github.com Open in urlscan Pro
192.30.253.112  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set LokiBot_hijacked_2018.pdf Show response github.com/d00rt/hijacked_lokibot_version/blob/master/doc/	61 KB 19 KB	246ms 245ms	Document text/html	192.30.253.112 GitHub
General Check archive.org Show headers Download Go to Full URL https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.30.253.112 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US), Reverse DNS lb-192-30-253-112-iad.github.com Software GitHub.com / Resource Hash 4c0a7622f0cdca431805dbf3523417aa1143d531808507a79cf47594d1ac14be Security Headers Name Value Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Host github.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 37B9A87643ED462DF11570A3E871755D Response headers Server GitHub.com Date Mon, 20 Aug 2018 21:17:27 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Status 200 OK Cache-Control no-cache Vary X-PJAX Set-Cookie has_recent_activity=1; path=/; expires=Mon, 20 Aug 2018 22:17:27 -0000 _octo=GH1.1.1962835644.1534799847; domain=.github.com; path=/; expires=Thu, 20 Aug 2020 21:17:27 -0000 logged_in=no; domain=.github.com; path=/; expires=Fri, 20 Aug 2038 21:17:27 -0000; secure; HttpOnly _gh_sess=RUFJZm1uL0pPcnNza2JKNjZ6MGJ4RmpnNXpiUGp2ZktTMnQxendoR2gvQ010Wkh6YXo4Um51SWI2SGpiK2FKdGwxNHd1MW4vRVBtSTViU3Y0aElKNU1YMGdrOEhjYmJDWUFvdGRDUVRVSlZiQ01aZVMwR1BLbDFqR3h5bWhvbVZKRytNSzFEN1NmTEh5eVFYSDQxYkRzUHd2U1o1a3FHbm0xY3lNdmkrNDBsK3E4SDBteUE5SWpZY1FEd1NSeHp1cVE4MWY4QWI2VUpNdVZJRThBMEtoMkRER1RlY2ZudnNTdVo5ekRScFV0Y3ZYTkN6aWtBaGl0eDgvM0txZHJkbzZXdlRjT0JFd1lLdmxaWWFGUEN0ZGh2R1VNMUMwVHl1bThsMkI2SWY4eFk9LS1hTjdLdzBEWnVVNk9mNHFSVWxvRi9BPT0%3D--392acaee605568deaa92f2f00ec2227e9c6d767b; path=/; secure; HttpOnly X-Request-Id fde7c08a-4bcb-4206-8b42-5bf796d50aa6 X-Runtime 0.141798 Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Frame-Options deny X-Content-Type-Options nosniff X-XSS-Protection 1; mode=block Expect-CT max-age=2592000, report-uri="https://api.github.com/_private/browser/errors" Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com X-Runtime-rack 0.151492 Content-Encoding gzip X-GitHub-Request-Id DCC2:5635:31A9BD:64F01B:5B7B2FE3
GET H/1.1	200 OK	frameworks-95aff0b550d3fe338b645a4deebdcb1b.css assets-cdn.github.com/assets/	114 KB 24 KB	7ms 6ms	Stylesheet text/css	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.github.com/assets/frameworks-95aff0b550d3fe338b645a4deebdcb1b.css Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash e830b56040a6894861f4cdbd166469abc45db621198d8f06f6791a9aae9bb3f1 Request headers Pragma no-cache Origin https://github.com Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com Response headers X-Fastly-Request-ID 4bb431f08e3ec6ea6e4859322ad9958e97035fdd Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip Age 567367 X-Cache HIT Connection keep-alive Content-Length 23795 X-Served-By cache-fra19123-FRA Access-Control-Allow-Origin * Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id B84C:0402:95DA:E32F:5B7287A0 X-Timer S1534799848.593983,VS0,VE0 Vary Accept-Encoding Content-Type text/css Via 1.1 varnish Expires Wed, 14 Aug 2019 07:41:20 GMT Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin * X-Cache-Hits 68141
GET H/1.1	200 OK	github-37504d684728c80db863d719b4ac6781.css assets-cdn.github.com/assets/	380 KB 90 KB	7ms 6ms	Stylesheet text/css	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.github.com/assets/github-37504d684728c80db863d719b4ac6781.css Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash e0ec53c911c00f84baaa753fac68da1d68c546496af1205f16c4470b3734807c Request headers Pragma no-cache Origin https://github.com Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com Response headers X-Fastly-Request-ID 4bf391a14f8b73f93df7d6387d53c44950d9ddd9 Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip Age 6535 X-Cache HIT Connection keep-alive Content-Length 91789 X-Served-By cache-fra19142-FRA Access-Control-Allow-Origin * Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id 31B4:0C0E:12FFDC:1A3815:5B7B1660 X-Timer S1534799848.593215,VS0,VE0 Vary Accept-Encoding Content-Type text/css Via 1.1 varnish Expires Tue, 20 Aug 2019 19:28:32 GMT Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin * X-Cache-Hits 1167
