malware-research.org Open in urlscan Pro
2400:cb00:2048:1::6818:218 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://malware-research.org/carbanak-source-code-leaked/
Submission: On July 12 via manual (July 12th 2018, 6:48:45 am UTC) from SG

Summary HTTP 100 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 100 HTTP transactions. The main IP is 2400:cb00:2048:1::6818:218, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is malware-research.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on July 11th 2018. Valid for: 6 months.

This is the only time malware-research.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2400:cb00:204... 2400:cb00:2048:1::6818:218	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
26	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1 2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY - Fastly)
1 3	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
23	104.244.43.241 104.244.43.241	13414 (TWITTER) (TWITTER - Twitter Inc.)
29	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
5	2400:cb00:204... 2400:cb00:2048:1::6810:4ea6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY - Fastly)
1	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
100	15

5 2400:cb00:2048:1::6818:218 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

malware-research.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

malwareresearchorg.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.72 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 104.244.43.241 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:cb00:2048:1::6810:4ea6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	twimg.com cdn.syndication.twimg.com pbs.twimg.com ton.twimg.com abs.twimg.com	695 KB
29	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	766 KB
5	disquscdn.com c.disquscdn.com	192 KB
5	malware-research.org malware-research.org	339 KB
3	disqus.com malwareresearchorg.disqus.com disqus.com	24 KB
2	google-analytics.com 1 redirects www.google-analytics.com	14 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	doubleclick.net stats.g.doubleclick.net	103 B
1	gstatic.com fonts.gstatic.com	15 KB
1	jquery.com code.jquery.com	38 KB
100	10

	Domain	Requested by
27	pbs.twimg.com	malware-research.org
26	platform.twitter.com	malware-research.org platform.twitter.com
23	cdn.syndication.twimg.com	platform.twitter.com
5	c.disquscdn.com	malwareresearchorg.disqus.com
5	malware-research.org	malware-research.org
3	syndication.twitter.com	1 redirects malware-research.org
2	disqus.com	malwareresearchorg.disqus.com
2	ton.twimg.com	platform.twitter.com
2	www.google-analytics.com	1 redirects malware-research.org
2	fonts.googleapis.com	malware-research.org
1	abs.twimg.com	malware-research.org
1	malwareresearchorg.disqus.com	malware-research.org
1	stats.g.doubleclick.net	malware-research.org
1	fonts.gstatic.com	malware-research.org
1	code.jquery.com	malware-research.org
100	15

This site contains links to these domains. Also see Links.

Domain
www.minerva-labs.com
github.com
il.linkedin.com
twitter.com
s3-eu-west-1.amazonaws.com
plus.google.com
www.facebook.com

Subject Issuer	Validity	Valid
ssl388883.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-07-11` - `2019-01-17`	6 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://malware-research.org/carbanak-source-code-leaked/
Frame ID: 03648368599547778CFE6556612F80F6
Requests: 102 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html?origin=https%3A%2F%2Fmalware-research.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 02B54BE5EB2490397CB5820895BF9444
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=malwareresearchorg&t_u=https%3A%2F%2Fmalware-research.org%2Fcarbanak-source-code-leaked%2F&t_d=Mystery%20Carbanak%20-%20source%20code%20leaked%3F&t_t=Mystery%20Carbanak%20-%20source%20code%20leaked%3F&s_o=default
Frame ID: 3B5D200B6EF8CE2E9860CBA4568A2CE4
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 1EAACDEED436B641DF60EC48CE159D63
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 88084005185C2D224AA3E799702DD522
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 827795548F4FC393408A73E23A9EDEFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ghost (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /Ghost(?:\s([\d.]+))?/i

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /Ghost(?:\s([\d.]+))?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

env /^DISQUS/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

100
Requests

8 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

15
IPs

2
Countries

2084 kB
Transfer

3459 kB
Size

4
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.minerva-labs.com/
Title: Minerva

Search URL Search Domain Scan URL

URL: https://github.com/GelosSnake

Search URL Search Domain Scan URL

URL: https://il.linkedin.com/in/omrimoyal

Search URL Search Domain Scan URL

URL: https://twitter.com/GelosSnake

Search URL Search Domain Scan URL

URL: https://s3-eu-west-1.amazonaws.com/malware-research.org/blogposts/carbanak_leak/carbanak_source_code_leak_maybe.zip
Title: Here is the source code in a zip file

