111.153
ASN
#54113 FASTLY
Submitted
2023-03-23 02:51:48
Access
public
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - Suspicious JS code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-26T05:09:32Z	368 B	2.0 kB	151.101.130.133
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-26T05:21:02Z	420 B	14 kB	151.101.129.229
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	35.83.222.17
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	56 kB	34.120.237.76
x-junior.github.io	unknown	2022-06-08T00:13:51Z	2023-03-22T13:08:11Z	20 kB	5.4 MB	185.199.111.153
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-26T05:09:13Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-26T05:09:18Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	x-junior.github.io/assets/js/lunr/lunr-en.js	2.5 kB	2023-03-11	2024-02-28
Pretty URL x-junior.github.io/assets/js/lunr/lunr-en.js IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:02 Last Seen2024-02-28 16:16:55 Times Seen47 Hash 8c1c664d8ed573e484258337e048286a 42973239b5f1445d65f373d2c5862817f5839b5b 455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5 Loading...

	x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html	111 B	2023-03-07	2024-03-04
Pretty URL x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:42:17 Last Seen2024-03-04 16:17:29 Times Seen46 Hash dac95b94618de1e51df26a2477d28de5 e14fcbdbcd1fd95a2f83f8255738f99cc0d072ae dee293078c2b45729f49f8c9e174424e1871213e4f38a1c0aa0742823f28ac4d Loading...

	x-junior.github.io/assets/js/main.min.js	122 kB	2023-03-11	2024-01-28
Pretty URL x-junior.github.io/assets/js/main.min.js IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:02 Last Seen2024-01-28 11:49:05 Times Seen30 Hash ce7227e1cefaaeee12172d690cf59ba9 6a1d1a28498b8071f7ca881e2e0882e555e769fc 76c81906e2edbe98f28dfccd7dcfa7efc0ef95f3b23261c621115166a3ff10d0 Loading...

	x-junior.github.io/assets/js/lunr/lunr-store.js	132 kB	2023-03-11	2024-01-28
Pretty URL x-junior.github.io/assets/js/lunr/lunr-store.js IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:02 Last Seen2024-01-28 11:49:05 Times Seen15 Hash 17adcc43543b392d22314cb193ba58e9 d454d7a32544bf8a783858c6f41d3727f395e22b 003af16175cce5825dde32c0bcf7e0cb1a01a471feeb586aba7f36fe0a6d195c Loading...

	x-junior.github.io/assets/js/lunr/lunr.min.js	29 kB	2023-03-11	2024-01-28
Pretty URL x-junior.github.io/assets/js/lunr/lunr.min.js IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:53:02 Last Seen2024-01-28 11:49:05 Times Seen31 Hash 7eac9eb2bea17aeda59860eea734d786 978fc5e335b652a705ecf4ec64785801add7fdcb b92711806ac89c3d959cf3698e6950b41d974552dccf2c99beb4e4622f9edf55 Loading...

HTTP Transactions (63)

URL IP Response Size

x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html

185.199.111.153

301 Moved Permanently

162 B

URL HTTP/1.1
x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /malware%20analysis/2022/06/24/Snakekeylogger.html HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Server: GitHub.com
Content-Type: text/html
permissions-policy: interest-cohort=()
Location: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
X-GitHub-Request-Id: BA82:6D28:3339D15:34FB82F:641BBEB9
Accept-Ranges: bytes
Date: Thu, 23 Mar 2023 02:51:37 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1677-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1679539897.161755,VS0,VE117
Vary: Accept-Encoding
X-Fastly-Request-ID: 1db4276fec4812542e4ce515bb16fc350248651a

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7196
Expires: Thu, 23 Mar 2023 04:51:33 GMT
Date: Thu, 23 Mar 2023 02:51:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
65fc860bc043f3fb83bdc3debdcd322d
418010755deae099ef1284e402813c5837a10f42
d93d50c523c7f735987aba09db628259441eb75efe713a2df3c214e1fb8b5171

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D93D50C523C7F735987ABA09DB628259441EB75EFE713A2DF3C214E1FB8B5171"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13022
Expires: Thu, 23 Mar 2023 06:28:39 GMT
Date: Thu, 23 Mar 2023 02:51:37 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7872
Expires: Thu, 23 Mar 2023 05:02:49 GMT
Date: Thu, 23 Mar 2023 02:51:37 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 02:15:05 GMT
content-type: application/json
age: 2192
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: D6udZ9Xy0IxJT3scz6GLj0VmnL32psE8rZr/op2OJjhNfAUvRCWBUSVPuww7/r9wiz/2XQDAvPY=
x-amz-request-id: XBKVBQZNS5T8M3AX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 01:59:45 GMT
age: 3112
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 02:51:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html