GET H/1.1	200 OK	site-0ce1db6a467f430ec047993d2b06027b.css assets-cdn.github.com/assets/	48 KB 11 KB	8ms 6ms	Stylesheet text/css	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.github.com/assets/site-0ce1db6a467f430ec047993d2b06027b.css Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash 0733f1657bec179a87afef446cfdce11e51ec480ecc098a5dc335f4a51048470 Request headers Pragma no-cache Origin https://github.com Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com Response headers X-Fastly-Request-ID cfe92ecfe93ee705a358ccd88c08bf1b6ce3d609 Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip Age 18314 X-Cache HIT Connection keep-alive Content-Length 10959 X-Served-By cache-fra19134-FRA Access-Control-Allow-Origin * Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id E56A:4967:1C87E9:29A26E:5B7AE85D X-Timer S1534799848.594922,VS0,VE0 Vary Accept-Encoding Content-Type text/css Via 1.1 varnish Expires Tue, 20 Aug 2019 16:12:13 GMT Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin * X-Cache-Hits 1975
GET H/1.1	200 OK	search-shortcut-hint.svg assets-cdn.github.com/images/	413 B 921 B	10ms 5ms	Image image/svg+xml	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://assets-cdn.github.com/images/search-shortcut-hint.svg Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash 0b8f133fad14fed1148917cb070ad4b09e091400ebd98626c0ce9fc9bf091c80 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Cookie _octo=GH1.1.1962835644.1534799847; logged_in=no Connection keep-alive Cache-Control no-cache Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Fastly-Request-ID 461c17553f1dd8cd062b501651002d5cd4c73b6a Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip Age 12428 X-Cache HIT Connection keep-alive Content-Length 267 X-Served-By cache-fra19147-FRA Access-Control-Allow-Origin * Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id 5164:784D:2010E0:2DEFD9:5B7AFF5B X-Timer S1534799848.614937,VS0,VE0 Vary Accept-Encoding Content-Type image/svg+xml Via 1.1 varnish Expires Tue, 20 Aug 2019 17:50:19 GMT Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin * X-Cache-Hits 1225
GET H/1.1	200 OK	octocat-spinner-128.gif assets-cdn.github.com/images/spinners/	11 KB 12 KB	10ms 6ms	Image image/gif	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://assets-cdn.github.com/images/spinners/octocat-spinner-128.gif Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash 338974454bb5c32803e82f601beb051d373744b024fe8742a76009700fd7e033 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Cookie _octo=GH1.1.1962835644.1534799847; logged_in=no Connection keep-alive Cache-Control no-cache Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Fastly-Request-ID 9b1af748d0b9cd747c45fd264a28880e8196c30a Date Mon, 20 Aug 2018 21:17:27 GMT Via 1.1 varnish Age 12428 X-Cache HIT X-Cache-Hits 2868 Connection keep-alive Content-Length 11721 X-Served-By cache-fra19123-FRA Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id 9B08:76D1:1F232D:2CC681:5B7AFF5B X-Timer S1534799848.616310,VS0,VE0 Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin https://github.com Expires Tue, 20 Aug 2019 17:50:19 GMT