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://malware-research.org/carbanak-source-code-leaked/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Mystery%20Carbanak%20%20-%20source%20code%20leaked%3F&url=https://malware-research.org/carbanak-source-code-leaked/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://malware-research.org/carbanak-source-code-leaked/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=811527072&t=pageview&_s=1&dl=https%3A%2F%2Fmalware-research.org%2Fcarbanak-source-code-leaked%2F&ul=en-us&de=UTF-8&dt=Mystery%20Carbanak%20-%20source%20code%20leaked%3F&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=852943584&gjid=968178004&cid=126032867.1531378114&tid=UA-55049507-2&_gid=1741580438.1531378114&_r=1&z=1391150583 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55049507-2&cid=126032867.1531378114&jid=852943584&_gid=1741580438.1531378114&gjid=968178004&_v=j68&z=1391150583

Request Chain 105

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

100 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
malware-research.org/carbanak-source-code-leaked/ 26 KB
7 KB 97ms
70ms Document
text/html 2400:cb00:2048:1::6818:218
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:218 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a6fe2268a9586d7f213de21701ba5e535ddc371ba9a63bfde4486b600260b58f

Request headers

:method: GET
:authority: malware-research.org
:scheme: https
:path: /carbanak-source-code-leaked/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 03648368599547778CFE6556612F80F6

Response headers

status: 200
date: Thu, 12 Jul 2018 06:48:34 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=da2ea0f82f3f8f785976bafe4eddd97501531378114; expires=Fri, 12-Jul-19 06:48:34 GMT; path=/; domain=.malware-research.org; HttpOnly
x-powered-by: Express
cache-control: public, max-age=0
etag: W/"693a-AvBdcmvlsXHIv9ebw7SH6vZkwkY"
vary: Accept-Encoding
content-encoding: gzip
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4391909ccfdb64ed-FRA

GET
S 200 css
fonts.googleapis.com/ 786 B
446 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2a00:1450:4001:812::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

613904c3852f7d6738fe2b7a57b49e1b60be2fc5c0158445c2ef0ff7f49dcb23

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 12 Jul 2018 06:48:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 12 Jul 2018 06:48:34 GMT

GET
S 200 css
fonts.googleapis.com/ 2 KB
613 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2a00:1450:4001:812::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

bc4852e6d958fef6193c0cc3f2755322d3a1bda6a20fb049a38c2b63316dea9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=600
content-encoding: gzip
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Thu, 12 Jul 2018 06:48:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection: 1; mode=block
expires: Thu, 12 Jul 2018 06:48:34 GMT

GET
H2 200 all.min.css
malware-research.org/assets/build/ 15 KB
4 KB 11ms
10ms Stylesheet
text/css 2400:cb00:2048:1::6818:218
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware-research.org/assets/build/all.min.css?v=787ec881f5
Requested by: Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:218 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 009e25e259519d6ba957875cc8d3fb35ac88fc00d1777f89dece81588d4ba921

Request headers

:path: /assets/build/all.min.css?v=787ec881f5
pragma: no-cache
cookie: __cfduid=da2ea0f82f3f8f785976bafe4eddd97501531378114
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: malware-research.org
referer: https://malware-research.org/carbanak-source-code-leaked/
:scheme: https
:method: GET
Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
etag: W/"3cf0-1646f6fe78a"
cf-cache-status: HIT
last-modified: Fri, 06 Jul 2018 11:52:42 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
cf-ray: 4391909d482764ed-FRA
expires: Fri, 12 Jul 2019 06:48:34 GMT

GET
H2 200 HATSNAKEglowgritty.png
malware-research.org/content/images/2018/07/ 319 KB
319 KB 17ms
16ms Image
image/png 2400:cb00:2048:1::6818:218
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://malware-research.org/content/images/2018/07/HATSNAKEglowgritty.png
Requested by: Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:218 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe97668e7eb3cc12669ff77d9a1560d3e12495cd48c30500c9f123688b7e1bc1

Request headers

:path: /content/images/2018/07/HATSNAKEglowgritty.png
pragma: no-cache
cookie: __cfduid=da2ea0f82f3f8f785976bafe4eddd97501531378114
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: malware-research.org
referer: https://malware-research.org/carbanak-source-code-leaked/
:scheme: https
:method: GET
Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
etag: W/"4fa2c-16489655d3a"
cf-cache-status: HIT
last-modified: Wed, 11 Jul 2018 12:51:18 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 4391909d482864ed-FRA
content-length: 326188
expires: Fri, 12 Jul 2019 06:48:34 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 119 KB
35 KB 23ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B5) /
Resource Hash: 643ca3bddc30489dbdfa50b9b7c9803877371403531813b9c42fc814de0dd339

