{"report_id":"621d1663-2627-4f53-9fe7-98ddebe19a18","version":6,"status":"done","tags":["suspicious","telegram_bot"],"date":"2026-01-04T06:54:33Z","url":{"schema":"http","addr":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"title":"Deep Analysis of Snake Keylogger - XJunior","dom":{"size":78462,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1454)","md5":"2659cc73592b8635edd4b8e94edb2fe7","sha1":"028c3fd629542abfa4c93de119e47e8678b37a8b","sha256":"8ee9214c5efa88553de3de14fdf76c51b8087df7d62ca862b2d363b589177fb4","sha512":"44790b532c2bc2079fea1ac4617f3e3289ad5051c2b6f3361d3812c11b79b416b61f645f934b5565a636f3727b9da4b827494a350e9f5fea8e007f372a04d362","ssdeep":"768:BSWA/4+tHFGzu2fYlFFuiSn8ZbcUNNuze9ZWIKTdxuN:o/4+zG5YSn8ZbbTuzNuN","tlshash":"f473b6c0e5f691335037d2d766eeaf66bae1006bd292444072fe87bc5bddc90781386a","dom_hash":"domhash6319baea30205f79315269f8fa9c7c6f","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":0,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T06:54:33Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"x-junior.github.io/assets/js/lunr/lunr-store.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detects file containing Telegram Bot API","trigger":"x-junior.github.io/assets/js/lunr/lunr-store.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detects file containing Telegram Bot API","trigger":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null},{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"summary":[{"fqdn":"x-junior.github.io","ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2013-03-08","domain_rank":0,"first_seen":"2022-06-07T22:13:51Z","last_seen":"2025-12-06T13:15:44.220625Z","alert_count":5,"request_count":42,"received_data":5979826,"sent_data":21830,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Ruby","description":"Ruby is an open-source object-oriented programming language.","website":"https://ruby-lang.org","common_platform_enumeration":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","icon":"Ruby.png","categories":["Programming languages"]},{"name":"Lunr.js","description":"A very simple search index.","website":"https://lunrjs.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Jekyll","description":"Jekyll is a blog-aware, static site generator for personal, project, or organisation sites.","website":"https://jekyllrb.com","common_platform_enumeration":"cpe:2.3:a:jekyllrb:jekyll:*:*:*:*:*:*:*:*","icon":"Jekyll.svg","categories":["Static site generator"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-28T22:26:34.892336Z","alert_count":0,"request_count":4,"received_data":230410,"sent_data":2138,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":[{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr-store.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"md5":"5f47bcfa2413b687078cfc4d489b8956","sha1":"2fee449f8f4b0634b814f3aba45085711697ba52","sha256":"0bbb44285f1bd87ca0e3a43947a41ba0e633d3846e416eace9c0d271e000d78c","sha512":"2bc3e52747fd2149dd8b3d1df360bbe3ac54f0600c900847c3e515487a7f92ea0f325b80044232a51b4abca19b7aa3b8520a7ab767549c44949d58d0ce5c9ba3","size":131841,"token":"5392870078:AAEZf0ajeo_PMkBddeC_JE--NP4u4367N6c","is_revoked":false,"bot":{"token":"5392870078:AAEZf0ajeo_PMkBddeC_JE--NP4u4367N6c","user_id":"5392870078","username":"Magicallogs_bot","first_name":"Magicallogs","last_name":"","chat":{"chat_id":"1856108848","title":"","type":"private","bot_is":"member","total_users":2,"active_members":null,"admins":null},"pending_messages":0}}],"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dac95b94618de1e51df26a2477d28de5","sha1":"e14fcbdbcd1fd95a2f83f8255738f99cc0d072ae","sha256":"dee293078c2b45729f49f8c9e174424e1871213e4f38a1c0aa0742823f28ac4d","sha512":"3eef4169101e81671240bf06335899a957d6983ac82d8d2e562ce3ab3fe861802e812c848bb0871343e610a66265af3c5d4fafd5754be68481fc62151bdb7a5c","ssdeep":"","tlshash":"7db012b434019c39064f920c703cc3f83c384090fb433901e47d204b0130ec26c04f88","size":111,"data":"","first_seen":"2023-03-07T15:42:17Z","last_seen":"2026-04-12T09:15:25.574411Z","times_seen":142,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-04-12T10:03:34.299592Z","times_seen":130064,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr-en.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8c1c664d8ed573e484258337e048286a","sha1":"42973239b5f1445d65f373d2c5862817f5839b5b","sha256":"455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5","sha512":"f640d7ce4574e4d82a3b1546fcc8bd4b7d68773c93d8d3877c9eb9515d5594c2c325a4added4150180e0a07155c6b154460a546c0db7f8ec36ff603836c1378e","ssdeep":"","tlshash":"e151dcb65ceb0e322a53b0b67d2f141a74849007dc4e8d30fedc95aeaf86d2113f6169","size":2493,"data":"","first_seen":"2023-03-11T22:53:02Z","last_seen":"2026-04-08T21:03:20.547663Z","times_seen":73,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr-store.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5f47bcfa2413b687078cfc4d489b8956","sha1":"2fee449f8f4b0634b814f3aba45085711697ba52","sha256":"0bbb44285f1bd87ca0e3a43947a41ba0e633d3846e416eace9c0d271e000d78c","sha512":"2bc3e52747fd2149dd8b3d1df360bbe3ac54f0600c900847c3e515487a7f92ea0f325b80044232a51b4abca19b7aa3b8520a7ab767549c44949d58d0ce5c9ba3","ssdeep":"3072:y6lYyRJr7NmqgaIMMv2wZk+QxhdR+18Hf8KQy6QKtCku:yUx7NcaJMv2wZk+QxhdRxXnFPku","tlshash":"00d33a1a3f0383b57643e16ba5ade1e9971c95acfba13524389ce74c23d216463f2bc4","size":131841,"data":"","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.603239Z","times_seen":19,"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"x-junior.github.io/assets/js/lunr/lunr-store.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detects file containing Telegram Bot API","trigger":"x-junior.github.io/assets/js/lunr/lunr-store.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/main.min.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ce7227e1cefaaeee12172d690cf59ba9","sha1":"6a1d1a28498b8071f7ca881e2e0882e555e769fc","sha256":"76c81906e2edbe98f28dfccd7dcfa7efc0ef95f3b23261c621115166a3ff10d0","sha512":"7ea4b15403d2522788858abb2136532b2cd8c5d49595acb71b8bb46f6e81d09c26e4a55cfd92c0aa5140c2b554ee80eaa4e42a4de4a22b6b4ee4800696f239ae","ssdeep":"3072:WlpnGn0OOEnKr+Htg1GeYxFkAMqrV2htE6el:Tn0JEKKH1eYbkp6V2htbel","tlshash":"bac32adcb1c2b02247bb31b9507f610bb2765999681e8410f169d8e5bcbca4d823bf7d","size":122482,"data":"","first_seen":"2023-03-11T22:53:02Z","last_seen":"2026-04-03T15:10:34.766031Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr.min.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7eac9eb2bea17aeda59860eea734d786","sha1":"978fc5e335b652a705ecf4ec64785801add7fdcb","sha256":"b92711806ac89c3d959cf3698e6950b41d974552dccf2c99beb4e4622f9edf55","sha512":"6f8065b1f1d8f99c8356c98d684505e6637e4b26941fe4bf6f36cbaf6eb47775ed3a842e7663073e1fa297ea0e2972a3b5f4d1e1fc03217ab183ed843a1617d4","ssdeep":"768:o3MrkVmD1BFhAb3DyNGSwl7k6+tStMZi4qt+S+f0EopAeKGhHPrOK8gaRG/P6Xh5:o3MrkVmDhhAWNGSwl7k6+tStUi4qd+fz","tlshash":"d9d2758c229554954792209b6c7f0516b33b0919ac4ca1ecfa15ccdb3da8f0df63bbb9","size":29370,"data":"","first_seen":"2023-03-11T22:53:02Z","last_seen":"2026-04-03T15:10:34.786191Z","times_seen":32,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T06:54:08.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /malware%20analysis/2022/06/24/Snakekeylogger.html HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: text/html; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:26 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"62b6d2a6-1270d\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 0B62:3D391:EBB24CC:EEEE97A:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.508299,VS0,VE132\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 79dbad7611934c2104b33238d8fc25e68a2c12e1\r\ncontent-length: 15433\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Ruby","description":"Ruby is an open-source object-oriented programming language.","website":"https://ruby-lang.org","common_platform_enumeration":"cpe:2.3:a:ruby-lang:ruby:*:*:*:*:*:*:*:*","icon":"Ruby.png","categories":["Programming languages"]},{"name":"Lunr.js","description":"A very simple search index.","website":"https://lunrjs.com/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Jekyll","description":"Jekyll is a blog-aware, static site generator for personal, project, or organisation sites.","website":"https://jekyllrb.com","common_platform_enumeration":"cpe:2.3:a:jekyllrb:jekyll:*:*:*:*:*:*:*:*","icon":"Jekyll.svg","categories":["Static site