GET H/1.1	200 OK	octocat-spinner-32-EAF2F5.gif assets-cdn.github.com/images/spinners/	3 KB 3 KB	19ms 6ms	Image image/gif	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://assets-cdn.github.com/images/spinners/octocat-spinner-32-EAF2F5.gif Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash 0bdc57d34b85c4a4de9d0d1db10cd70e8a95f33ff4f46c5a8c48b4bf4e5a9abe Request headers Pragma no-cache Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Cookie _octo=GH1.1.1962835644.1534799847; logged_in=no Connection keep-alive Cache-Control no-cache Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Fastly-Request-ID 58ddd1f9e35e0cafb8176874ed5676ca5bd19fff Date Mon, 20 Aug 2018 21:17:27 GMT Via 1.1 varnish Age 9155118 X-Cache HIT X-Cache-Hits 28410 Connection keep-alive Content-Length 2673 X-Served-By cache-fra19147-FRA Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id EF42:4AF6:1E81E62:2022805:5AEF7D88 X-Timer S1534799848.624709,VS0,VE0 Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin https://github.com Expires Mon, 06 May 2019 22:12:09 GMT
GET H/1.1	200 OK	frameworks-320b28cdf5601867c9f1610023761057.js Show response assets-cdn.github.com/assets/	218 KB 74 KB	7ms 6ms	Script application/javascript	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.github.com/assets/frameworks-320b28cdf5601867c9f1610023761057.js Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash e5b221a04e832680ffc70d04635735f622c0ed788c831cde3c4987cb333a3bcf Request headers Pragma no-cache Origin https://github.com Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com Response headers X-Fastly-Request-ID bc6ce9fbf7bf487a47f8973d7cb2d0a102f75fba Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip Age 260000 X-Cache HIT Connection keep-alive Content-Length 75125 X-Served-By cache-fra19123-FRA Access-Control-Allow-Origin * Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id 50EC:59B7:C8A1:12D3F:5B773847 X-Timer S1534799848.605429,VS0,VE0 Vary Accept-Encoding Content-Type application/javascript Via 1.1 varnish Expires Sat, 17 Aug 2019 21:04:07 GMT Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin * X-Cache-Hits 29135
GET H/1.1	200 OK	github-e20c936cb0cae2ca6436d0b042f8f075.js Show response assets-cdn.github.com/assets/	479 KB 137 KB	10ms 6ms	Script application/javascript	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Full URL https://assets-cdn.github.com/assets/github-e20c936cb0cae2ca6436d0b042f8f075.js Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash 96ed51a99fbe6cc7a52470753d019f1a1fb46169af3fd5d5c8bdb72f260f3d5d Request headers Pragma no-cache Origin https://github.com Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com Response headers X-Fastly-Request-ID aada27b4a053f0935a89b867d918dcd9353182c4 Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip Age 8097 X-Cache HIT Connection keep-alive Content-Length 139380 X-Served-By cache-fra19142-FRA Access-Control-Allow-Origin * Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id 32D2:0C13:2583D4:32C694:5B7B1046 X-Timer S1534799848.614786,VS0,VE0 Vary Accept-Encoding Content-Type application/javascript Via 1.1 varnish Expires Tue, 20 Aug 2019 19:02:30 GMT Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin * X-Cache-Hits 1426
GET H/1.1	200 OK	pdf render.githubusercontent.com/view/ Frame 8610	0 0	433ms 106ms	Document text/html	54.235.81.143 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://render.githubusercontent.com/view/pdf?commit=8e9d530ac6ee73707406680a306b7872bcf34c89&enc_url=68747470733a2f2f7261772e67697468756275736572636f6e74656e742e636f6d2f64303072742f68696a61636b65645f6c6f6b69626f745f76657273696f6e2f386539643533306163366565373337303734303636383061333036623738373262636633346338392f646f632f4c6f6b69426f745f68696a61636b65645f323031382e706466&nwo=d00rt%2Fhijacked_lokibot_version&path=doc%2FLokiBot_hijacked_2018.pdf&repository_id=139952627&repository_type=Repository Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.235.81.