185.199.108.153

200 OK

15 kB

URL HTTP/2
x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1454)
Size
15 kB (15433 bytes)
Hash
906706fe02a5fc447b9640c36b9936a9
2ebb1eb5f9ab795c3119732450da83f5716f6b3b
15b57bcddc1bb2e46dd9fb368b10bf366939cbc03b94f77aa5db8b97865aa80d

HTTP Headers

GET /malware%20analysis/2022/06/24/Snakekeylogger.html HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-1270d"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A91E:C020:18AE66A:1978FE7:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539897.457962,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 7e68e29dc0ee7e58f5948f4c32665b30e89f0097
content-length: 15433
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css

151.101.129.229

200 OK

13 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (59119)
Size
13 kB (13056 bytes)
Hash
58721799d48d698aeb076b80b66240f9
750ab001ef09c41c9ed2b7797ee8cc7eba5cdc7d
c5b9b15ca6330e0771731d46468e86cca7ed484dc183bde0c1556d0fe34dbf4a

HTTP Headers

GET /npm/@fortawesome/fontawesome-free@5/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.15.4
x-jsd-version-type: version
etag: W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
content-encoding: br
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
age: 6697
x-served-by: cache-fra-eddf8230089-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13056
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

151.101.130.133

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
151.101.130.133:0
ASN
#54113 FASTLY

File type
data
Size
1.5 kB (1462 bytes)
Hash
989f8670765784fe74d2a7934130bbd5
e792a2ec7b385ce6065d7106d87aa2fc78a16436
3b24026ece365512a5986cbbb3cbe3e4b254caaeead6991b959f0e90fc9b54c2

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1462
Content-Type: application/ocsp-response
Etag: "8B42FEED59FEBEA64AA21EB7E9A48FE9C4AE5B50"
Expires: Thu, 23 Mar 2023 14:00:00 UTC
Last-Modified: Thu, 23 Mar 2023 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
Accept-Ranges: bytes
Date: Thu, 23 Mar 2023 02:51:37 GMT
Via: 1.1 varnish
Age: 3063
X-Served-By: cache-bma1651-BMA
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1679539898.843448,VS0,VE1

x-junior.github.io/assets/css/main.css

185.199.108.153

200 OK

14 kB

URL HTTP/2
x-junior.github.io/assets/css/main.css
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65146)
Size
14 kB (13511 bytes)
Hash
ef39dee3a18855d63db8afbd69f9a51e
31fb68b50e5e472ee36fc3c36e366817e2a6d39f
ad39e389f30d6eb604aea31d1a10961795f848feaa9f777fd949476a77e0f06e

HTTP Headers

GET /assets/css/main.css HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-10c2c"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A376:DA1C:42058A6:443A175:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.735574,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 3f4d78d1f1b4b16e1903c8243bdac645b4af11fe
content-length: 13511
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/44.PNG

185.199.108.153

200 OK

72 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/44.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1246 x 685, 8-bit/color RGBA, non-interlaced\012- data
Size
72 kB (71515 bytes)
Hash
0b0eecff5a4068c79f5d821e03562c6b
87f7f4b25bf05c5392d4eebb289b45949c1a605b
de455156dc1c66b0e10b9aabdec23f57f25bab834201eafd52984661f6c29277

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/44.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1175b"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C9B8:C020:18AE678:1978FFD:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.745701,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: a753c2257b387e9d09a381ec82e4ee48692e2950
content-length: 71515
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/20.PNG

185.199.108.153

200 OK

13 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/20.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 642 x 214, 8-bit/color RGBA, non-interlaced\012- data
Size
13 kB (13228 bytes)
Hash
61dd32d714e332ee742719b654c4fd1d
f3495b158a58a65bf1dc7f566486ad4496e76404
b4d3fdc3e2a22ea808ab5f151d5f746d46f80dfc7f1f93a95d3e43654809d7f0

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/20.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-33ac"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 8C1A:AD3D:157B229:162B5AE:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.742551,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 159c028264e42cd2eacf4eea7d2b67017fc06760
content-length: 13228
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/37.PNG

185.199.108.153

200 OK

10 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/37.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 924 x 113, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10510 bytes)
Hash
a480537687b4534f1099a960f1838c4a
03a00979eee938193836f82ba9f17a21765cb667
e94897b87b22e5e82b56790aae90b63ee32e4d39d305825f009902143eb94d99

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/37.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-290e"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1AD4:9DF4:294BFA3:2AB21E9:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.747658,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: fd271387797a574bc1e662b537fc7105c04c4d09
content-length: 10510
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/23.PNG