generator"]}],"data":{"size":75533,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (1454)","md5":"76b4beb603cc4c25e99e5d8eff1a85a0","sha1":"8cfbb21d8b48aae0e82fb0a1a30cb6c227c09f56","sha256":"364809efc772b3a06b3b72024bfecfad7b7ecc2e38afef4d8d8eb69ac9c85f92","sha512":"7082b27fcd06e8b4ea57a3939a5a80067475611baf999792436eb8fe799203652811b52293f8ea6365473f7f5c64739597a2a101b4154e546af3f6b4fd47ff2d","ssdeep":"768:L9WdY7PEHPGzu2NYlFYuFLfkZv4QN7uje9ZWfKadhuR:qY7P4GXMLfkZvfRujFuR","tlshash":"5b7395c0e6f691335037d1d726eeaf667ae1406bd282544076fe87bc9bddc90380396a","first_seen":"2025-08-19T17:28:46.659124Z","last_seen":"2026-01-04T06:54:40.57227Z","times_seen":4,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":52,"dns":17,"connect":13,"send":0,"wait":145,"receive":2,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detects file containing Telegram Bot API","trigger":"x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/images/logo.png","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/images/logo.png HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-406c3\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 22B3:26F783:E8C57C3:EC012FA:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.844738,VS0,VE139\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 20ea4d3cff2f2ee6b26e6d7e988f32c879b0317c\r\ncontent-length: 263875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":263875,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3116 x 3001, 8-bit/color RGBA, non-interlaced","md5":"062dd4eec56e0c80344aaa72b292cd2d","sha1":"b0630e50ba32bb4c71af28182b3cc9667d328aa8","sha256":"8d0f6b7ce3272502074cae684ce7d6a05cfa3e63835934947d788a979af786c9","sha512":"49ebebf6e93fde6c6eaffcab37186d4a5f7395554fefc5c7cf23c12933114341e59c235e0bc396f59fc17de52b007da416112f91e05ef06422332b078905edbc","ssdeep":"3072:Y8mVf2YOOuyveAGRyniMxGMZB8Q5FOeevbj2TO6BACtkD5SLrjDm2l8Ut6Eb2t+u:kmORFGRyTGMZ3R7AhGm2lx2tLVR","tlshash":"5444f1bb8e43dcd9c4b558b8c8bd6ee8313902b8434a3fd1d36435b17d226e6a4c59d8","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.575225Z","times_seen":19,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":167,"receive":51,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/images/logo5.jpg","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.875Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/images/logo5.jpg HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/jpeg\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-35d83a\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 6692:355767:EB39AE8:EE75992:695A0E90\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.845292,VS0,VE218\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 8c10b2e4c936ab887f5f51174a07f05418d4c77a\r\ncontent-length: 3528762\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3528762,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 3840x2160, components 3","md5":"9376423b7468195bfbe64cbd36e53358","sha1":"3955a9391e3ebd9a9058266463f36b840f656a5d","sha256":"1434691e9c1e944fb808ce34fc43e0226ec3b0823863e6d3c683602d63d47605","sha512":"b874232c20f8dc7a5cf7dd8194c9d3ea2e851fbe966843f4b7ec5e75a0eb77402ee27647f55cbea8dc11153c5e86e702affc85f36799b40812b3d774283169f3","ssdeep":"24576:Tf9njreFLYdXOiR43ToZmpKJ+RULAOF0QbhFrWX4QDnyRiEfB:Znjr+LeeeEK0R0NFFbhi4sCB","tlshash":"6c2533a00dd3328cdb6ad374a9521e1946b29633ccfc0c17ca299e9cce8d117ad59cb7","first_seen":"2025-08-19T17:28:46.667567Z","last_seen":"2026-01-04T06:54:40.578622Z","times_seen":4,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":306,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/3.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.920Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/3.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-81af\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 2190:3D0C51:EF214F2:F25DEC8:695A0E8B\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.870052,VS0,VE149\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 87fc62a80b828c21d3c91cb5f6eb86b051164be1\r\ncontent-length: 33199\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":33199,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 656 x 426, 8-bit/color RGBA, non-interlaced","md5":"ed11b4d977492322849e6d259d389201","sha1":"fed16ba42ae7e4d81cf679e7b677346b9fd76787","sha256":"0a9077753181141a93215cd841ffee3333de6729e42f248212cc4317bfa3cb6b","sha512":"9045eb8e004edf75da276baf763a310705cfbe2cb48b8bcc382e60f5f66069c4fa0533345432b08db658f5a4606abcae01dd96b2536350087b426c033afb44b3","ssdeep":"768:+hVF0YiTBSeKX8aLmWyPRzmxB7gr2hIKgtMrkztj:+hLJBeKsaJy8xB7gr2hVpAtj","tlshash":"cfe2d0bea02f06e1e95c987b4aaf2f25f79d14809d07e719d38439f01c134786b77166","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.580982Z","times_seen":19,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/9.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/9.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-2cdd\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 6688:355767:EB39AED:EE75996:695A0E8A\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.879933,VS0,VE150\r\nvary: Accept-Encoding\r\nx-fastly-request-id: ca772d3ee1e7b3c2691c3690e52e3643d9eb68d5\r\ncontent-length: 11485\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":11485,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 910 x 174, 8-bit/color RGBA, non-interlaced","md5":"e04abde0eeb77a921a7c9b0808934b3f","sha1":"bb72c4cbb5af853e26d28078647846b8f34f88fe","sha256":"e7b133071b852914a1fc89a4d0e1db55befd285a3a3a5a85938d24357c659678","sha512":"a867e53caa65d867deb50b15a040e37fcbb2da92de0f28eb370e8c0cd64f9fc61f862f48296fe5cc8165b6bd2e81f6748a9a8fedb257860a865157b4f28ad23f","ssdeep":"192:pW8ONJZ9WCdbMzVwO3TFozMgAasLpU6Ih9KQ1AsTXClnK5y6vldWvf+:p+Z9WWMzpqMgWvIvH/TMnK5yQWvW","tlshash":"dd32be8fa80455f2fc97ed7ca17ca95a792b3503642869211a16f3f6c4d5120b721b42","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.582414Z","times_seen":19,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-brands-400.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:09.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fortawesome/fontawesome-free@5/webfonts/fa-brands-400.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://x-junior.github.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 76736\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 5.15.4\r\nx-jsd-version-type: version\r\netag: W/\"12bc0-BhPH67pV7kfvMCwPd2YyRpL4mac\"\r\naccept-ranges: bytes\r\nage: 27372\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nx-served-by: cache-fra-eddf8230098-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76736,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 76736, version 331.-31196","md5":"ed311c7a0ade9a75bb3ebf5a7670f31d","sha1":"0613c7ebba55ee47ef302c0f7766324692f899a7","sha256":"8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef","sha512":"6048e7ab94134b7200f0d5ed7fb8d577298d4831a2b3a4e0e5baa5c67468f77d4409314d63d34436ba6ba038c86faf87e46dacf98d311a74291b976fa39a9674","ssdeep":"1536:yVIKSdIKO0RtQIJwjZKd4jkC8Voun7L5XpeVQ+OEmdEu:SItm0RtQpAdofaluV99u","tlshash":"4d730196c3ca08de6994937ce960efdd1b0d4dc7aa72c7525e63c9a451c8ec83834b78","first_seen":"2023-04-05T17:41:32Z","last_seen":"2026-04-12T09:58:04.06423Z","times_seen":19594,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":162,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/images/logo.png","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:09.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/images/logo.png HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-406c3\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 22B3:26F783:E8C57C3:EC012FA:695A0E90\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nage: 1\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: HIT\r\nx-cache-hits: 1\r\nx-timer: S1767509650.595531,VS0,VE1\r\nvary: Accept-Encoding\r\nx-fastly-request-id: a47033e3b2edc6497c399f3eaea23fb120f17941\r\ncontent-length: 263875\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":263875,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3116 x 3001, 8-bit/color RGBA, non-interlaced","md5":"062dd4eec56e0c80344aaa72b292cd2d","sha1":"b0630e50ba32bb4c71af28182b3cc9667d328aa8","sha256":"8d0f6b7ce3272502074cae684ce7d6a05cfa3e63835934947d788a979af786c9","sha512":"49ebebf6e93fde6c6eaffcab37186d4a5f7395554fefc5c7cf23c12933114341e59c235e0bc396f59fc17de52b007da416112f91e05ef06422332b078905edbc","ssdeep":"3072:Y8mVf2YOOuyveAGRyniMxGMZB8Q5FOeevbj2TO6BACtkD5SLrjDm2l8Ut6Eb2t+u:kmORFGRyTGMZ3R7AhGm2lx2tLVR","tlshash":"5444f1bb8e43dcd9c4b558b8c8bd6ee8313902b8434a3fd1d36435b17d226e6a4c59d8","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.575225Z","times_seen":19,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/25.