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-235-81-143.compute-1.amazonaws.com Software GitHub.com / Resource Hash Security Headers Name Value Content-Security-Policy default-src *; child-src 'self'; connect-src 'self' https://raw.githubusercontent.com/ https://gist.githubusercontent.com/ https://media.githubusercontent.com/ github-render.s3.amazonaws.com *.tiles.mapbox.com; font-src 'self' data:; img-src data: blob: 'self' https://raw.githubusercontent.com/ https://gist.githubusercontent.com/ https://media.githubusercontent.com/ https://github.com/ www.google-analytics.com github-render.s3.amazonaws.com *.tiles.mapbox.com https://camo.githubusercontent.com; media-src 'none'; object-src 'none'; script-src 'self' www.google-analytics.com; style-src 'self' 'unsafe-inline'; frame-src 'self'; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host render.githubusercontent.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 37B9A87643ED462DF11570A3E871755D Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Response headers Content-Encoding gzip Content-Security-Policy default-src *; child-src 'self'; connect-src 'self' https://raw.githubusercontent.com/ https://gist.githubusercontent.com/ https://media.githubusercontent.com/ github-render.s3.amazonaws.com *.tiles.mapbox.com; font-src 'self' data:; img-src data: blob: 'self' https://raw.githubusercontent.com/ https://gist.githubusercontent.com/ https://media.githubusercontent.com/ https://github.com/ www.google-analytics.com github-render.s3.amazonaws.com *.tiles.mapbox.com https://camo.githubusercontent.com; media-src 'none'; object-src 'none'; script-src 'self' www.google-analytics.com; style-src 'self' 'unsafe-inline'; frame-src 'self'; Content-Type text/html;charset=utf-8 Date Mon, 20 Aug 2018 21:17:27 GMT Server GitHub.com Status 200 OK X-Content-Type-Options nosniff X-Proxy-Passed true X-Revision a60c7e5264cb1598959227e0a1aefaf188370c73 X-Served-By 1a2590dd5c964dd5578b95ccdb5e4976 X-XSS-Protection 1; mode=block Content-Length 559 Connection keep-alive
GET H/1.1	200 OK	site-signup-prompt.png assets-cdn.github.com/images/modules/site/	98 KB 98 KB	6ms 5ms	Image image/png	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://assets-cdn.github.com/images/modules/site/site-signup-prompt.png Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software GitHub.com / Resource Hash 0493cf9fd169f58d9548e4a778508d671f63ba72e113133d0675c496dcc35cc5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host assets-cdn.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://assets-cdn.github.com/assets/site-0ce1db6a467f430ec047993d2b06027b.css Cookie _octo=GH1.1.1962835644.1534799847; logged_in=no Connection keep-alive Cache-Control no-cache Referer https://assets-cdn.github.com/assets/site-0ce1db6a467f430ec047993d2b06027b.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Fastly-Request-ID 1d90e11da5978a24aaa97becfd45d562a412fa47 Date Mon, 20 Aug 2018 21:17:27 GMT Via 1.1 varnish Age 14507009 X-Cache HIT X-Cache-Hits 44216 Connection keep-alive Content-Length 99909 X-Served-By cache-fra19147-FRA Last-Modified Sat, 01 Jan 2000 00:00:00 GMT Server GitHub.com X-GitHub-Request-Id 5326:0E1D:571CDB:5B968E:5A9DD3E5 X-Timer S1534799848.652107,VS0,VE0 Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000, public Accept-Ranges bytes Timing-Allow-Origin https://github.com Expires Tue, 05 Mar 2019 23:33:57 GMT
GET H/1.1	200 OK	Cookie set LokiBot_hijacked_2018.pdf Show response github.com/d00rt/hijacked_lokibot_version/contributors/master/doc/	2 KB 3 KB	149ms 148ms	Fetch text/html	192.30.253.112 GitHub