185.199.108.153

200 OK

17 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/23.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 782 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17432 bytes)
Hash
c91c265209ed581e4127620af8ab7ecb
adfb0f82791226eefff32767daee003f01db100b
24379d0f1f802c6682d67426bc4b5d77096d34427a0f0d7dc6d56eeabbef64fc

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/23.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-4418"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: F4A2:30E4:144C12F:14F4E92:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.744450,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: 95e1146e6680e3113b4a6b36131bad72f03aaa9d
content-length: 17432
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/24.PNG

185.199.108.153

200 OK

56 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/24.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1210 x 652, 8-bit/color RGBA, non-interlaced\012- data
Size
56 kB (55527 bytes)
Hash
121a6df7d88081e1ea66b00c8978f924
73cec9f3c46c5e43b7890ce4aa54dc4a8da7643d
f382a583f2afb65696a278e097e26886cc41169b8e9e55c92fd6a4d1e4d3f90f

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/24.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-d8e7"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3200:1097E:BB1EB4:C1681A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.743747,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: dd898da9d1ea670d992d7a632557f9da054154d4
content-length: 55527
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/3.PNG

185.199.108.153

200 OK

33 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/3.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 656 x 426, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (33199 bytes)
Hash
ed11b4d977492322849e6d259d389201
fed16ba42ae7e4d81cf679e7b677346b9fd76787
0a9077753181141a93215cd841ffee3333de6729e42f248212cc4317bfa3cb6b

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/3.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-81af"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 84FE:E198:9880F1:9CED71:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.756931,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: d3c39585a65529c86497cededb2a6d93b0bdda93
content-length: 33199
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/9.PNG

185.199.108.153

200 OK

12 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/9.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 910 x 174, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11485 bytes)
Hash
e04abde0eeb77a921a7c9b0808934b3f
bb72c4cbb5af853e26d28078647846b8f34f88fe
e7b133071b852914a1fc89a4d0e1db55befd285a3a3a5a85938d24357c659678

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/9.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-2cdd"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: E2F6:0E7F:3B5E790:3D6BF1B:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.759358,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: b7509d231862acecc0333d97927d51de54ee0fea
content-length: 11485
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/41.PNG

185.199.108.153

200 OK

41 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/41.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 945 x 591, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (40717 bytes)
Hash
6c7356dd7a977a0f51986cb937282a77
ad6372a7ff0c10aa162fa673e59fc6a256ea78cd
88936e2ea35550a2c53bc8034807542c4e3d1e9c743549aff6f82aecac39fd6e

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/41.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-9f0d"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D3A6:E733:22E4E1F:2404458:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.754571,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 54b54b0af2edf968f4c2e3fdaa735bc57acb7720
content-length: 40717
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/2.PNG

185.199.108.153

200 OK

44 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/2.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1372 x 335, 8-bit/color RGBA, non-interlaced\012- data
Size
44 kB (43574 bytes)
Hash
2f6f9b8637d50452ce59e9c6c003a903
4bc8a460cfe91076a7f296cfa601f9d5ebfb669c
6f78718222f1973732f7b3da40fed7d5c610f38771367bfc508101f0852802fe

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/2.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-aa36"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A2B8:E198:9880F1:9CED72:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.758737,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: d3bde8aadd45bbf1ee7ea87200123b164374fab9
content-length: 43574
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/43.PNG

185.199.108.153

200 OK

5.2 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/43.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 535 x 54, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5168 bytes)
Hash
7ab583a3711447bf509b37f46a0481e8
ae6805cddfc76cf3eac791e002d0d36fa714fe52
536ca721e09eef076f5d29c19cb79dc781385c64069eb74dcc2444b29d5df20c

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/43.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1430"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4B80:0E7F:3B5E790:3D6BF1A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.753555,VS0,VE128
vary: Accept-Encoding
x-fastly-request-id: b673f66ea609e0158ee46863bcf01bf1ea767315
content-length: 5168
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/38.PNG

185.199.108.153

200 OK

30 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/38.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1039 x 370, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30451 bytes)
Hash
06c76f0ec7c89dce3a3fccd67cb1c880
0c690256b13eb7a6577a7098c6ca2909dc0e14e3
ccf5f2ef592d30923ce6359d3d2fb4e3caa523f25b5322349c22b41ddab0acdf

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/38.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-76f3"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0A22:E733:22E4E1F:2404456:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.748366,VS0,VE135
vary: Accept-Encoding
x-fastly-request-id: ca96ea268d12a0b9f900e22457ec65de0959d0ee
content-length: 30451
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/36.PNG