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.890Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/25.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-fbc4\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: B6D2:3D0C51:EF214F2:F25DEC1:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.850281,VS0,VE132\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 0f370b552a9150b0e097054906355bd92363e366\r\ncontent-length: 64452\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":64452,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1209 x 661, 8-bit/color RGBA, non-interlaced","md5":"b13c4b30a2a2c2c4715e1ae4206fc31b","sha1":"3ce47c5906035ddbbee832c43c3fb37ba1e21611","sha256":"651b3815c59b03bf5957d9e8df5f81a4549248135fa210c652d9670be15f147a","sha512":"8eea6b2ab4e4c65ec0bfd11058147ba28c39be5090f69ebd5b2275f1cc88ca1843c2df33f8154f5f80b38361ea2856119ecc2dd66aafca0b286df2ea242c2b4f","ssdeep":"1536:A0lUYNW4ZDLP5BArnGJZga52EBGHf1s277DU:3lUoZDLPEnGJKREqXU","tlshash":"3853022e5a55d815c8dc46b214d67b7be33fee41333c6f41a318de8cd51b843a60a93a","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.585742Z","times_seen":19,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/37.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/37.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-290e\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: C9EC:32E205:F1E673C:F519ECE:695A0E90\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.855299,VS0,VE143\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 5dacb6ef3820cfe713ee8df1e26e56707118db8d\r\ncontent-length: 10510\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":10510,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 924 x 113, 8-bit/color RGBA, non-interlaced","md5":"a480537687b4534f1099a960f1838c4a","sha1":"03a00979eee938193836f82ba9f17a21765cb667","sha256":"e94897b87b22e5e82b56790aae90b63ee32e4d39d305825f009902143eb94d99","sha512":"e5b1f4bb39a50ca04639d4ce5699e0bfb149809fc95c4f4d9fbb84278c15ef9525e1ef3595453e1549e82c64e616bc012327b4ce8fbdd0aae564de8bacbd195a","ssdeep":"192:c9UUhtVwdJK3O7nCO39pTxCvdKtDz/8s7LPTaTOudSv8LTXWBPc8:cpE7CO39p3l1LPILs5","tlshash":"4122af82e8f75f7cc38b453246486bd22e1603ad50d15349f7b87427b8771b6e78ac4a","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.587265Z","times_seen":19,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":168,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/40.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/40.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-d537\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: FB16:2FB824:EDA9A70:F0E6625:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.863037,VS0,VE145\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 9db668dbba70c7b740c7330d5b4e5518e03d16ee\r\ncontent-length: 54583\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54583,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1227 x 666, 8-bit/color RGBA, non-interlaced","md5":"8eb17664349ac1175fe299c51ba6ac8e","sha1":"5a18f70f603f4f76f0d58a0ce1a73471de4be74d","sha256":"3f23b6a9f6e1ad0f1233c2b7d61d29e6bc296d387173adef1ac26dde460cc966","sha512":"52e64238c7b85dd47142a59fcd9057813ac2386f7170432613de7b9e0c833b9e1f236433bd4dd313d46a01ef38c14895d7539158eca0be8adf2794d81362e8dd","ssdeep":"1536:q5F6/V5FVDTxww8oKfpRaXbq7C/ylZof/vbH5:q76/V5PT+wpKXaXiOmMr5","tlshash":"3c33d0469b42db54cf4a17b13ff04a180f60da2de988c62305eaf55ed99f1e218c4ba7","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.588312Z","times_seen":19,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/42.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/42.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-1d1ab\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 22AF:35D5BF:EB7E6E0:EEBAE0B:695A0E87\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.864681,VS0,VE219\r\nvary: Accept-Encoding\r\nx-fastly-request-id: ed605cbd303e2f6955e50474e568ec4753bad8f4\r\ncontent-length: 119211\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":119211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1275 x 632, 8-bit/color RGBA, non-interlaced","md5":"08c46361f6da7065ddf98ea2c6374e2b","sha1":"1c16ab5ada3c2f40d9320c4dadc308956e3f51d9","sha256":"668a2c5255f88dc1c3695c4acdaa568cc7979db8636352f69df9a7d4e03456a1","sha512":"f8079df10147bcabb77880c00aa4b38f27222d2f2c9ac9fddee7ac7e52bafef659b00775b5ad10c6f2d7e896ddbad3dd7b01c2d7f82c7475f539ee211b5fb19a","ssdeep":"1536:kncCjt2XsNv8egxWzcJZAjjskks5+MDkV5n5G71GZZWG1r+7BchrJd1Ml8ivJWOo:kV2c7EZEjbUAkVK71GKGIKdRivJcBdMo","tlshash":"8fc302b9a3d584d4e9592b7cfc099f0b6a3dc3ebb5831f16cb2d64d25d8cc882a611c1","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.591225Z","times_seen":19,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":249,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/css/main.css","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.862Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/css/main.css HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: text/css; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:26 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"62b6d2a6-10c2c\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: C862:83D7F:EE536C8:F1875E5:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.841884,VS0,VE133\r\nvary: Accept-Encoding\r\nx-fastly-request-id: cd833e793c002964cab3ee60aa40279096df19f7\r\ncontent-length: 13511\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":68652,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65146)","md5":"0019f423ee341378a5ff4e3a2e5cfd37","sha1":"e6a6d6052a636c34adc49a38548e7c5085f6a416","sha256":"69f9eb7484e3b7b49112c2e82f6bcb47232034e9abff42ed0a342c2c78e40020","sha512":"8e75cba1609f22d71070be847a533cedd0ca596107bce63aa4c96607719d366b2d5da8ebcf62168c64abd41f18de21bfc3e2fc51495c0dffa01d17d331a709ab","ssdeep":"1536:4WfgEJQAnGGwFk+znsE3inW4P4I7Y2XGGMimP:pIabWD","tlshash":"b263f721a754155ee237c12ba5c3fb9831388551e26747fbf92ba610cbcb29a1373b09","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.592131Z","times_seen":19,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/21.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/21.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-3b96\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 0B62:3D391:EBB2502:EEEE9AC:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.847647,VS0,VE222\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 3d148b0043b9294443b0e69da03dd83cd675f902\r\ncontent-length: 15254\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":15254,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 694 x 217, 8-bit/color RGBA, non-interlaced","md5":"63645695b71de19f10ff319eff7c62a1","sha1":"aad41f139ae6d441e6a019144fe928c7fa603fc2","sha256":"9a0f16e95a27642fbde6f8391b96e4460e6d24d0dfa1b3ed51583929e219bd24","sha512":"8704ab3be38be8994b1a2b40771efae4a4dbcd1577575fbf608f7f2bc02411475c4ccaef92558a5be891213ce5f5149a894d67bf8271512251dacec83b720ad2","ssdeep":"384:R854gGW9Ow53H0ocB2OK98Fe5o9mbhYWz2CdslBm:C59GwEochK98vSYYdGBm","tlshash":"1b62cf93a98351fcec36d574061b0cae19b198ae792cf06ea56fa586ed5f864480230f","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.592997Z","times_seen":19,"resource_available":false,"data":null}},"time_used":260,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":258,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/4.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.922Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/4.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-9639\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 96F5:33CCC:F23888C:F56B9F4:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.871282,VS0,VE247\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 55f515f7ae59fcd711d722b64dac2f6f9eaa463c\r\ncontent-length: 38457\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":38457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1309 x 396, 8-bit/color RGBA, non-interlaced","md5":"12d89e1b0b1ed6ef3d1320df9e5cfe5a","sha1":"aa1423fd41b5e3875679f85d9f7d4e8054308d31","sha256":"3e2527da3aca42443f06ab6d205172fd22d857e88f63fd0348f2ea479e70ffa0","sha512":"247fae8fb91a14a9006b7a1ef087182adecaf482f9e7f5ee53b159d68d0c3f4d7f746c95feb0d0a0bbe591cc0918b4b870d10cd7ab110a3ae48fbb0c7d20e978","ssdeep":"768:mB6ST88JkSnTnJbU0YvgZNPp5Nl0oVkc2BlHIt+B2N8LTM3wD7XYmuRRZNfyR:U6ST/6gjJbjYvg3NaVI8E3wDLYmuR/N0","tlshash":"e603e1dccd47cdf5ea12827df19e0d5a3fa070638459220f53a4d5a8727668be21f42e","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.594953Z","times_seen":19,"resource_available":false,"data":null}},"time_used":262,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":260,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/2.