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:20:20 GMT
Server: ECS (fcn/40B5)
Etag: "50219a6a461fe892e717dd2ea6b6ebc1+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35375

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
38 KB 28ms
6ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: HTTP/1.1
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Apr 2015 16:20:58 GMT
Server: nginx
ETag: W/"553fb36a-176d5"
Vary: Accept-Encoding
X-HW: 1531378114.dop004.fr8.t,1531378114.cds014.fr8.shn,1531378114.cds014.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 38889

GET
H2 200 all.min.js Show response
malware-research.org/assets/build/ 16 KB
5 KB 11ms
11ms Script
application/javascript 2400:cb00:2048:1::6818:218
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware-research.org/assets/build/all.min.js?v=787ec881f5
Requested by: Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:218 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 348fc48731df1d2e457a0e297a76b5c440697acac51d9fc353f6d517313fb617

Request headers

:path: /assets/build/all.min.js?v=787ec881f5
pragma: no-cache
cookie: __cfduid=da2ea0f82f3f8f785976bafe4eddd97501531378114
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: malware-research.org
referer: https://malware-research.org/carbanak-source-code-leaked/
:scheme: https
:method: GET
Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
etag: W/"3ecd-1646f6fe78a"
cf-cache-status: HIT
last-modified: Fri, 06 Jul 2018 11:52:42 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
cf-ray: 4391909d482a64ed-FRA
expires: Fri, 12 Jul 2019 06:48:34 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 2165
date: Thu, 12 Jul 2018 06:12:29 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Thu, 12 Jul 2018 08:12:29 GMT

GET
S 200 0QIvMX1D_JOuMwr7I_FMl_E.woff2
fonts.gstatic.com/s/lora/v12/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v12/0QIvMX1D_JOuMwr7I_FMl_E.woff2

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3f275b5815ecd7259e3edc7f777fd0f51bd64f644ac361cc0cc74adc7f5807e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lora
Origin: https://malware-research.org

Response headers

date: Thu, 12 Jul 2018 03:42:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Nov 2017 15:24:37 GMT
server: sffe
age: 11150
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 15292
x-xss-protection: 1; mode=block
expires: Fri, 12 Jul 2019 03:42:44 GMT

GET
H2 200 kiss.woff
malware-research.org/assets/font/ 4 KB
4 KB 23ms
23ms Font
application/font-woff 2400:cb00:2048:1::6818:218
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://malware-research.org/assets/font/kiss.woff?86520779
Requested by: Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:218 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c8b6b1d128d6eef1bc8bf05b7728b32df519e658c476f136df7351f7e4d639b5

Request headers

:path: /assets/font/kiss.woff?86520779
pragma: no-cache
cookie: __cfduid=da2ea0f82f3f8f785976bafe4eddd97501531378114
origin: https://malware-research.org
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: malware-research.org
referer: https://malware-research.org/assets/build/all.min.css?v=787ec881f5
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://malware-research.org/assets/build/all.min.css?v=787ec881f5
Origin: https://malware-research.org

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
etag: W/"e94-14deef6ef71"
cf-cache-status: HIT
last-modified: Sat, 13 Jun 2015 22:07:50 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
status: 200
cache-control: public, max-age=31536000
cf-ray: 4391909d684464ed-FRA
expires: Fri, 12 Jul 2019 06:48:34 GMT

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=811527072&t=pageview&_s=1&dl=https%3A%2F%2Fmalware-research.org%2Fcarbanak-source-code-leaked%2F&ul=en-us&de=UTF-8&dt=Mystery%20Carbanak%20-%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55049507-2&cid=126032867.1531378114&jid=852943584&_gid=1741580438.1531378114&gjid=968178004&_v=j68&z=1391150583

35 B
103 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55049507-2&cid=126032867.1531378114&jid=852943584&_gid=1741580438.1531378114&gjid=968178004&_v=j68&z=1391150583