185.199.108.153

200 OK

87 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/36.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1228 x 642, 8-bit/color RGBA, non-interlaced\012- data
Size
87 kB (87014 bytes)
Hash
e32078364f93c2a374efb83649ee7ae2
b6a10cb80d047a42f04e8066790f34daaa2dcf33
bc046ce02d23f260392b5db4c0b07a1f5247b69725ac7c5c658b719072f42961

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/36.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-153e6"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: BAA0:07FF:73F67F:77544A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.747127,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: 5d00e2aa8ab01b790a5ba24123bc94f43ac8ef21
content-length: 87014
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/46.PNG

185.199.108.153

200 OK

58 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/46.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 450 x 660, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (57836 bytes)
Hash
b1c0965b3ab7073de6f332daab0ad556
7f60c2158c4fbb1c32f061235df56ef3cfd3fbb5
2255ba1f95b5ce58d588a7bf22b212810f4dbfeab930eaa60d166a8a95245ef0

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/46.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-e1ec"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3206:EEA0:355C7EB:3728F3B:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.756298,VS0,VE137
vary: Accept-Encoding
x-fastly-request-id: a9af7404113caf6c77bb9cbca3c4261fa4a49114
content-length: 57836
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/10.PNG

185.199.108.153

200 OK

24 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/10.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1204 x 303, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (24275 bytes)
Hash
e24c061bafed2f84be03b33506c97263
fd4cfb91ae104879616a46eeb8ac836401bea0e4
bf2813b1d1137e2ad18dcf57ba0e7a7da2dc1ed509be71d3c40b17687cdbdbac

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/10.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-5ed3"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 98B0:0BF7:34EDDC9:36AC92C:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.760393,VS0,VE136
vary: Accept-Encoding
x-fastly-request-id: 1ccd76280b8a9be9b50068a91d301fdda6d8c728
content-length: 24275
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/29.PNG

185.199.108.153

200 OK

37 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/29.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1917 x 232, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (37302 bytes)
Hash
4293dea76499f88d9e76a23c21584d4f
3fbd95a219bf2f37ed40445019f189947aa53cd4
bb321366ca1a213f0c7b9f33b3830ae0c60eaf9db90418ae5cf48a25689d084f

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/29.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-91b6"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: D590:DD9B:34D9B13:36A6294:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.752343,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: f8ed3e868f9b5a262fc743c4668a624c1c0f43e7
content-length: 37302
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/21.PNG

185.199.108.153

200 OK

15 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/21.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 694 x 217, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (15254 bytes)
Hash
63645695b71de19f10ff319eff7c62a1
aad41f139ae6d441e6a019144fe928c7fa603fc2
9a0f16e95a27642fbde6f8391b96e4460e6d24d0dfa1b3ed51583929e219bd24

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/21.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-3b96"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 702C:E198:9880F1:9CED6E:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.743178,VS0,VE154
vary: Accept-Encoding
x-fastly-request-id: b42903203a7f0f1d0e4dd527194f9b37bf4491ee
content-length: 15254
X-Firefox-Spdy: h2

x-junior.github.io/assets/js/lunr/lunr-en.js

185.199.108.153

200 OK

818 B

URL HTTP/2
x-junior.github.io/assets/js/lunr/lunr-en.js
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
HTML document, ASCII text
Size
818 B (818 bytes)
Hash
473f50ea28b3f3068be96287e995a996
91a8192f1c1395149216ab4c92ce45531f7f9f76
49a3f84f598f3700ef55d7b414a63c0a354b99073f53c61de484e272f23fcfdc

HTTP Headers

GET /assets/js/lunr/lunr-en.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-9bd"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 60F4:8973:3C1A472:3E2BA1E:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.782361,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 2f3b102a82027cda8dbcf5b3f57cf6b64dc18324
content-length: 818
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/1.PNG

185.199.108.153

200 OK

36 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/1.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 592 x 407, 8-bit/color RGBA, non-interlaced\012- data
Size
36 kB (35919 bytes)
Hash
a0b4870b3866628085f5f8c8914d0913
7fa5ad2dd882d767bf98590f0bb8ea6acc7c3ea1
d4223d5de24d6dd66c7992285c02f8a718006240bbb8e84965e0b1876f9e5f7e

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/1.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-8c4f"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B7AE:11502:3760E19:393D49A:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.758171,VS0,VE148
vary: Accept-Encoding
x-fastly-request-id: d1dccfe8efb76e1a7d2b55dfe4ed068dc76ee9dc
content-length: 35919
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/4.PNG

185.199.108.153

200 OK

38 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/4.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1309 x 396, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38457 bytes)
Hash
12d89e1b0b1ed6ef3d1320df9e5cfe5a
aa1423fd41b5e3875679f85d9f7d4e8054308d31
3e2527da3aca42443f06ab6d205172fd22d857e88f63fd0348f2ea479e70ffa0