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.924Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/2.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-aa36\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: AE9B:35D5BF:EB7E6E7:EEBAE0D:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.878262,VS0,VE152\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 561887dee84e55f9e431364bc9b6cbe7fd93ec86\r\ncontent-length: 43574\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":43574,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1372 x 335, 8-bit/color RGBA, non-interlaced","md5":"2f6f9b8637d50452ce59e9c6c003a903","sha1":"4bc8a460cfe91076a7f296cfa601f9d5ebfb669c","sha256":"6f78718222f1973732f7b3da40fed7d5c610f38771367bfc508101f0852802fe","sha512":"76609402bb4a7f112e44d78fda2848bfd81a3c6510894683fb2a694ad5118835f60a3d5e752bb88542f729facc0bce8f0ba202d24c939019166f34f4f3de1c89","ssdeep":"768:l7PF3b5GIDl5rgArZdx9S7Z4849cb3qKqTx7dYqH/igawqQ/MyWAdKS2riIF6:xPGk5rX2+F3FdYC/7bq+MnAd66","tlshash":"7613e116ef37ebd0ac7fbc4769769439888489828121bc7071bd291ed72234f86d6bc1","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.595817Z","times_seen":19,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/15.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/15.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-bf1b\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 10B5:2FB824:EDA9A92:F0E6640:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.904090,VS0,VE276\r\nvary: Accept-Encoding\r\nx-fastly-request-id: d1ec537bd016016e82f831ffdf8b0405637b9afc\r\ncontent-length: 48923\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":48923,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 679 x 433, 8-bit/color RGBA, non-interlaced","md5":"8832333fc25131da4834425d54832b03","sha1":"02c6b85cfe50b4bb91f7b28f281d31b1c5e2bbeb","sha256":"3a6d81bee572c16139a0a5c512a99e1eb5ce39f4222a32fd62b533cf54669048","sha512":"89d54c3c7f71c3147a9fcb859100079471a6fc4f7c28ce189f3eabe9cc6416470e23b9beaf6f62934e386793e8a0c42791afc494fb9e41deb27a530b600798e2","ssdeep":"768:riGWsdsT8mfEijGluoUsBZbc9UKR35A3hIKDfQKQJES/1HlFIOxeERUeM:rvWCvmfDGluoly9UWQhJDoKQJF1HlFI5","tlshash":"e123f162b9baf91d6b631471c3e56f39f81f211392f2339c8f5c1a9c242ae38917514a","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.596583Z","times_seen":19,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":290,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-regular-400.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:09.201Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fortawesome/fontawesome-free@5/webfonts/fa-regular-400.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://x-junior.github.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 13224\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 5.15.4\r\nx-jsd-version-type: version\r\netag: W/\"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc\"\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nage: 23100\r\nx-served-by: cache-fra-etou8220023-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13224,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196","md5":"b91d376b8d7646d671cd820950d5f7f1","sha1":"13517529affa39e2585c591acae6dc336b6aa917","sha256":"e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca","sha512":"80d50b0cf7d064332a0c8e7d9f2e294f1abed15c47644cb04b92b785af4601b683cfd3c668c0ef31dee342840063e0c395ae453650184971ba984ec8ecd3223a","ssdeep":"384:eGBfQ1X4Rpcob1t2NCu+FfLckX1edFTYdpPKW0:eMIis6cCuZnTYLyW0","tlshash":"0d52c058c9438097d01fe137fe4fe8b95c5d518aba94d3c18628d7792cb4342ace31b2","first_seen":"2023-04-05T08:50:32Z","last_seen":"2026-04-12T09:33:12.323873Z","times_seen":16329,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":10,"dns":0,"connect":0,"send":0,"wait":28,"receive":148,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/20.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.879Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/20.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-33ac\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 96D8:26F783:E8C57C3:EC012FC:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.846865,VS0,VE133\r\nvary: Accept-Encoding\r\nx-fastly-request-id: abbb942289df2bc0384a22faa1000b73396bc65a\r\ncontent-length: 13228\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":13228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 642 x 214, 8-bit/color RGBA, non-interlaced","md5":"61dd32d714e332ee742719b654c4fd1d","sha1":"f3495b158a58a65bf1dc7f566486ad4496e76404","sha256":"b4d3fdc3e2a22ea808ab5f151d5f746d46f80dfc7f1f93a95d3e43654809d7f0","sha512":"534581a52493f927fb7741ff66002212aaaaa5979bd55b9ae0647ddc210d0ad5d87939c3e7c95ef2a35964981f5c31621334bcc75c21a9a75df9388971880d04","ssdeep":"192:+ke9LDcX0UrWSVvXW3c2iTX1ZBfKpqDVGyj4FUtWBV2W1XDSs4oAQZWUFnwlm:+VPcv+S7EkpGy+FBV2W1XttZWUym","tlshash":"b052bff215b0c7de8354d39c61bf4b1a31d125b853972f6e9c141685f08ba2e273299c","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.598106Z","times_seen":19,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/35.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/35.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-1d12b\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 22B0:33D7C6:E8199A9:EB569BB:695A0E90\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.854810,VS0,VE135\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 8c8d3d387a52238fd13c2f17ce1aa1724a7dca03\r\ncontent-length: 119083\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":119083,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1233 x 639, 8-bit/color RGBA, non-interlaced","md5":"939922013fd5d70d9441e79f5fcb1d41","sha1":"ed2041a3eb949f38b8a61308921ff8ebec787210","sha256":"6b165e57a96accd6eb0e8b5249a51c92ca3eddce534766a9fc3c46552a1ff78a","sha512":"220827ecac58a210416d42e26846f0ca982ba67fd5b8507223a809b6298c25a26620612b57b1e4190c262b61451756aab4196811702de176aea3274154c782cb","ssdeep":"3072:EUpjPvrEq/+PefAVo/kCkIDWgr/jfqCh/3y:bBPvrEPXVo/kCpDWgr/jhvy","tlshash":"15c3029ee1f08065ddc5917789450d856bb90ac34523673ea912702acee21bc27bc6ef","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.599972Z","times_seen":19,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":164,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/14.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.982Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/14.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-c795\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 4732:2056B:EBEB3EC:EF1EDEE:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.901952,VS0,VE265\r\nvary: Accept-Encoding\r\nx-fastly-request-id: f35e5e658ca39d232062f78768745736b5610e1f\r\ncontent-length: 51093\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":51093,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 842 x 433, 8-bit/color RGBA, non-interlaced","md5":"0d341ae2322e6d59b275868229d2f30f","sha1":"9e1ed5837a588b423d28fd4d29566c36364f8d40","sha256":"d6fdddcc228c96ece66ce42df71b9ab3531505a8697f04ac7add275fb9c834d0","sha512":"b36f05755d6f8a2449467eb33dc3144d6a85ca53d34c6884c8214277ea728cdbe2e2ad5fd8d187749eb38956ac64590ebf9541a755a81c267f3a8012c3ea2c8e","ssdeep":"1536:4YakU4seH0T7edJkTUItJyL9xV1Xjg9A+b/G3VB9+:LakzL0T6dJkHPyLnTzg95G3d+","tlshash":"5c33f107619ba463c9e56d711ad44bad00798b3b46138693fb70f03b5cac22c89fadc7","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.602431Z","times_seen":19,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr-store.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/js/lunr/lunr-store.js HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:26 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"62b6d2a6-20303\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 731E:2056B:EBEB3E3:EF1EDDE:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.908756,VS0,VE143\r\nvary: Accept-Encoding\r\nx-fastly-request-id: a1eb19d3058861167b8a408dfd2cd7aeff8e4bb4\r\ncontent-length: 40049\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":131843,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (48089)","md5":"5f47bcfa2413b687078cfc4d489b8956","sha1":"2fee449f8f4b0634b814f3aba45085711697ba52","sha256":"0bbb44285f1bd87ca0e3a43947a41ba0e633d3846e416eace9c0d271e000d78c","sha512":"2bc3e52747fd2149dd8b3d1df360bbe3ac54f0600c900847c3e515487a7f92ea0f325b80044232a51b4abca19b7aa3b8520a7ab767549c44949d58d0ce5c9ba3","ssdeep":"3072:y6lYyRJr7NmqgaIMMv2wZk+QxhdR+18Hf8KQy6QKtCku:yUx7NcaJMv2wZk+QxhdRxXnFPku","tlshash":"00d33a1a3f0383b57643e16ba5ade1e9971c95acfba13524389ce74c23d216463f2bc4","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.603239Z","times_seen":19,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":169,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","trigger":"x-junior.github.io/assets/js/lunr/lunr-store.