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2a00:1450:400c:c0c::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 12 Jul 2018 06:48:34 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Jul 2018 06:48:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55049507-2&cid=126032867.1531378114&jid=852943584&_gid=1741580438.1531378114&gjid=968178004&_v=j68&z=1391150583
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 417
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK embed.js Show response
malwareresearchorg.disqus.com/ 63 KB
21 KB 312ms
294ms Script
application/javascript 151.101.12.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://malwareresearchorg.disqus.com/embed.js

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

HTTP/1.1

Server

151.101.12.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

6acf132c6a3c12a151ce8133de6212a0ef74229c17641109c1db1ef0f2bddd14

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21327

GET
H/1.1 200
OK widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html
platform.twitter.com/widgets/ Frame 02B5 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html?origin=https%3A%2F%2Fmalware-research.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4198) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://malware-research.org/carbanak-source-code-leaked/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 03648368599547778CFE6556612F80F6
Referer: https://malware-research.org/carbanak-source-code-leaked/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Jul 2018 06:48:34 GMT
Etag: "6f4bb4155518386526ca164541e6b1ce+gzip"
Last-Modified: Tue, 10 Jul 2018 21:19:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4198)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5868

GET
H/1.1 200
OK tweet.94890a17f454cac616ec67c343f98d96.js Show response
platform.twitter.com/js/ 21 KB
7 KB 9ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/tweet.94890a17f454cac616ec67c343f98d96.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4193) /
Resource Hash: 06c848a7caa7a24c4e3f7c227ff28757125e258afdc887426381949295ebcf31

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4193)
Etag: "f809d8fc58c74242802208e14edd1613+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 7207

GET
S 200 syndication
syndication.twitter.com/i/jot/ 43 B
172 B 109ms
109ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1531378114296%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 103
pragma: no-cache
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a138db417e31a1b917b6a77781154cbc
x-transaction: 00de05cc003b8e50
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 6 KB
2 KB 139ms
138ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1017084469541527552&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

314aebeb103ccc1a391eac226584115684c241c0c2baee77cc344d997c367724

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 1755
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 131
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.306061,VS0,VE133
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 82da6d9b296f1f626f78dab13e4e41f0
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 6 KB
2 KB 143ms
143ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb1&ids=1017108919062290432&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

33855138dbc516c8ca09fccd2551f1ed0faed4cdf6b6ee9356ed6b1b76760fea

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 1841
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 136
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.306198,VS0,VE138
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 6200fe3ead0f1fe2ddc8049c201fbd3a
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 9 KB
2 KB 152ms
152ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb2&ids=1017149837135970304&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

098d7b287dc4a32bf4c5442e980bc7367ca01a45319c81aa5e0a26120d25514f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2248
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 145
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.306337,VS0,VE146
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 5dc7513ccf401fcff04fe6017c4ee30d
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 11 KB
3 KB 130ms
130ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb3&ids=1017093538276888576&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

4491bec3775c928d11e50c546dd30f34dd36315bd490b62f789f7b86fd3b159c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 3056
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 123
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.307257,VS0,VE124
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: ca68eb4fd7d9343318da858720965b6a
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 9 KB
2 KB 131ms
130ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb4&ids=1017131953789849602&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

84009318b6d1a27b739de27a1fb9ab7d7f9653b8e61d5d3684e7196c4b123dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2351
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 123
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.307372,VS0,VE125
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 4bba669c2d135715dc93a3ae666d02a8
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 7 KB
2 KB 139ms
139ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb5&ids=1017152905730842624&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

74f009dfeca4257b65818f285d104312cea09f0792376a38f71f0b4bbc4a2e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 1782
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 131
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.307420,VS0,VE133
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 1767f5d32e1b6546dfb39c2874901cf4
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 7 KB
2 KB 137ms
137ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb6&ids=1017143352897232897&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

f2ca033c84a0f34070f815704b2029231cc12240a97ffbb0571cf9b517ea9820

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2000
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 128
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.438040,VS0,VE130
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 0a86dbf7efafd61e58023ce421596fb4
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 139ms
139ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb7&ids=1017058024601608192&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

243e341966bfdb3fe441229ab043416150bd42dfed006873311386d2541bd282

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2136
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 131
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.438100,VS0,VE133
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 8871b36f90424c9093c0aba54ff2cb80
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 133ms
133ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb8&ids=1017062058666455040&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

93762e4b6256c53f61a1c9efbc31f37f648f0153445fa362ffe05b6711ded772

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2162
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 125
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.444996,VS0,VE127
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: d81b1f45db9356b3540aa746e71d884d
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 11 KB
3 KB 148ms
148ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb9&ids=1017064125871087618&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