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/4.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-9639"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A8C6:30E4:144C12F:14F4E93:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.757492,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: 5f21dc5ef15e9ac9571436795bca6ce1197bb21d
content-length: 38457
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/25.PNG

185.199.108.153

200 OK

64 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/25.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1209 x 661, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64452 bytes)
Hash
b13c4b30a2a2c2c4715e1ae4206fc31b
3ce47c5906035ddbbee832c43c3fb37ba1e21611
651b3815c59b03bf5957d9e8df5f81a4549248135fa210c652d9670be15f147a

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/25.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-fbc4"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 7036:8973:3C1A471:3E2BA15:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.745044,VS0,VE162
vary: Accept-Encoding
x-fastly-request-id: 9fca46f28e1e88da0adb30c4edc14e3a4381d4f1
content-length: 64452
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/33.PNG

185.199.108.153

200 OK

49 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/33.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1234 x 482, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (48752 bytes)
Hash
321e90c4563c0caa9d1edb6c952e9697
7777a9811510768d6ca44fc05117b116f9f6945e
877aece1bb82f8672b70862df85eb0615a3ada20a66259832f947adcce145073

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/33.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-be70"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A920:DA1C:42058A6:443A178:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.748961,VS0,VE155
vary: Accept-Encoding
x-fastly-request-id: 131c4fb5d570d263e118ee8b5b9182a49b026c22
content-length: 48752
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/6.PNG

185.199.108.153

200 OK

58 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/6.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1094 x 427, 8-bit/color RGBA, non-interlaced\012- data
Size
58 kB (58079 bytes)
Hash
d2d3a1ebb314f08cb3cb9983ff53bbb8
7501eeaf0ea94836799cd9ecd1b6da8141a3569c
75fdb285cd59ae2880289fbbcaba6be3b23ef315f2c798901235eb2fed856ed2

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/6.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-e2df"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: BA82:6D28:3339D32:34FB84C:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.761192,VS0,VE140
vary: Accept-Encoding
x-fastly-request-id: e6984cd3dd5003a34655c0123ccd4935f5733d80
content-length: 58079
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/42.PNG

185.199.108.153

200 OK

119 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/42.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1275 x 632, 8-bit/color RGBA, non-interlaced\012- data
Size
119 kB (119211 bytes)
Hash
08c46361f6da7065ddf98ea2c6374e2b
1c16ab5ada3c2f40d9320c4dadc308956e3f51d9
668a2c5255f88dc1c3695c4acdaa568cc7979db8636352f69df9a7d4e03456a1

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/42.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1d1ab"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B748:0E52:AF134D:B4E37D:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.755062,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: 7154d2b5d7df9a0ccf7549d2cd2c3a35051f5a9e
content-length: 119211
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/12.PNG

185.199.108.153

200 OK

31 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/12.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 680 x 440, 8-bit/color RGBA, non-interlaced\012- data
Size
31 kB (31336 bytes)
Hash
950666e26e16cfe42303bc4a8b1a9bdf
41824b48b44648b051f6f0e90a8888f67aeb02be
da6c83a476ed6fd48f2a876703e9d29fa35854d86dcc4a874ddeafd4dc60692b

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/12.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-7a68"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 64F8:8973:3C1A471:3E2BA1B:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.774333,VS0,VE140
vary: Accept-Encoding
x-fastly-request-id: 2f2b05fc9f86185a970ce64545c3290e21166db0
content-length: 31336
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/14.PNG

185.199.108.153

200 OK

51 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/14.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 842 x 433, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (51093 bytes)
Hash
0d341ae2322e6d59b275868229d2f30f
9e1ed5837a588b423d28fd4d29566c36364f8d40
d6fdddcc228c96ece66ce42df71b9ab3531505a8697f04ac7add275fb9c834d0

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/14.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-c795"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DD5A:EEA0:355C7EB:3728F3E:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.775751,VS0,VE141
vary: Accept-Encoding
x-fastly-request-id: 79b6a8b03c68a415dfe8d945f1ff19e3921e3fe9
content-length: 51093
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/40.PNG

185.199.108.153

200 OK

55 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/40.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1227 x 666, 8-bit/color RGBA, non-interlaced\012- data
Size
55 kB (54583 bytes)
Hash
8eb17664349ac1175fe299c51ba6ac8e
5a18f70f603f4f76f0d58a0ce1a73471de4be74d
3f23b6a9f6e1ad0f1233c2b7d61d29e6bc296d387173adef1ac26dde460cc966