General Check archive.org Show headers Download Go to Full URL https://github.com/d00rt/hijacked_lokibot_version/contributors/master/doc/LokiBot_hijacked_2018.pdf Requested by Host: assets-cdn.github.com URL: https://assets-cdn.github.com/assets/frameworks-320b28cdf5601867c9f1610023761057.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.30.253.112 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US), Reverse DNS lb-192-30-253-112-iad.github.com Software GitHub.com / Resource Hash 5aa04e5db6f0f89953b01a4fcfa77786db06d3e5b239d9c07d205d59b0487cc7 Security Headers Name Value Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf X-Requested-With XMLHttpRequest Cookie has_recent_activity=1; _octo=GH1.1.1962835644.1534799847; logged_in=no; _gh_sess=RUFJZm1uL0pPcnNza2JKNjZ6MGJ4RmpnNXpiUGp2ZktTMnQxendoR2gvQ010Wkh6YXo4Um51SWI2SGpiK2FKdGwxNHd1MW4vRVBtSTViU3Y0aElKNU1YMGdrOEhjYmJDWUFvdGRDUVRVSlZiQ01aZVMwR1BLbDFqR3h5bWhvbVZKRytNSzFEN1NmTEh5eVFYSDQxYkRzUHd2U1o1a3FHbm0xY3lNdmkrNDBsK3E4SDBteUE5SWpZY1FEd1NSeHp1cVE4MWY4QWI2VUpNdVZJRThBMEtoMkRER1RlY2ZudnNTdVo5ekRScFV0Y3ZYTkN6aWtBaGl0eDgvM0txZHJkbzZXdlRjT0JFd1lLdmxaWWFGUEN0ZGh2R1VNMUMwVHl1bThsMkI2SWY4eFk9LS1hTjdLdzBEWnVVNk9mNHFSVWxvRi9BPT0%3D--392acaee605568deaa92f2f00ec2227e9c6d767b Connection keep-alive Cache-Control no-cache Accept text/html Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 20 Aug 2018 21:17:27 GMT Content-Encoding gzip X-Content-Type-Options nosniff Transfer-Encoding chunked Status 200 OK Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-XSS-Protection 1; mode=block X-Request-Id b04a9153-cc44-4f8a-9633-49ca7692bdbd X-Runtime 0.046055 Server GitHub.com X-GitHub-Request-Id DCC2:5635:31A9CD:64F115:5B7B2FE7 X-Frame-Options deny Expect-CT max-age=2592000, report-uri="https://api.github.com/_private/browser/errors" Vary X-PJAX X-Runtime-rack 0.054857 Content-Type text/html; charset=utf-8 Cache-Control no-cache Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com Set-Cookie has_recent_activity=1; path=/; expires=Mon, 20 Aug 2018 22:17:27 -0000 _gh_sess=VHMwMkJ6N1JtdUNZQmJVRkpNWEF3NnJCcTlyWjhEblphaFgxRlpWNUtyMkkyVVF5MytSWXNFUWJEdmxIdmZYVHIyNHVJSkFaMTdybVRubUJsbzBkRTJJUUJKcWRDNFM1MGMvUFFBMDE1VDFCQlNOYVg3cjJBVlp2cUxMTndkSjV3dUhWdUJuZkRtUm5ENEVZODdod284NXZCNHQxYTFJaFdCbGtoT0hzN1dFdlJKTThBRHN6OUhlajIvbGNidGRLVEJKNzR2Y3hrNUhXRkV4eE82VFdwcjlEMlpRbmVsaWlFSGQ4ME5XTWFUa0hBOXNkenl0RVN2MXpZTFVmNkJLS2VpK0tJTTZCc2tYK081MVhpdktZWDA5S1RTaHVLVlREelB5L1ZRUU13NS9NRkNKOENnVkR3endYc0psYTFEWXBrbDhSZWI1aGJmdklBME5kbTNGb3RLYy9DUFZCcGRNb0laK0ttUkpJd0VZekFJV3VxS0lQekVoMXBNTkVsZ0VwbU5nSDdHU0h3NTJRTExkcGsyQXJ5R2U2V0kvRkJET1d5TEE3VXQrYW5JcVJSTXJTNFZYakErVVIyd3ZoekZ3ZC0tNnRzMGNxR0xoRzZ3Y0VqNWV0QlJtUT09--ef565c5eb75236785feb264d6f621b3c21c697b3; path=/; secure; HttpOnly X-HTML-Safe b1d15431f1fb77d853729400a1562efb0a3da1ee
POST S	200	collect www.google-analytics.com/r/	35 B 111 B	13ms 13ms	Other image/gif	2a00:1450:4001:81e::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/r/collect Requested by Host: assets-cdn.github.com URL: https://assets-cdn.github.com/assets/frameworks-320b28cdf5601867c9f1610023761057.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 20 Aug 2018 21:17:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://github.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	collect collector.githubapp.com/	0 542 B	108ms 108ms	Other application/vnd.github-octolytics+json	50.16.137.101 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://collector.githubapp.com/collect Requested by Host: assets-cdn.github.com URL: https://assets-cdn.github.com/assets/frameworks-320b28cdf5601867c9f1610023761057.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.137.101 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-50-16-137-101.compute-1.amazonaws.com Software GitHub.com / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers X-Runtime 0.003380 Date Mon, 20 Aug 2018 21:17:27 GMT X-Rack-Cache invalidate, pass Server GitHub.com Connection keep-alive Vary Origin Access-Control-Allow-Methods POST, OPTIONS Content-Type application/vnd.github-octolytics+json; charset=utf-8 Access-Control-Allow-Origin https://github.com Cache-Control no-cache Access-Control-Allow-Credentials true Strict-Transport-Security max-age=31536000 Content-Length 0 X-Request-Id 63ebd5c59d45bdb417d95ccbd1c82d03 X-UA-Compatible IE=Edge,chrome=1