2016115c8f6fa18ccad2f04fb1d8eb4145371630dccce85be25943ee8b0d9bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2473
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 141
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.447080,VS0,VE143
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 5b3ab94530af4db1177410c089afd9a9
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 140ms
140ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb10&ids=1017068957210210305&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

1a2265148b87789d560e3a2564859d299753a3b2bb8594adaf2ced15a7ad0327

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2102
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 133
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.449920,VS0,VE135
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 2ef74af5da256b0bbf542ac7cc172552
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 141ms
140ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb11&ids=1017070458007621633&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

936c8b6207d92df345d26c2a27a68dc4c884ab0770a47c790014f973f135fa61

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2176
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 132
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378114.458913,VS0,VE134
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: c826d3d6b7ed5a78684483abb2bec26e
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 142ms
141ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb12&ids=1017074293770014724&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

16b2eaccbbbb0648a0043d7e115bc6c29b515f0a59bed24caead361191fedf88

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2202
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 134
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.579141,VS0,VE136
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: bd59a34500d5eb728f2c9bd52c4bda6a
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 11 KB
2 KB 165ms
165ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb13&ids=1017075967263723521&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

224e7e17b55591dead17729ed0e89e0b6c1dcb3c0c8952c2bd7bb26db42860e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2369
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 157
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.579136,VS0,VE159
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 35d9265f96c1fca670821da41d07a10a
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 124ms
124ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb14&ids=1017077782352973827&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

f3c006d72a78ffbbd3c19a0bd306cfbb1d0fd7c1b7a0e66b9fa1910d56a028d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2135
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 116
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.579232,VS0,VE118
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 8c8a0ca23262258553c2d9ec783af5b6
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 15 KB
3 KB 167ms
167ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb15&ids=1017079441246351360&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

832d06ef797c563abe1e9af135f933dbfbb7840090c96d931ecd09ef6d8d6ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 3242
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 160
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.590875,VS0,VE161
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: bf844c26002e0085ac785d5b680a6055
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 8 KB
2 KB 139ms
139ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb16&ids=1017080501125992448&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

cace2a37b8827ba7ade9c999f9bb62c29046e4c26d7ee5208a6dbbb5e6b3fea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2258
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 131
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.595789,VS0,VE133
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: b94bd8220c0dbfe21946d4f0f0ddac92
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 7 KB
2 KB 127ms
126ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb17&ids=1017114271908581383&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

742cf624f7cbcae8570af66851bade7a4ed668bde3c8165bd62f7cd66c73e082

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 1901
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 118
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.600946,VS0,VE120
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 46eecd5695c5367e1088dbb0859a4055
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 7 KB
2 KB 132ms
132ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb18&ids=1017159978082332672&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

11b0d7b4945a03013ecd61647ca294d8039bca9ee37e5cdd1c4f8553351a1336

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 1862
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 124
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.703841,VS0,VE125
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: ca2fce7ea21887955a799ab64c8c8bab
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 9 KB
2 KB 134ms
133ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb19&ids=1017153511451176960&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

1fc7f14f1197591b622e3e6fe98a03ef3e556c0290bb408f3343f6ce1fde5fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2214
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 126
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.721128,VS0,VE128
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: bd59a34500d5eb728f2c9bd52c4bda6a
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 11 KB
3 KB 159ms
159ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb20&ids=1017171384005545985&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

d933289d9345a832641ea80499ab63f7c1b0200a832a2dbef3559c90130eea80

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2847
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 152
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.726765,VS0,VE154
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: a08ecd9ee7f7e20ea78632ab9a634e54
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 12 KB
3 KB 157ms
157ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb21&ids=1017179470409674752&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

a286f997dad6806d2447d6232ea02b52edacddfdc64ecb41d503abd87cf44cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 2902
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 150
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.735009,VS0,VE151
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 5dec12b073ef939ade266eea0b5de553
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 tweets.json Show response
cdn.syndication.twimg.com/ 6 KB
2 KB 139ms
138ms Script
application/javascript 104.244.43.241
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb22&ids=1017180271815348225&lang=en&suppress_response_codes=true&tz=GMT%2B0000

