0xpat.github.io
Open in
urlscan Pro
185.199.109.153
Public Scan
Submission Tags: falconsandbox
Submission: On March 17 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time 0xpat.github.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 185.199.109.153 185.199.109.153 | 54113 (FASTLY) (FASTLY) | |
13 | 2 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
0xpat.github.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
github.io
1 redirects
0xpat.github.io |
2 MB |
13 | 1 |
Domain | Requested by | |
---|---|---|
14 | 0xpat.github.io |
1 redirects
0xpat.github.io
|
13 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
en.wikipedia.org |
blog.quarkslab.com |
medium.com |
www.babush.me |
blog.scrt.ch |
www.blackhat.com |
www.linkedin.com |
www.twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://0xpat.github.io/Malware_development_part_6/
Frame ID: 7C7905E9232A327ED6BC59B31A69346A
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://0xpat.github.io/Malware_development_part_6
HTTP 301
https://0xpat.github.io/Malware_development_part_6/ Page URL
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Varnish (Cache Tools) Expand
Detected patterns
- headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
GitHub Pages (CDN) Expand
Detected patterns
- url /^https?:\/\/[^/]+\.github\.io\//i
- headers server /^GitHub\.com$/i
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Obfuscator-LLVM
Search URL Search Domain Scan URL
Title: (this kinda sounds like a chicken-egg problem :))
Search URL Search Domain Scan URL
Title: in the project’s repository
Search URL Search Domain Scan URL
Title: this classic reverse shell
Search URL Search Domain Scan URL
Title: this great article
Search URL Search Domain Scan URL
Title: https://github.com/HikariObfuscator/Hikari/
Search URL Search Domain Scan URL
Title: https://medium.com/@polarply/build-your-first-llvm-obfuscator-80d16583392b
Search URL Search Domain Scan URL
Title: http://www.babush.me/dumbo-llvm-based-dumb-obfuscator.html
Search URL Search Domain Scan URL
Title: https://github.com/emc2314/YANSOllvm
Search URL Search Domain Scan URL
Title: https://blog.scrt.ch/2020/06/19/engineering-antivirus-evasion/
Search URL Search Domain Scan URL
Title: https://blog.scrt.ch/2020/07/15/engineering-antivirus-evasion-part-ii/
Search URL Search Domain Scan URL
Title: this awesome workpaper
Search URL Search Domain Scan URL
Title: ADVobfuscator tool
Search URL Search Domain Scan URL
Title: https://github.com/fritzone/obfy
Search URL Search Domain Scan URL
Title: https://github.com/revsic/cpp-obfuscator
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://0xpat.github.io/Malware_development_part_6
HTTP 301
https://0xpat.github.io/Malware_development_part_6/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
0xpat.github.io/Malware_development_part_6/ Redirect Chain
|
33 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
0xpat.github.io/ |
62 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plain_decompiled.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plain_graph.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
172 KB 173 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub_decompiled.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub_graph.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
119 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcf_decompiled.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
607 KB 608 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcf_graph.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
242 KB 243 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cff.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
61 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cff_decompiled.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
193 KB 193 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cff_graph.png
0xpat.github.io/images/2021-01-25-Malware_development_part_6/ |
261 KB 262 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bkg.png
0xpat.github.io/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bullet.png
0xpat.github.io/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556952 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
0xpat.github.io
185.199.109.153
15cedb30f4f34bd48ee2f9b9c2254c76410e3cb9e5638a00022d7ff1dfb7add1
191e5fa2f6a3884ad858bb1d2ef5c7e7bb75aedb7ab1ab2f31bcdbe860cbb048
1bdc7fefaa6a873cc2028cc4257b950bacb11079f5b3b9ca0afaa7db40d874cc
2749e60371cbb27d613e9d6d067897e00cad9cc9c0f6ae6069b37ca7224e88de
30fabe33ad5ddb7bff36ab34cd198b4e6197e04e5222e3b18eaae71a7ece9b1e
31a3f0cefdc1dbc3a7e1d4a802f1651975c964084409a93f922e72fc18bc9e0f
3960b7858957eeade28addd3ae652d325d1e55f0339a501914ec6c0fd622a034
6a55de871f8825bdbb2449913170a42cee582b171e89f35d86bddf808cf3642a
810353ba40da1e22eec66d799ffecf856b248d6c78459d09707b39a4760ab6e6
87a7efa815fc9c08e00af9ea393c27dddf10b4cece4636d01332d94cd6ed5d6f
b06dc796ef7ab3d6bfdc5fea0de411575887853af6e6b32569e1f582d77c27b4
baf78c23ab1ecd5c0424a891e97ee657cddb50764770ec788882e26bd1210dea
be659f0e130aafc1fd04b1da193ff4a89da8aa0c7486238bea79f33343cbc4cb
ce087f1d38e538eee6a5084654d66a9c7b70025f2fb04a6885aab962250ea6fb
f4627cb4129c4c6943aa51abbb6f4bf5573cca04981da21b616bd71e4855b124