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/40.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-d537"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: AC3C:0E52:AF134D:B4E37C:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.752929,VS0,VE165
vary: Accept-Encoding
x-fastly-request-id: f8ce6f7ae7926dfdbca661de7b82314efdb7f0d8
content-length: 54583
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/19.PNG

185.199.108.153

200 OK

24 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/19.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 880 x 392, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23783 bytes)
Hash
c313ab5d71b324f6843e5d843cd96d27
fa6575c09892312ca5f84c8236b64bd5ff32d0ed
9168039668045173a65e92ff320361f48aca803a78005c115a9063385c35ab1f

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/19.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-5ce7"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B7A2:EEA0:355C7EB:3728F3D:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.773620,VS0,VE147
vary: Accept-Encoding
x-fastly-request-id: 7b4e690c3991ff5dc1b92da24a3e281df406a1d9
content-length: 23783
X-Firefox-Spdy: h2

x-junior.github.io/assets/js/main.min.js

185.199.108.153

200 OK

43 kB

URL HTTP/2
x-junior.github.io/assets/js/main.min.js
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (32015)
Size
43 kB (42605 bytes)
Hash
cd283d5aab90766e40a3d8ad7fd0622b
6cd37f3267fddd05248b269c97db343346ff7805
e3d165238e3ae41363a4f938160a8b18e7594d25173c5f7cae4a69033f7e41a3

HTTP Headers

GET /assets/js/main.min.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a1-1de72"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4C72:0E52:AF1351:B4E383:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.777420,VS0,VE144
vary: Accept-Encoding
x-fastly-request-id: b6fc64ca2f83d4e786a0d0e08cbefb0f1970ab3a
content-length: 42605
X-Firefox-Spdy: h2

x-junior.github.io/assets/js/lunr/lunr-store.js

185.199.108.153

200 OK

40 kB

URL HTTP/2
x-junior.github.io/assets/js/lunr/lunr-store.js
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (48091)
Size
40 kB (40049 bytes)
Hash
fc58ab7a347c8a899c9cc7068252a0bb
f0fd03ecd79ed215010fcde2afe25ab65e037fa0
7e2dab7cd0dddda0c6a391422d7118128c45f684268a6d6b06b3117daba99fb7

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious JS code

HTTP Headers

GET /assets/js/lunr/lunr-store.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:26 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a6-20303"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A2C8:9DF4:294BFA6:2AB21EE:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.778885,VS0,VE142
vary: Accept-Encoding
x-fastly-request-id: 1ffbf0810bdf41b732db3e0aeae452e89efdb8ed
content-length: 40049
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/15.PNG

185.199.108.153

200 OK

49 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/15.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 679 x 433, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (48923 bytes)
Hash
8832333fc25131da4834425d54832b03
02c6b85cfe50b4bb91f7b28f281d31b1c5e2bbeb
3a6d81bee572c16139a0a5c512a99e1eb5ce39f4222a32fd62b533cf54669048

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/15.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-bf1b"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 98B4:DA1C:42058A9:443A179:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.776663,VS0,VE146
vary: Accept-Encoding
x-fastly-request-id: 3435a3ae11d04dc8aa58e3225d6441da453e6bcc
content-length: 48923
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/35.PNG

185.199.108.153

200 OK

119 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/35.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1233 x 639, 8-bit/color RGBA, non-interlaced\012- data
Size
119 kB (119083 bytes)
Hash
939922013fd5d70d9441e79f5fcb1d41
ed2041a3eb949f38b8a61308921ff8ebec787210
6b165e57a96accd6eb0e8b5249a51c92ca3eddce534766a9fc3c46552a1ff78a

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/35.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-1d12b"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 747E:6D28:3339D30:34FB849:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.746177,VS0,VE177
vary: Accept-Encoding
x-fastly-request-id: 78497911a60bac72ccc3470f558fe771b14a7c20
content-length: 119083
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/18.PNG

185.199.108.153

200 OK

84 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/18.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1098 x 401, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (83816 bytes)
Hash
2e394874b25ad494eb9e881bb10bf663
6a30981b3fb25868480959c8f1dfdce658897db0
959b81f6b80dae52d18aa2f9eac53b2f3aa002135b0c356565e98add560ca491

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/18.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-14768"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 6502:8973:3C1A471:3E2BA19:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.772988,VS0,VE166
vary: Accept-Encoding
x-fastly-request-id: fbda4cdd9dcb9d94b3f89bb5f00f1b6358211b10
content-length: 83816
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/34.PNG

185.199.108.153

200 OK

33 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/34.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 645 x 490, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32851 bytes)
Hash
41fc33d8e8d859a7822445c7a7be710f
1d302d1b01f928fa31c6e42a6fc8f6114be7d0de
ec04e08e15c6f48caaf38bb0363c5a2f6a234e720b5e6c1543e0b3b9ef15eb5a