POST S	200	collect www.google-analytics.com/	35 B 111 B	13ms 13ms	Other image/gif	2a00:1450:4001:81e::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: assets-cdn.github.com URL: https://assets-cdn.github.com/assets/frameworks-320b28cdf5601867c9f1610023761057.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 20 Aug 2018 21:17:27 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://github.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	page_view collector.githubapp.com/github/	35 B 529 B	112ms 111ms	Image image/gif	50.16.137.101 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://collector.githubapp.com/github/page_view?dimensions[page]=https%3A%2F%2Fgithub.com%2Fd00rt%2Fhijacked_lokibot_version%2Fblob%2Fmaster%2Fdoc%2FLokiBot_hijacked_2018.pdf&dimensions[title]=hijacked_lokibot_version%2FLokiBot_hijacked_2018.pdf%20at%20master%20%C2%B7%20d00rt%2Fhijacked_lokibot_version%20%C2%B7%20GitHub&dimensions[referrer]=&dimensions[user_agent]=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&dimensions[screen_resolution]=1600x1200&dimensions[pixel_ratio]=1&dimensions[browser_resolution]=1600x1200&dimensions[tz_seconds]=0&dimensions[timestamp]=1534799847888&dimensions[request_id]=DCC2%3A5635%3A31A9BD%3A64F01B%3A5B7B2FE3&dimensions[region_edge]=iad&dimensions[region_render]=iad&dimensions[user_id]=30732868&dimensions[user_login]=d00rt&dimensions[repository_id]=139952627&dimensions[repository_nwo]=d00rt%2Fhijacked_lokibot_version&dimensions[repository_public]=true&dimensions[repository_is_fork]=false&dimensions[repository_network_root_id]=139952627&dimensions[repository_network_root_nwo]=d00rt%2Fhijacked_lokibot_version&dimensions[repository_explore_github_marketplace_ci_cta_shown]=false&&measures[performance_timing]=1-0-0--405-403-403-249-0-0-0---0---0-248-246---&&&dimensions[cid]=1962835644.1534799847 Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.137.101 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-50-16-137-101.compute-1.amazonaws.com Software GitHub.com / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Mon, 20 Aug 2018 21:17:27 GMT X-Rack-Cache miss Last-Modified Mon, 20 Aug 2018 21:17:27 GMT Server GitHub.com Strict-Transport-Security max-age=31536000 Content-Type image/gif; charset=utf-8 Expires Sat, 25 Nov 2000 05:00:00 GMT Cache-Control no-store, no-cache, must-revalidate, private Connection keep-alive X-Runtime 0.004411 Content-Length 35 X-Request-Id a215928673129f3a73b0c0261f2208c4 X-UA-Compatible IE=Edge,chrome=1
GET H/1.1	200 OK	68747470733a2f2f322e67726176617461722e636f6d2f6176617461722f37366437346236666538323938663961663865396435633636306338633763353f643d68747470732533412532462532466173736574732d63646e2e6769746875622e636... camo.githubusercontent.com/c1883fe9a9c28872087c65cb3356f3b9928ac896/	2 KB 3 KB	6ms 6ms	Image image/webp	151.101.12.133 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://camo.githubusercontent.com/c1883fe9a9c28872087c65cb3356f3b9928ac896/68747470733a2f2f322e67726176617461722e636f6d2f6176617461722f37366437346236666538323938663961663865396435633636306338633763353f643d68747470732533412532462532466173736574732d63646e2e6769746875622e636f6d253246696d6167657325324667726176617461727325324667726176617461722d757365722d3432302e706e6726723d6726733d313430 Requested by Host: github.com URL: https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.133 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software github-camo (65c9ebe0) / Resource Hash 