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"iam-py-test","date":"2022-11-19","description":"Detect files disabling or modifying Windows Defender, Windows Firewall, or Microsoft Smartscreen","false_positives":"Files modifying Defender for legitimate purposes, files containing registry keys related to Defender (i.e. diagnostic tools)","rule":"Disable_Defender","yarahub_author_twitter":"@iam_py_test","yarahub_license":"CC0 1.0","yarahub_reference_md5":"799a7f1507e5e7328081a038987e9a6f","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"1fcd3702-cf5b-47b4-919d-6372c5412151"}},{"sensor_name":"infosec_yara","sensor_type":"yara","title":"YARAhub by abuse.ch","description":"YARAhub by abuse.ch","scan_date":"2026-01-04","alert":"Detects file containing Telegram Bot API","trigger":"x-junior.github.io/assets/js/lunr/lunr-store.js","verdict":"malware","severity":"medium","comment":"","link":"https://yaraify.abuse.ch/yarahub/","meta":{"author":"rectifyq","date":"2024-09-07","description":"Detects file containing Telegram Bot API","rule":"telegram_bot_api","yarahub_author_twitter":"@_rectifyq","yarahub_license":"CC0 1.0","yarahub_reference_md5":"9DA48D34DC999B4E05E0C6716A3B3B83","yarahub_rule_matching_tlp":"TLP:WHITE","yarahub_rule_sharing_tlp":"TLP:WHITE","yarahub_uuid":"58c9e4fe-d1e9-46ed-913c-dba943ac16d6"}}],"urlquery":[{"sensor_name":"urlquery","alert":"Suspicious - Suspicious Javascript code","verdict":"suspicious","severity":"medium","comment":"","tags":["suspicious"],"meta":null}]}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/34.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/34.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-8053\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 506B:35D5BF:EB7E6E0:EEBAE07:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.846104,VS0,VE164\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 8e82d9f27d24a3096e2fb5f1a5a24f7540fe8286\r\ncontent-length: 32851\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":32851,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 645 x 490, 8-bit/color RGBA, non-interlaced","md5":"41fc33d8e8d859a7822445c7a7be710f","sha1":"1d302d1b01f928fa31c6e42a6fc8f6114be7d0de","sha256":"ec04e08e15c6f48caaf38bb0363c5a2f6a234e720b5e6c1543e0b3b9ef15eb5a","sha512":"7462b4fe2106ebcaa682b75ec3671064a43c0e0ea7b51f4e1f40e8e35403d18a04e3c551e4fb0cd78b2b4d3a0b522a6a822d2599b9a0b1ae2d16e99ba62f5e4d","ssdeep":"768:sD21Zj5KfVQap9Ng/RStyPgcZNLJI8GgB20xnrB8haq/wB+p:Y2/M/hcTLGKB2MnrB85/9","tlshash":"f9e2cf5b9dbf8e4adc319a3b0d5b0f30163306e4682c4766dfe91155ceb184e87a90ee","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.603982Z","times_seen":19,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/36.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/36.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-153e6\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: F0C6:3D0C51:EF214F2:F25DEC2:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.854792,VS0,VE156\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 7cdd04235498ad474bc63819fb06ce6e0f5eaedd\r\ncontent-length: 87014\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":87014,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1228 x 642, 8-bit/color RGBA, non-interlaced","md5":"e32078364f93c2a374efb83649ee7ae2","sha1":"b6a10cb80d047a42f04e8066790f34daaa2dcf33","sha256":"bc046ce02d23f260392b5db4c0b07a1f5247b69725ac7c5c658b719072f42961","sha512":"727b75a49fa97d8b7d69abe113d7e1a1c3f2044bdc5924852cd91150cc5c75d6d1eb0efb754bb685602ba24cb547979a2e78305e0f90c79480e9a55d59e1f719","ssdeep":"1536:58BUJI2PkL+udeop8L9syrKIG7yTTkWVItaZE5nPAPS0Pml0/JdtQon:5UUFMVJpaJKIdTkW2zaST07tZ","tlshash":"748302aa8a7bed70ceff81e546d140eef97094ce54a056352e3d427fc24f2186674c49","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.605704Z","times_seen":19,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":183,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/38.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.905Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/38.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-76f3\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 218C:AE7B0:ED320A0:F06E9E2:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.857780,VS0,VE128\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 5f4ad750c7feb8a1b3f3783932f55637af51ea80\r\ncontent-length: 30451\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":30451,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1039 x 370, 8-bit/color RGBA, non-interlaced","md5":"06c76f0ec7c89dce3a3fccd67cb1c880","sha1":"0c690256b13eb7a6577a7098c6ca2909dc0e14e3","sha256":"ccf5f2ef592d30923ce6359d3d2fb4e3caa523f25b5322349c22b41ddab0acdf","sha512":"7f2a5fd286a2f434be59540062dd2a133a3131d47a0cfdf631de5d21e7f3d8237d73d7349dd66e816274ca83e945844c8cc534c14d961283e268384cc8d5e54f","ssdeep":"768:6fHVxU8rznrek3n3VAHcThpvdIb5LtGv4JDaaeaCFY4:kHIYrekHDThpvsRtGAJeoCFV","tlshash":"a1d2d1ead20798a9daf9097cce6bdf00a5b0da5baeccb78b52331d01455f2802951b17","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.606468Z","times_seen":19,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/33.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/33.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-be70\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 98E3:8FD0D:EB7CCCE:EEB979D:695A0E90\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.862200,VS0,VE142\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 5d4eaac735f751d1c34d290c0f0ed5427346f26e\r\ncontent-length: 48752\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":48752,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1234 x 482, 8-bit/color RGBA, non-interlaced","md5":"321e90c4563c0caa9d1edb6c952e9697","sha1":"7777a9811510768d6ca44fc05117b116f9f6945e","sha256":"877aece1bb82f8672b70862df85eb0615a3ada20a66259832f947adcce145073","sha512":"7a3c3ce4d43336f0e9b3a159a4c632dc77febd161073e62bc135214c34a7ae69e3c27506f7dd9ae48790ddae7995713890b6a68ccc5228763ea00b0e0b22d336","ssdeep":"768:a0MghkqOj+vQ/xi0qqODi7dMsVYzFlJMOS5mN2GqOL7xSzeId68z/gguR0NNlJwE:a3LqOyY3pOeOsahlJMOC+2nOBSzeX0/N","tlshash":"0b23f1ae63b5058ecda01b34fbfb1f9f2e9b4c4960264057a1f16b4608ce21475a6d0b","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.607182Z","times_seen":19,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/19.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.933Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/19.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-5ce7\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 0F49:32E205:F1E6744:F519ED7:695A0E88\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.894607,VS0,VE155\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 1afa352fd9b53bb6986f73d8762ef465621f70f2\r\ncontent-length: 23783\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":23783,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 880 x 392, 8-bit/color RGBA, non-interlaced","md5":"c313ab5d71b324f6843e5d843cd96d27","sha1":"fa6575c09892312ca5f84c8236b64bd5ff32d0ed","sha256":"9168039668045173a65e92ff320361f48aca803a78005c115a9063385c35ab1f","sha512":"37dff5c485b3eebd72c38b7bb43a96f388b095430863ea54c388dda68e9d76b346cc25ec577b7cdc8e7f31ea947595cbe85d914960de120eafee21d89d55f6e9","ssdeep":"384:vo54HlXHwIzd+P3ps3Zq1QaTL1PfpjvYi5onbrkU7HRKKWshVAJ7+FCWA1G2erR+:voSHl3Zd+S3Z8QaTLj7QnkCHRT9zAJ7x","tlshash":"cab2bf642cad7b79db4557f23da35c2e7463088186119ec7d1a9bc8caf43ea7680ec40","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.60793Z","times_seen":19,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/23.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/23.