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/34.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-8053"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3334:9DF4:294BFAA:2AB21F0:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.738104,VS0,VE210
vary: Accept-Encoding
x-fastly-request-id: 6465c9085999a9db5ca8f1e2a3ea6aab934a8a0c
content-length: 32851
X-Firefox-Spdy: h2

x-junior.github.io/assets/js/lunr/lunr.min.js

185.199.108.153

200 OK

8.3 kB

URL HTTP/2
x-junior.github.io/assets/js/lunr/lunr.min.js
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (29370), with no line terminators
Size
8.3 kB (8349 bytes)
Hash
53d12c4a20fa6de261a1721ef3a305ec
32a2e82b4d5739e5b1ca1826d80a34792968dc71
fb356651ad7b957d6d95b249be4ad711567ecc77a5b131ef5664d2d5572bac1a

HTTP Headers

GET /assets/js/lunr/lunr.min.js HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"62b6d2a1-72ba"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B754:0C56:3C0355A:3E0B8DB:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.778205,VS0,VE170
vary: Accept-Encoding
x-fastly-request-id: bbd92bc4ccd2fea99b7b8aaa34964b183aa6307a
content-length: 8349
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/45.PNG

185.199.108.153

200 OK

38 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/45.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 437 x 607, 8-bit/color RGBA, non-interlaced\012- data
Size
38 kB (38225 bytes)
Hash
87799423e6782e8575dc7f2a0a9f9e69
33fb69976e2834b028905c3e8dd99b17809f8829
8f988ee721651d64a75b29391d369ca8f090154c63e78b2e0b7909adc56191cd

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/45.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-9551"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 68A8:0E7F:3B5E794:3D6BF21:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.755758,VS0,VE206
vary: Accept-Encoding
x-fastly-request-id: 0970fa1d3b99dc99f234b0b94a597639f375bdef
content-length: 38225
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/8.PNG

185.199.108.153

200 OK

18 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/8.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1287 x 118, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17667 bytes)
Hash
9d6896d1e5524900f624212a9b7770d2
e3db0755f8b2feb9c88a97cccdc68b1fd84fff5b
96c2b54d8570a118531b2bebe43e2fa56a4d0c3fe0cbd7e6875b2f22ef8eac77

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/8.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-4503"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 9650:9DF4:294BFAD:2AB21F2:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.762112,VS0,VE219
vary: Accept-Encoding
x-fastly-request-id: 69134e6153ce672871a41ec7cec4a3389df62fca
content-length: 17667
X-Firefox-Spdy: h2

x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/13.PNG

185.199.108.153

200 OK

43 kB

URL HTTP/2
x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/13.PNG
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 1121 x 430, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42805 bytes)
Hash
f19a12c434599cbec2ce0c0bc8b616f8
1e0a9e7ef5a8302aa5bd808aaaeeb4c137be4e48
803f1edc86b4e363f984a4ae86b527cd82c133dc403c41dc5a01518345b7b658

HTTP Headers

GET /assets/Malware-Analysis/SnakeKeylogger/13.PNG HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-a735"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1AE2:0BF7:34EDDCD:36AC92F:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:37 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.774927,VS0,VE216
vary: Accept-Encoding
x-fastly-request-id: a0496e71214ad136813248fb717c5578b9b1f12f
content-length: 42805
X-Firefox-Spdy: h2

x-junior.github.io/assets/images/logo.png

185.199.108.153

200 OK

264 kB

URL HTTP/2
x-junior.github.io/assets/images/logo.png
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
PNG image data, 3116 x 3001, 8-bit/color RGBA, non-interlaced\012- data
Size
264 kB (263875 bytes)
Hash
062dd4eec56e0c80344aaa72b292cd2d
b0630e50ba32bb4c71af28182b3cc9667d328aa8
8d0f6b7ce3272502074cae684ce7d6a05cfa3e63835934947d788a979af786c9

HTTP Headers

GET /assets/images/logo.png HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-406c3"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B74A:AD3D:157B22D:162B5B1:641BBEB9
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:38 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.736882,VS0,VE283
vary: Accept-Encoding
x-fastly-request-id: 940cdd70585ead293ab1842d864dbef20a6162f0
content-length: 263875
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 02:14:33 GMT
age: 2225
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
050ca4dc2182e0a27573b0d9f32b7834
bec14dc5af0d0b32210470673511acd8db404308
b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19611
Expires: Thu, 23 Mar 2023 08:18:29 GMT
Date: Thu, 23 Mar 2023 02:51:38 GMT
Connection: keep-alive

x-junior.github.io/assets/images/logo5.jpg

185.199.108.153

200 OK

3.5 MB

URL HTTP/2
x-junior.github.io/assets/images/logo5.jpg
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x2160, components 3\012- data
Size
3.5 MB (3528762 bytes)
Hash
7844edb18eea75e09c8b27095890dafe
75057cc21a9215c2780d5cc3c8d04c0b4a3a8f6a
12db233fb45d4dbddbadc829072dea95132b7343eaf35c603cf33118060aa126