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

104.244.43.241 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

Resource Hash

ea8d16732c6a106f8cb8ce5817c568ba2fc9c1f453eb0c1899528a43bc9a5157

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
status: 200
content-disposition: attachment; filename=jsonp.jsonp
vary: Accept-Encoding
content-length: 1712
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
x-response-time: 130
last-modified: Thu, 12 Jul 2018 06:48:34 GMT
x-timer: S1531378115.745149,VS0,VE132
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
via: 1.1 varnish
cache-control: must-revalidate, max-age=60
x-connection-hash: 946a98d424efcded47e5aa063e4c55cc
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jul 2018 06:49:34 GMT

GET
S 200 MLdrCaOT
pbs.twimg.com/card_img/1015581005359575041/ 7 KB
7 KB 20ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/1015581005359575041/MLdrCaOT?format=jpg&name=144x144_2

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

e40b4cb8a844ee06501bd7e8a5bfdade80459e7268fff27598c996c2946ca5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 156
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/9 card_img/1015581005359575041
last-modified: Sat, 07 Jul 2018 12:57:14 GMT
server: ECS (fcn/4188)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3c3e6efa7762743ff63f1dbc22a1604f
accept-ranges: bytes
content-length: 7194

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
S 200 Agu6Ry5T_normal.jpg
pbs.twimg.com/profile_images/762575166283063296/ 2 KB
2 KB 13ms
12ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/762575166283063296/Agu6Ry5T_normal.jpg

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419C) /

Resource Hash

06e38b7dcf5c000be9e037c7217623cc6991ca4e96ee571ce06839493c12bc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
content-md5: whzd5deOJKrLjZ9aBpbM6w==
x-cache: HIT
status: 200
content-length: 2035
x-response-time: 132
surrogate-key: profile_images profile_images/bucket/2 profile_images/762575166283063296
last-modified: Mon, 08 Aug 2016 09:02:22 GMT
server: ECS (fcn/419C)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 783d24612d7259b2cbca2a5961e7e192
accept-ranges: bytes

GET
S 200 syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css
ton.twimg.com/tfw/css/ 43 KB
7 KB 7ms
6ms Stylesheet
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

012855cb1423bb44035532360d13878068aeee580745df244aade4d25fe75600

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 44093
x-cache: HIT
status: 200
content-length: 6771
x-response-time: 128
surrogate-key: tfw
last-modified: Tue, 03 Jul 2018 18:04:44 GMT
server: ECS (fcn/41A3)
etag: "vDNjJf1prx5xgxP1ffKXQw=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 00de71c400d3e83a
cache-control: max-age=60
perf: 6
x-connection-hash: f045adf2d09bc7711f67d5c58e038f43
accept-ranges: bytes
expires: Thu, 19 Jul 2018 06:48:34 GMT

GET
S 200 syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css
ton.twimg.com/tfw/css/ 43 KB
43 KB 7ms
6ms Image
text/css 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_b6ca60da9b93228ca492958b7d1b0b6a37402f5e.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A3) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 44093
x-cache: HIT
status: 200
content-length: 6771
x-response-time: 128
surrogate-key: tfw
last-modified: Tue, 03 Jul 2018 18:04:44 GMT
server: ECS (fcn/41A3)
etag: "vDNjJf1prx5xgxP1ffKXQw=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-transaction-id: 00de71c400d3e83a
cache-control: max-age=60
perf: 6
x-connection-hash: f045adf2d09bc7711f67d5c58e038f43
accept-ranges: bytes
expires: Thu, 19 Jul 2018 06:48:34 GMT

GET
DATA 200
OK truncated
/ 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 835 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8705507e1881c72359a5a506a500661ba6f4aa80f055e61016df90fd5c43f38f

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 559 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
S 200 hSFAIAgU_normal.jpg
pbs.twimg.com/profile_images/939094081564823553/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/939094081564823553/hSFAIAgU_normal.jpg

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

0b4125c19a4abf60a7a4794158e71274022e8256e2a09875e85994a776acbd77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 136
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/6 profile_images/939094081564823553
last-modified: Fri, 08 Dec 2017 11:25:31 GMT
server: ECS (fcn/41AA)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 16b15c60d3ad85f537311ebb2dac0b36
accept-ranges: bytes
content-length: 2567

GET
S 200 Dh2UGQeWkAA8y1y
pbs.twimg.com/media/ 42 KB
42 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh2UGQeWkAA8y1y?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4199) /