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-4418\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 8302:A2E6E:F18C979:F4C8247:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.849640,VS0,VE147\r\nvary: Accept-Encoding\r\nx-fastly-request-id: f504ee3040cbd36759a1fd308ed108b1d2918664\r\ncontent-length: 17432\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17432,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 782 x 200, 8-bit/color RGBA, non-interlaced","md5":"c91c265209ed581e4127620af8ab7ecb","sha1":"adfb0f82791226eefff32767daee003f01db100b","sha256":"24379d0f1f802c6682d67426bc4b5d77096d34427a0f0d7dc6d56eeabbef64fc","sha512":"24e1dbb67f2ee7311bc0b25a2a99ccfb24f117cbb975ff2edc74c761e08d4481c78a4a6ab9731904ccb4aab7dda9dc8da9709ae0bc8ed50d6fd33637cf480e80","ssdeep":"384:jwXSjwjb/Y011+3gZOnPl8noEZkUPkgfWlswH0YjBV2:DjMbd1+3gZOnRWkvgfWlsY0YjD2","tlshash":"4772d0e4be393991d6cf677a9ca7a7c0c3b0534d128c395da02820652b874caa1c3e3d","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.624144Z","times_seen":19,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/41.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/41.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-9f0d\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 96C9:322D44:ED4EA4E:F08BB10:695A0E8B\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.863826,VS0,VE160\r\nvary: Accept-Encoding\r\nx-fastly-request-id: f8aab2059389746f8a2cc389d30b540e580fd5a7\r\ncontent-length: 40717\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":40717,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 945 x 591, 8-bit/color RGBA, non-interlaced","md5":"6c7356dd7a977a0f51986cb937282a77","sha1":"ad6372a7ff0c10aa162fa673e59fc6a256ea78cd","sha256":"88936e2ea35550a2c53bc8034807542c4e3d1e9c743549aff6f82aecac39fd6e","sha512":"a3324a529f1f89583a7d9c83f83d4e3ca0e0eefbbbc9c91279958c2449d1612389ff02e325107124b76d507c6f3be411cf238770f663787ceccb5f589aa4bbe2","ssdeep":"768:wpsdGqL1tJDtQfL312cdH7OCtkvWyjkNYRYmLQ2wo8NM9x:hG2t7eLvHdtkOyASRTk5o8N6","tlshash":"3903ae2ddc7cf896f72a6336f23a8f50a62484dc96948c315b3d6da92f87cd81913740","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.626119Z","times_seen":19,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/45.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.916Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/45.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-9551\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: FC93:284718:F2C373A:F6001BD:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.865971,VS0,VE181\r\nvary: Accept-Encoding\r\nx-fastly-request-id: f8c450d0e8cdbe5a7ae25bc3cc46c5fe88a1a9c1\r\ncontent-length: 38225\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":38225,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 437 x 607, 8-bit/color RGBA, non-interlaced","md5":"87799423e6782e8575dc7f2a0a9f9e69","sha1":"33fb69976e2834b028905c3e8dd99b17809f8829","sha256":"8f988ee721651d64a75b29391d369ca8f090154c63e78b2e0b7909adc56191cd","sha512":"ba77017fd64342b389aa6cebbaf7afb6fd0408af1af3c3ed440cfac570860901d51fa4a9aa2325970f06b26f8050a0ba3e20bf617f70e886ecaccbee06a564c9","ssdeep":"768:HRhVZugdX1+SRMs3SUub6VkRcXjlWEosDHfvQeqXyQJ:HHuy+Sh3SdGVyEXosr3oXyK","tlshash":"e903f167dcd6596c503fa60c929f97b9d7f788bb8bfea979492380037108ba30634508","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.627858Z","times_seen":19,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/1.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.923Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/1.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-8c4f\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 1158:322D44:ED4EA50:F08BB13:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.876063,VS0,VE157\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 1894acae522daee373384c87820647a9300d66b9\r\ncontent-length: 35919\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":35919,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 592 x 407, 8-bit/color RGBA, non-interlaced","md5":"a0b4870b3866628085f5f8c8914d0913","sha1":"7fa5ad2dd882d767bf98590f0bb8ea6acc7c3ea1","sha256":"d4223d5de24d6dd66c7992285c02f8a718006240bbb8e84965e0b1876f9e5f7e","sha512":"3c915d0e87a7fb17c96a3ba527f7dcfd98dfe3dcaec1b34947d31eb056897b6f97c1722b00acf08afa209bd0e60b30486416865c61bc09741e47b7e6fcd5f621","ssdeep":"768:K5vcYJFuydOgOvuOiuAR8IJAdT9dxcXLPV2Vc6Rhf//Ajj8W8PtVLW7:6cWuykviuARJAdh0X7VUb//AgVVLW7","tlshash":"e3f2e063623aeb22f68673b577f4904364e3013581d71f1f1e6b9a680e8df947580e01","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.629387Z","times_seen":19,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":193,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/8.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/8.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-4503\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: C9E9:2368DD:EEEEAAE:F22DCF7:695A0E90\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.888583,VS0,VE128\r\nvary: Accept-Encoding\r\nx-fastly-request-id: fece8007e2e96fd5195263a06824f44a1f1f0e40\r\ncontent-length: 17667\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":17667,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1287 x 118, 8-bit/color RGBA, non-interlaced","md5":"9d6896d1e5524900f624212a9b7770d2","sha1":"e3db0755f8b2feb9c88a97cccdc68b1fd84fff5b","sha256":"96c2b54d8570a118531b2bebe43e2fa56a4d0c3fe0cbd7e6875b2f22ef8eac77","sha512":"17cf32a9b28fe677c7ee281dd15550481d7979d26a32cfa233fc684f272ec0ef404598fdc97fd146a167bc7b54fd652d6916b96cd95e646f98d2e1bb1a65c744","ssdeep":"384:z//XPP3yvg0gDHa2KTWmzsr+hC34EAog4fOyHUSWmv6NjP:TXPPivg56nWSkIEyQlXaP","tlshash":"fd82cfacfdc4d1dae11a2177cf5b5a79df30946ed098369206b26846f82e0e8012f5bd","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.630778Z","times_seen":19,"resource_available":false,"data":null}},"time_used":165,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr.min.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/js/lunr/lunr.min.js HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"62b6d2a1-72ba\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 95E2:A2E6E:F18C989:F4C8256:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.905690,VS0,VE223\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 50815bfe84bae4bcf6652a806ac58f5392a38bdf\r\ncontent-length: 8349\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":29370,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (29370), with no line terminators","md5":"7eac9eb2bea17aeda59860eea734d786","sha1":"978fc5e335b652a705ecf4ec64785801add7fdcb","sha256":"b92711806ac89c3d959cf3698e6950b41d974552dccf2c99beb4e4622f9edf55","sha512":"6f8065b1f1d8f99c8356c98d684505e6637e4b26941fe4bf6f36cbaf6eb47775ed3a842e7663073e1fa297ea0e2972a3b5f4d1e1fc03217ab183ed843a1617d4","ssdeep":"768:o3MrkVmD1BFhAb3DyNGSwl7k6+tStMZi4qt+S+f0EopAeKGhHPrOK8gaRG/P6Xh5:o3MrkVmDhhAWNGSwl7k6+tStUi4qd+fz","tlshash":"d9d2758c229554954792209b6c7f0516b33b0919ac4ca1ecfa15ccdb3da8f0df63bbb9","first_seen":"2023-03-11T22:53:02Z","last_seen":"2026-04-03T15:10:34.786191Z","times_seen":32,"resource_available":true,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/lunr/lunr-en.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/js/lunr/lunr-en.js HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:26 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"62b6d2a6-9bd\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: B6E4:3D0C51:EF214F5:F25DECD:695A0E8B\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.909385,VS0,VE135\r\nvary: Accept-Encoding\r\nx-fastly-request-id: c2f9463321fc029fb4372475bd9810cf030cf572\r\ncontent-length: 818\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":2493,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text","md5":"8c1c664d8ed573e484258337e048286a","sha1":"42973239b5f1445d65f373d2c5862817f5839b5b","sha256":"455dd8504356827ccf085274d4fd54ae29b0d906e993b3ecd28a8a9b290cd7f5","sha512":"f640d7ce4574e4d82a3b1546fcc8bd4b7d68773c93d8d3877c9eb9515d5594c2c325a4added4150180e0a07155c6b154460a546c0db7f8ec36ff603836c1378e","ssdeep":"","tlshash":"e151dcb65ceb0e322a53b0b67d2f141a74849007dc4e8d30fedc95aeaf86d2113f6169","first_seen":"2023-03-11T22:53:02Z","last_seen":"2026-04-08T21:03:20.547663Z","times_seen":73,"resource_available":true,"data":null}},"time_used":163,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":163,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-solid-900.woff2","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:09.