7861667e2a6efd12de2e19c9deb45a2d4785c4e300754158b700d8695bbeaf48 Security Headers Name Value Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers X-Fastly-Request-ID 5c613b9ab4b1824365a7e1d12316c0807cfcfb7c Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline' Via 1.1 varnish X-Content-Type-Options nosniff Age 634152 X-Cache HIT Connection keep-alive Vary Accept Content-Length 2400 X-Xss-Protection 1; mode=block X-Served-By cache-fra19130-FRA Last-Modified Mon, 26 Jun 2017 19:42:24 GMT Server github-camo (65c9ebe0) X-GitHub-Request-Id 45D0:4071:5AF3D:60BE8:5B7182BC X-Timer S1534799848.900085,VS0,VE0 X-Frame-Options deny Date Mon, 20 Aug 2018 21:17:27 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/webp Expires Thu, 27 Jun 2019 07:42:24 GMT Cache-Control public, max-age=63115200 Accept-Ranges bytes Timing-Allow-Origin https://github.com X-Cache-Hits 1
OPTIONS H/1.1	204 No Content	stats Show response api.github.com/_private/browser/	0 2 KB	108ms 107ms	XHR application/octet-stream	192.30.253.117 GitHub
General Check archive.org Show headers Download Go to Full URL https://api.github.com/_private/browser/stats Requested by Host: assets-cdn.github.com URL: https://assets-cdn.github.com/assets/frameworks-320b28cdf5601867c9f1610023761057.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.30.253.117 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US), Reverse DNS lb-192-30-253-117-iad.github.com Software GitHub.com / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com collector.githubapp.com avatars0.githubusercontent.com avatars1.githubusercontent.com avatars2.githubusercontent.com avatars3.githubusercontent.com github-cloud.s3.amazonaws.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Pragma no-cache Access-Control-Request-Method POST Origin https://github.com Accept-Encoding gzip, deflate Host api.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Cache-Control no-cache Connection keep-alive Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Access-Control-Request-Headers content-type Response headers Date Mon, 20 Aug 2018 21:17:29 GMT Access-Control-Allow-Methods GET, POST, PATCH, PUT, DELETE X-Content-Type-Options nosniff Status 204 No Content Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server GitHub.com X-GitHub-Request-Id D086:783E:230C87E:4685E0A:5B7B2FE4 X-Frame-Options deny Expect-CT max-age=2592000, report-uri="https://api.github.com/_private/browser/errors" Access-Control-Max-Age 86400 X-Runtime-rack 0.006398 Content-Type application/octet-stream Access-Control-Allow-Origin * Access-Control-Expose-Headers ETag, Link, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com collector.githubapp.com avatars0.githubusercontent.com avatars1.githubusercontent.com avatars2.githubusercontent.com avatars3.githubusercontent.com github-cloud.s3.amazonaws.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com Access-Control-Allow-Headers Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Accept-Encoding, X-GitHub-OTP, X-Requested-With, User-Agent
POST H/1.1	200 OK	stats Show response api.github.com/_private/browser/	5 B 820 B	239ms 238ms	XHR application/json	192.30.253.117 GitHub
General Check archive.org Show headers Download Go to Full URL https://api.github.com/_private/browser/stats Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.30.253.117 San Francisco, United States, ASN36459 (GITHUB - GitHub, Inc., US), Reverse DNS lb-192-30-253-117-iad.github.com Software GitHub.com / Resource Hash 8e1d794b49e35ea828279c6a8c95282bbb9a0787cf5c9385256c2cc9d17baeb7 Security Headers Name Value Content-Security-Policy default-src 'none' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Pragma no-cache Origin https://github.com Accept-Encoding gzip, deflate Host api.github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/json Accept */* Cache-Control no-cache Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Connection keep-alive Content-Length 13202 Referer https://github.com/d00rt/hijacked_lokibot_version/blob/master/doc/LokiBot_hijacked_2018.pdf Origin https://github.