Resource Hash

f99252d93445257b132637247dfaa66bf856d530d5dc3e1524b52caf66d5dac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 131
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/7 media/1017131926078001152
last-modified: Wed, 11 Jul 2018 19:40:03 GMT
server: ECS (fcn/4199)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 844725327b2e7de4dcc467085533f358
accept-ranges: bytes
content-length: 42587

GET
S 200 4096c28436234803c4c8de553e0b7279_normal.jpeg
pbs.twimg.com/profile_images/3345306704/ 7 KB
7 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3345306704/4096c28436234803c4c8de553e0b7279_normal.jpeg

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

e19f70f99cf52c41d32de33e91a395e3c3348e1be3f465bd15c45ebb0844bb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
content-md5: JgvBC65CVAm9UozCdoLhyw==
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 246
surrogate-key: profile_images profile_images/bucket/1 profile_images/3345306704
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/41A4)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 447aba070ad972b55dbbadcbfbd23f2d
accept-ranges: bytes

GET
S 200 076_normal.jpg
pbs.twimg.com/profile_images/62329709/ 7 KB
7 KB 11ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/62329709/076_normal.jpg

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

2aa65ab20771e58027b5702e2ed45445c8af5976eafcf8ed02af0d180ce769f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
content-md5: tyQ0QGsWxT5jXltAPrR/0Q==
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 126
surrogate-key: profile_images profile_images/bucket/0 profile_images/62329709
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/4196)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1303359a7ad483928938ab9fe0f054e5
accept-ranges: bytes

GET
S 200 lounge.3999ac261b914f8b8b5e85df0ff3eaea.css
c.disquscdn.com/next/embed/styles/ 96 KB
19 KB 45ms
13ms Stylesheet
text/css 2400:cb00:2048:1::6810:4ea6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.3999ac261b914f8b8b5e85df0ff3eaea.css

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

SPDY

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c3e9dd0a587bebc22dad106e0ea25041a0a3b1e5dd14e740673b93f03e4061

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 18579
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 31 May 2018 21:35:08 GMT
server: cloudflare
fastly-debug-digest: cc3dd3c1cbf28cc886187eca3aabbd13e26c8c8bdb874f855caaa0f69188bf15
etag: "5b106a8c-4893"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 439190a01d0e64db-FRA
expires: Fri, 31 May 2019 21:43:09 GMT

GET
S 200 common.bundle.5f8e47303ecf1055cd7c6905466d140a.js Show response
c.disquscdn.com/next/embed/ 242 KB
81 KB 66ms
34ms Script
application/javascript 2400:cb00:2048:1::6810:4ea6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.5f8e47303ecf1055cd7c6905466d140a.js

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

SPDY

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9804686e0fe01d3482ea0c4db96fcf4d346f9234223bc7b5616c62dc02f51a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 82700
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 12 Jun 2018 19:00:03 GMT
server: cloudflare
fastly-debug-digest: eb2ccce16c6a063189b66149f77481d3ef2e3ad26907f366c31e5994711e8ade
etag: "5b201833-1430c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 439190a01d1064db-FRA
expires: Fri, 14 Jun 2019 18:58:20 GMT

GET
S 200 lounge.bundle.33067ddbd4792de0b384ceb588602715.js Show response
c.disquscdn.com/next/embed/ 349 KB
91 KB 51ms
20ms Script
application/javascript 2400:cb00:2048:1::6810:4ea6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.33067ddbd4792de0b384ceb588602715.js

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

SPDY

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

13927c73a5e96a302e08db898f8411fa846b9d584a857230d92213963b59a4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 93303
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 05 Jun 2018 23:20:58 GMT
server: cloudflare
fastly-debug-digest: e725be5597b7af8213cb012a8757b864c517ae43350c37948ad9e235e809528e
etag: "5b171ada-16c77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 439190a01d0f64db-FRA
expires: Wed, 05 Jun 2019 23:33:16 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 5 KB
3 KB 28ms
7ms Script
application/javascript 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

HTTP/1.1

Server

151.101.64.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

a8deb5934917c7e270c690ca3e4488d3f4731be13678ec1d9ec8658485b168f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 29
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2193
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 8ms
8ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 3B5D 0
0 130ms
130ms Document
text/html 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=malwareresearchorg&t_u=https%3A%2F%2Fmalware-research.org%2Fcarbanak-source-code-leaked%2F&t_d=Mystery%20Carbanak%20-%20source%20code%20leaked%3F&t_t=Mystery%20Carbanak%20-%20source%20code%20leaked%3F&s_o=default