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fortawesome/fontawesome-free@5/webfonts/fa-solid-900.woff2 HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://x-junior.github.io\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 78268\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: font/woff2\r\nx-jsd-version: 5.15.4\r\nx-jsd-version-type: version\r\netag: W/\"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo\"\r\naccept-ranges: bytes\r\nage: 18219\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nx-served-by: cache-fra-etou8220156-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78268,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196","md5":"d824df7eb2e268626a2dd9a6a741ac4e","sha1":"0ccb2c814a7e4ca12c4778821633809cb0361eaa","sha256":"9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537","sha512":"a84e13f216ea95146af285af98aef0b464cd962440e161a1c602ca2178a179e04ae4ed2a2f98d5b2eb165480ec6920e0e88de77d5f1eb7f11ed772b092daf865","ssdeep":"1536:AOhrLFyv3lzKb1hkG8l0o4HXWj2uwgcdSJSls7ZahNpUFl8a/KdDe8Y7fN5O:AOhfMv3ILc0Dm3wA4LpKKdO7a","tlshash":"c97312aba6cd77ac88dd14565f0043533afdfb35ab27864349eca2e01a300677b5712b","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-12T09:28:30.601286Z","times_seen":40751,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":13,"dns":2,"connect":0,"send":0,"wait":15,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/44.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.893Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/44.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-1175b\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 4722:2056B:EBEB3DB:EF1EDD9:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.851257,VS0,VE200\r\nvary: Accept-Encoding\r\nx-fastly-request-id: b48a0fb70723e71acdaa71c4674bee513a3549b2\r\ncontent-length: 71515\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":71515,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1246 x 685, 8-bit/color RGBA, non-interlaced","md5":"0b0eecff5a4068c79f5d821e03562c6b","sha1":"87f7f4b25bf05c5392d4eebb289b45949c1a605b","sha256":"de455156dc1c66b0e10b9aabdec23f57f25bab834201eafd52984661f6c29277","sha512":"61fad8f66c4bebe98ea7358a20260ee211d6ef16e3070203390c3d41515989e938c2952b949bb550de38f03157c19d92ef75897338400d7e956e46dc6ed3b5c1","ssdeep":"1536:4un13M+TM6TDd9eC49469jAvhg3XtST+83uIz8eMe5lld:4u1c+jvn6mC3XAC83pztNZd","tlshash":"0163f11ea017d004eecf1e355e828e4fbf4651685036abb63e393e3dec0b66745b458a","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.63441Z","times_seen":19,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/46.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/46.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-e1ec\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 96F1:335AB4:F13B0A6:F477940:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.867083,VS0,VE278\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 08b9c54e3632564968b9115e59b4157e39ffd9a7\r\ncontent-length: 57836\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]}],"data":{"size":57836,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 450 x 660, 8-bit/color RGBA, non-interlaced","md5":"b1c0965b3ab7073de6f332daab0ad556","sha1":"7f60c2158c4fbb1c32f061235df56ef3cfd3fbb5","sha256":"2255ba1f95b5ce58d588a7bf22b212810f4dbfeab930eaa60d166a8a95245ef0","sha512":"86392fc718d1092450e97ea5d015e59b186e0d985c587add286ed9c65e736309c7ce3c21c9215d0f00aa042ed1f3228a8b85edf9f02c3640015c1fa0562caf07","ssdeep":"1536:Yv/vbWGlPjw4vF9nwRqqBRgeG/Fft16d5q:KPlRwRqqgeeFftgE","tlshash":"4043f16d584015bec57a40cc2f592a9410a3343ad4ee7efda3fadf259052b7d2d30398","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.635102Z","times_seen":19,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":295,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/6.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/6.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-e2df\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: CDEB:83D7F:EE536D6:F1875F4:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.885864,VS0,VE257\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 95d47a42a02e0a8b8f5489f3b1b31ff5e2e52fd5\r\ncontent-length: 58079\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":58079,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1094 x 427, 8-bit/color RGBA, non-interlaced","md5":"d2d3a1ebb314f08cb3cb9983ff53bbb8","sha1":"7501eeaf0ea94836799cd9ecd1b6da8141a3569c","sha256":"75fdb285cd59ae2880289fbbcaba6be3b23ef315f2c798901235eb2fed856ed2","sha512":"f4c18ae0b51c2cbcdac754a5e77709d5704842054b72d2aae18b3c39070ed9d714fbe4fe6882d7b04619c5381b74e4291c6fc96fa3329c19371e4dbbdff02377","ssdeep":"1536:qXQ9rpLETTjUPQ40/UhuD5ysbC/LkmMFzCb/flcpm67NaBrn2zgHsF:SSVLITgPf0/UC5y6C/Qz2b3lJ67NaB+Z","tlshash":"9a43f1a07c7d01a9f678a136478fde1bf33516ae30cd2722336aadb993d418851f1836","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.635681Z","times_seen":19,"resource_available":false,"data":null}},"time_used":272,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":270,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/12.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/12.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-7a68\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: C871:33CCC:F238883:F56B9E4:695A0E88\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.897723,VS0,VE143\r\nvary: Accept-Encoding\r\nx-fastly-request-id: d1db0281232cb578efd622db253aa16559bbe0dd\r\ncontent-length: 31336\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":31336,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 680 x 440, 8-bit/color RGBA, non-interlaced","md5":"950666e26e16cfe42303bc4a8b1a9bdf","sha1":"41824b48b44648b051f6f0e90a8888f67aeb02be","sha256":"da6c83a476ed6fd48f2a876703e9d29fa35854d86dcc4a874ddeafd4dc60692b","sha512":"32eb5424f84fdf719158767cc468505e88c210914f6cde77a02ee1af9b8867d2330099849779d87af0aea3218c5c49dc8f20a6c5920eb13e519cbb464ed8e03d","ssdeep":"768:ijzBogGW6fbkrTGK7tYxiejVVljIZBRYtnQo:iP6rWso3sintunF","tlshash":"45e2d0e29913cefbddb0b6f6e4021124f877568a9041414f6e353d3077aa299653e63c","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.636342Z","times_seen":19,"resource_available":false,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":174,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/13.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/13.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-a735\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: B844:AE7B0:ED320A9:F06E9EA:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.899821,VS0,VE140\r\nvary: Accept-Encoding\r\nx-fastly-request-id: ff1b8c9ae9fbee341af929b9eb0cab18439ad357\r\ncontent-length: 42805\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":42805,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1121 x 430, 8-bit/color RGBA, non-interlaced","md5":"f19a12c434599cbec2ce0c0bc8b616f8","sha1":"1e0a9e7ef5a8302aa5bd808aaaeeb4c137be4e48","sha256":"803f1edc86b4e363f984a4ae86b527cd82c133dc403c41dc5a01518345b7b658","sha512":"d026156a67b721fd90b01bf3b36a5b7b08a5c7a71ca5ef6fa84f6fa9e2d22539b6ea20efc890c27a4b9b53a97eaa966d53f866ea6b944f7df5c23a148ea7ba7f","ssdeep":"768:jf7EVCcX/eQ1gnVANVOVb1KUgSLgpJdwcWa8C0EppO2133/9N/UdD6PWULQXuovK:z7PPQsVbWD0K3NlO86q4oj","tlshash":"f413e165e8875b64d09e0d38cceba73e2194586946e7034f8b75f140bac3e9c165bac2","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.636921Z","times_seen":19,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/@fortawesome/fontawesome-free@5/css/all.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 5.15.4\r\nx-jsd-version-type: version\r\netag: W/\"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nage: 22871\r\nx-served-by: cache-fra-eddf8230109-FRA, cache-hel1410028-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 12882\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":59305,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (59119)","md5":"ecd507b3125edc4d2a03aa6ae5d07da9","sha1":"a57ee68d11601b0fd8e5037fc241ff65a754473c","sha256":"99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e","sha512":"d72727e8871a410e34fcc2815b65b84618acfc36c82d4ef80b5bd2acb2710aae7ba3de35626d354b036c38caaf10116572051aeb12e23d8fcd4b947e13aced25","ssdeep":"768:PEh31IPiyXNq4YxBowbgJlkwF//zMQyYJYX9Bf7VSzl:PE0PxXE4YXJgndFTfy9lQB","tlshash":"8c43fbb8e54c01cab731c44bef81b2bc61b6f73de5914d95f00e691c2ad26a811c5fba","first_seen":"2023-03-13T09:02:16Z","last_seen":"2026-04-12T08:49:51.264342Z","times_seen":34733,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":10,"dns":1,"connect":13,"send":0,"wait":13,"receive":2,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/24.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.884Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/24.