HTTP Headers

GET /assets/images/logo5.jpg HTTP/1.1
Host: x-junior.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/jpeg
permissions-policy: interest-cohort=()
last-modified: Sat, 25 Jun 2022 09:17:21 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: "62b6d2a1-35d83a"
expires: Thu, 23 Mar 2023 03:01:37 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 60FC:E198:9880F1:9CED0B:641BBEB8
accept-ranges: bytes
date: Thu, 23 Mar 2023 02:51:38 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679539898.737561,VS0,VE323
vary: Accept-Encoding
x-fastly-request-id: 5d0669ebae74802dfa9f27b634a78fd7956fda8c
content-length: 3528762
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.83.222.17

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.222.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4hnrNLV7OmA2NO0NF2SGZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p3pnc1MCxKzDi9rEs9wDElJIz44=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6856
Expires: Thu, 23 Mar 2023 04:45:55 GMT
Date: Thu, 23 Mar 2023 02:51:39 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10239 bytes)
Hash
4b877c9b1fa2292db9a135eff3c3995c
919df81af94dd2dc33516bba4632c417d4313d9f
e6d61f94237d97be08a89d16b3c86c44e624c021906e6d94c74395751caf8d4a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10239
x-amzn-requestid: 3df584e9-63cf-42c6-8b3a-d212a9b1b9ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBGTLH3wIAMFpFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b747-4deaa0770aae24c17c4e4edf;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:18:31 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: pNoGlkaYZhWFCF11qRn6HVWBUiz2Rm7jmwB_N-6hXM0xYuTMeNgoEQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:06:49 GMT
age: 17090
etag: "919df81af94dd2dc33516bba4632c417d4313d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4912 bytes)
Hash
f4a771935927950222124e14b56046df
d07fe53e4ac41048497b2732c017f6666c3eda9e
4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4912
x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3Fl1IAMFYgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: soxgrR0B6Rz79QysB7qbMTsNYmkYfG8doOMPpTEd9uLlrE6WTcDKdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:47:44 GMT
age: 18235
etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5971 bytes)
Hash
fdf1ed2958d8db65b7e247e1584eb841
a6385a641fbb1445ca73e632d06d691970b1e3f8
49fda09ea2e648aa8a09b7e72735a3402e8e87572cc188155c292a0d9fd6159b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba4910e6-683b-4c06-94c1-4e4a3314f2f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5971
x-amzn-requestid: a3b249e1-616a-492b-bfc5-12df811361cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFV9H5XIAMFb9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5bf-4d51c9467af0c8485d7d98c0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:11:59 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qv0F14NgbMfCze9mmFykEDHdCG8yCNvFNa4smLDa1Tmg3_aaZakVoQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 10:34:59 GMT
age: 58600
etag: "a6385a641fbb1445ca73e632d06d691970b1e3f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10284 bytes)
Hash
4e89d0b1281259e7399294fb5fa19d2b
5035ed41f497c97faefae9cdaf42dc07ab468557
f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10284
x-amzn-requestid: 672e5b15-9c0c-45e0-9c7b-bcf8403859fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFarEW6oAMFW-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5dd-6a8ddbde77a15cf91f5d411e;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: uA55p7FpwrkKSmMXMQl2rQEu5yLHWIDe81khrzVE96mrqYuQW-wYSw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:54:24 GMT
age: 68235
etag: "5035ed41f497c97faefae9cdaf42dc07ab468557"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10816 bytes)
Hash
f3aa18378fc5715083fb26bd0d62f382
ee683e481a4501d2ab8ca63d1426d6fab6f2b064
8aade71c4b55f6a9daab28a05a90bcc3c6c01b700aa48d2f8ccdb1992fa5ee81

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10816
x-amzn-requestid: 60a537d2-1b8a-4ae2-967c-a7e57c818cc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xY0EHqoAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6415629e-1be08f9f3a13492717fdaa48;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFf9EtVQUyRcUOT6Aj_L88__ZyBlVX61cOmPi70WnyxxPteVUFFXEw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 23404
etag: "ee683e481a4501d2ab8ca63d1426d6fab6f2b064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7419 bytes)
Hash
f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 23404
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (63)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type