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type application/json Response headers Date Mon, 20 Aug 2018 21:17:29 GMT X-Content-Type-Options nosniff X-GitHub-Media-Type github.v3; format=json Status 200 OK Content-Length 5 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server GitHub.com X-GitHub-Request-Id D086:783E:230C897:4686575:5B7B2FE9 X-Frame-Options deny Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Runtime-rack 0.045413 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers ETag, Link, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval Cache-Control no-cache Content-Security-Policy default-src 'none'

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| define object| regeneratorRuntime function| ga object| gaplugins function| IncludeFragmentElement function| PollIncludeFragmentElement function| TaskListsElement function| AutocompleteElement function| DetailsMenuElement function| GEmojiElement function| MarkdownHeaderButtonElement function| MarkdownBoldButtonElement function| MarkdownItalicButtonElement function| MarkdownQuoteButtonElement function| MarkdownCodeButtonElement function| MarkdownLinkButtonElement function| MarkdownUnorderedListButtonElement function| MarkdownOrderedListButtonElement function| MarkdownTaskListButtonElement function| MarkdownMentionButtonElement function| MarkdownRefButtonElement function| MarkdownToolbarElement function| LocalTimeElement function| RelativeTimeElement function| TimeAgoElement function| TimeUntilElement function| ClipboardCopyElement function| DetailsDialogElement function| AutoCheckElement object| _octo object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.render.githubusercontent.com/	1970-01-18 18:19:59	Name: _gat Value: 1
			.render.githubusercontent.com/	1970-01-18 18:21:26	Name: _gid Value: GA1.3.1275920934.1534799849
			.render.githubusercontent.com/	1970-01-19 11:51:11	Name: _ga Value: GA1.3.1245514501.1534799849

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com status.github.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com wss://live.github.com; font-src assets-cdn.github.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: assets-cdn.github.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src assets-cdn.github.com; style-src 'unsafe-inline' assets-cdn.github.com
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.github.com
assets-cdn.github.com
camo.githubusercontent.com
collector.githubapp.com
github.com
render.githubusercontent.com
www.google-analytics.com
151.101.12.133
192.30.253.112
192.30.253.117
2a00:1450:4001:81e::200e
50.16.137.101
54.235.81.143
0493cf9fd169f58d9548e4a778508d671f63ba72e113133d0675c496dcc35cc5
0733f1657bec179a87afef446cfdce11e51ec480ecc098a5dc335f4a51048470
0b8f133fad14fed1148917cb070ad4b09e091400ebd98626c0ce9fc9bf091c80
0bdc57d34b85c4a4de9d0d1db10cd70e8a95f33ff4f46c5a8c48b4bf4e5a9abe
338974454bb5c32803e82f601beb051d373744b024fe8742a76009700fd7e033
4c0a7622f0cdca431805dbf3523417aa1143d531808507a79cf47594d1ac14be
5aa04e5db6f0f89953b01a4fcfa77786db06d3e5b239d9c07d205d59b0487cc7
7861667e2a6efd12de2e19c9deb45a2d4785c4e300754158b700d8695bbeaf48
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1d794b49e35ea828279c6a8c95282bbb9a0787cf5c9385256c2cc9d17baeb7
96ed51a99fbe6cc7a52470753d019f1a1fb46169af3fd5d5c8bdb72f260f3d5d
e0ec53c911c00f84baaa753fac68da1d68c546496af1205f16c4470b3734807c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b221a04e832680ffc70d04635735f622c0ed788c831cde3c4987cb333a3bcf
e830b56040a6894861f4cdbd166469abc45db621198d8f06f6791a9aae9bb3f1