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-d8e7\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 471C:32E205:F1E673B:F519ECC:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.848475,VS0,VE159\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 8b8f0dd1d1d96c957d43497d76555d6fab1bc2c1\r\ncontent-length: 55527\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":55527,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1210 x 652, 8-bit/color RGBA, non-interlaced","md5":"121a6df7d88081e1ea66b00c8978f924","sha1":"73cec9f3c46c5e43b7890ce4aa54dc4a8da7643d","sha256":"f382a583f2afb65696a278e097e26886cc41169b8e9e55c92fd6a4d1e4d3f90f","sha512":"af9acb4a7dec845a24aa565797f0c8a78ea964a025d6bf69a61c6c05f2cb05ddb9afd950a5108626cb29358f0e0eaa804c9628cb05523a6c3d74a0126e50c905","ssdeep":"1536:AjQdWzCCpM58wasNUS+iJ9zAsmTQjysk1s+VmLlvT3rn:AjQdTCmCw5NUQe2yqfV3j","tlshash":"9e43f12fb81e24fbcdf680393866b3b5fd69ad5859a6db330b0b91a41e1790011b3617","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.6389Z","times_seen":19,"resource_available":false,"data":null}},"time_used":201,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":184,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/29.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/29.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-91b6\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: C867:365E18:EB1946C:EE55FF0:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:08 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.862447,VS0,VE136\r\nvary: Accept-Encoding\r\nx-fastly-request-id: b15836554b1400503247a9748fd80f997db43d61\r\ncontent-length: 37302\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":37302,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1917 x 232, 8-bit/color RGBA, non-interlaced","md5":"4293dea76499f88d9e76a23c21584d4f","sha1":"3fbd95a219bf2f37ed40445019f189947aa53cd4","sha256":"bb321366ca1a213f0c7b9f33b3830ae0c60eaf9db90418ae5cf48a25689d084f","sha512":"1acc6aaf95434b2ace8b918372bc7b77d851f092e0a56f154eb2d2bf90b2c086e07217af82e0495ee450498d47569198929666a613a9ba399b829e1e79d47814","ssdeep":"768:ptSPmpuojk65l09HJZdTDWXGQWovXswoqAlwz5m:ptWMuoo65l09HpTq2QWEoJClm","tlshash":"3cf2d0a37c37e40dd2bcd130959d4c5a7ff2aecf266e68ec83760ba0ce490851560a67","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.640266Z","times_seen":19,"resource_available":false,"data":null}},"time_used":171,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/43.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.912Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/43.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-1430\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: F6B9:83D7F:EE536CA:F1875E7:695A0E8F\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nage: 0\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.863143,VS0,VE146\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 41ed9058c7328605c9d8908505c0d3b5b4cec0fa\r\ncontent-length: 5168\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]}],"data":{"size":5168,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 535 x 54, 8-bit/color RGBA, non-interlaced","md5":"7ab583a3711447bf509b37f46a0481e8","sha1":"ae6805cddfc76cf3eac791e002d0d36fa714fe52","sha256":"536ca721e09eef076f5d29c19cb79dc781385c64069eb74dcc2444b29d5df20c","sha512":"abf2f937157e5b531c97b6a180360cf99fcaf2d8a7789fac7811d9fd4b6e431cd28c6fdd5130fa1e1c3dd895b70740fb87177fec9a4e7d997937bf3667013ed5","ssdeep":"96:pTktuEuAy3JMBb9wMzE3R8KdLFMImhyX1dkIXDaA4ovOjaKse84XjBH:1AuL3fnrlWzUYITFB8fxrz1","tlshash":"e3b17de978fe89c4667702f3e533496c14d22d3adea03626ee616b0077ed6752019ac1","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.642492Z","times_seen":19,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/10.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.927Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/10.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-5ed3\"\r\nexpires: Sun, 04 Jan 2026 07:04:08 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: 1153:28E859:E68FFD7:E9CBF92:695A0E8F\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.883590,VS0,VE173\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 7cca3644c47f899551605526732c68e965aa2e8e\r\ncontent-length: 24275\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":24275,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1204 x 303, 8-bit/color RGBA, non-interlaced","md5":"e24c061bafed2f84be03b33506c97263","sha1":"fd4cfb91ae104879616a46eeb8ac836401bea0e4","sha256":"bf2813b1d1137e2ad18dcf57ba0e7a7da2dc1ed509be71d3c40b17687cdbdbac","sha512":"ec544aafb56c4f3c694ffd346367c56b746ed2cdbeddc4fd197c856f5f753d126579e9eb2aa5800c6fb5b1f3a74ac95a146efb4566bed7db8ed0968d1c759f30","ssdeep":"384:OYiMgGOpoQKzcYNNcZL5vNQ6tK4JCh88Hpq4PLqsIsFfvQTFUQqoKWJ7cNh:OYiMgGwoQKz9yyY7ipqdoQT/tKWJgb","tlshash":"9cb2d0c0aed76404f9424334ec52cba62f211bd9492873af0b49b525afdafc46df2d46","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.643235Z","times_seen":19,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/Malware-Analysis/SnakeKeylogger/18.PNG","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.931Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/Malware-Analysis/SnakeKeylogger/18.PNG HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: image/png\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: \"62b6d2a1-14768\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\nx-proxy-cache: MISS\r\nx-github-request-id: CDEE:83D7F:EE536D9:F1875F5:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.892201,VS0,VE283\r\nvary: Accept-Encoding\r\nx-fastly-request-id: c9d77616718c2ffcd1e704632ff78bcb081415aa\r\ncontent-length: 83816\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":83816,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1098 x 401, 8-bit/color RGBA, non-interlaced","md5":"2e394874b25ad494eb9e881bb10bf663","sha1":"6a30981b3fb25868480959c8f1dfdce658897db0","sha256":"959b81f6b80dae52d18aa2f9eac53b2f3aa002135b0c356565e98add560ca491","sha512":"61ae924b6264b8da2166af4047ddf63a88f9db57fceecc3ab8eb194411fd677bc87f211eb5f0c884a9971c88703b8f4179e7fd8b001ed9bd78b5ec065d29e611","ssdeep":"1536:eObgVRLXCb3EGGQr2mf9vTF7NsJa0JJWf2DhJmjtONW8f2UQ:HkVBXCb3RFPJJ7NKhQf0hJmjE48a","tlshash":"4483e12edcfa606c8de95667aa91990d87669cab102f903fd7f9b904cd0183dcf4094f","first_seen":"2023-05-13T22:06:23Z","last_seen":"2026-01-04T06:54:40.643835Z","times_seen":19,"resource_available":false,"data":null}},"time_used":298,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":296,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"x-junior.github.io/assets/js/main.min.js","fqdn":"x-junior.github.io","domain":"x-junior.github.io","tld":"github.io"},"ip":{"addr":"185.199.109.153","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html","date":"2026-01-04T06:54:08.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /assets/js/main.min.js HTTP/1.1\r\nHost: x-junior.github.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://x-junior.github.io/malware%20analysis/2022/06/24/Snakekeylogger.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: GitHub.com\r\ncontent-type: application/javascript; charset=utf-8\r\nx-origin-cache: HIT\r\nlast-modified: Sat, 25 Jun 2022 09:17:21 GMT\r\naccess-control-allow-origin: *\r\nstrict-transport-security: max-age=31556952\r\netag: W/\"62b6d2a1-1de72\"\r\nexpires: Sun, 04 Jan 2026 07:04:09 GMT\r\ncache-control: max-age=600\r\ncontent-encoding: gzip\r\nx-proxy-cache: MISS\r\nx-github-request-id: 9701:3D391:EBB251F:EEEE9CA:695A0E90\r\naccept-ranges: bytes\r\nage: 0\r\ndate: Sun, 04 Jan 2026 06:54:09 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410021-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1767509649.904958,VS0,VE284\r\nvary: Accept-Encoding\r\nx-fastly-request-id: 6d4d77848ed1d4a7d94857f4123a61de4363f3ba\r\ncontent-length: 42605\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":122482,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32015)","md5":"ce7227e1cefaaeee12172d690cf59ba9","sha1":"6a1d1a28498b8071f7ca881e2e0882e555e769fc","sha256":"76c81906e2edbe98f28dfccd7dcfa7efc0ef95f3b23261c621115166a3ff10d0","sha512":"7ea4b15403d2522788858abb2136532b2cd8c5d49595acb71b8bb46f6e81d09c26e4a55cfd92c0aa5140c2b554ee80eaa4e42a4de4a22b6b4ee4800696f239ae","ssdeep":"3072:WlpnGn0OOEnKr+Htg1GeYxFkAMqrV2htE6el:Tn0JEKKH1eYbkp6V2htbel","tlshash":"bac32adcb1c2b02247bb31b9507f610bb2765999681e8410f169d8e5bcbca4d823bf7d","first_seen":"2023-03-11T22:53:02Z","last_seen":"2026-04-03T15:10:34.766031Z","times_seen":27,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":298,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}