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://malware-research.org/carbanak-source-code-leaked/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 03648368599547778CFE6556612F80F6
Referer: https://malware-research.org/carbanak-source-code-leaked/

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 11 Jul 2018 14:19:10 GMT
ETag: W/"lounge:view:6786490957.df9d04d7864da714b1894b6b913a7ab8.2"
Content-Encoding: gzip
Content-Length: 2476
Date: Thu, 12 Jul 2018 06:48:34 GMT
Age: 29
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
S 200 Dh2eYnvWAAATVBQ
pbs.twimg.com/media/ 21 KB
21 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh2eYnvWAAATVBQ?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A7) /

Resource Hash

e8af34af66462455971604ca554d7fc443750b81c298114b43f86a68783b5693

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 127
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/9 media/1017143236677206016
last-modified: Wed, 11 Jul 2018 20:24:59 GMT
server: ECS (fcn/41A7)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e6554d5ed048e01bb6ebece8237bc252
accept-ranges: bytes
content-length: 21769

GET
S 200 Dh1Q1BAWAAAV741
pbs.twimg.com/media/ 30 KB
31 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1Q1BAWAAAV741?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41D8) /

Resource Hash

c3622f33de052e9f5a2cdd56a3b5fb82f5394a77f4ee7a3fa37788b6edbb5d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 119
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/4 media/1017057962588766208
last-modified: Wed, 11 Jul 2018 14:46:08 GMT
server: ECS (fcn/41D8)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 78bc511946d9d5c66265bb766e52d4aa
accept-ranges: bytes
content-length: 31087

GET
S 200 Dh1a0UEX4AATlQi
pbs.twimg.com/media/ 82 KB
83 KB 12ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1a0UEX4AATlQi?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418A) /

Resource Hash

4b4fd4dc1525ecbd49cb8fe926c1c554272ebf7c744c5d2131cdf5e01b35caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 120
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/3 media/1017068945642348544
last-modified: Wed, 11 Jul 2018 15:29:47 GMT
server: ECS (fcn/418A)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4509e900b0d77a86193a9b1fe6f2fca8
accept-ranges: bytes
content-length: 84369

GET
S 200 Dh1WZrxXcAEt6xS
pbs.twimg.com/media/ 17 KB
17 KB 16ms
16ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1WZrxXcAEt6xS?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40B6) /

Resource Hash

8724c1ab1b87fd70feb5f40b16a03725286093dc1619423add8a9b89e15fed7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 172
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/5 media/1017064090102099969
last-modified: Wed, 11 Jul 2018 15:10:29 GMT
server: ECS (fcn/40B6)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 23d5f4e580a8495db85d14bcf7859cc0
accept-ranges: bytes
content-length: 17625

GET
S 200 Dh1Ui0vWAAM8Qrq
pbs.twimg.com/media/ 38 KB
38 KB 11ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1Ui0vWAAM8Qrq?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419E) /

Resource Hash

b6bdcc5379ba1d331b58ccea5b9a31e726c8a384abcae337af53c985dd8365be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 119
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/9 media/1017062048105103363
last-modified: Wed, 11 Jul 2018 15:02:23 GMT
server: ECS (fcn/419E)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c05ff1f5bbeb194f02ec0f149fab72cb
accept-ranges: bytes
content-length: 39029

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43e810fa5daa18d4b7258b6fe79c11fbed9236ed4e34ce41efd7f934b95c1818

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
S 200 Dh1b33eWAAMQtGt
pbs.twimg.com/media/ 21 KB
21 KB 9ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1b33eWAAMQtGt?format=jpg&name=360x360

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

c34cc1349e26b6ddb921db41ab68f37d4105eebf35d54928a4c6df2ea9a4daf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 174
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/5 media/1017070106197753859
last-modified: Wed, 11 Jul 2018 15:34:24 GMT
server: ECS (fcn/40D1)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: baea3eae544dab8e5c3b7217a5db369e
accept-ranges: bytes
content-length: 21814

GET
S 200 Dh1cL31X0AAKwTS
pbs.twimg.com/media/ 15 KB
15 KB 14ms
13ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1cL31X0AAKwTS?format=jpg&name=360x360

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40AD) /

Resource Hash

a3e24dafde3110ae4e4eb8b758cb015d8844edf8cf3f3b87d4e047e6a1b7478b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 155
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/3 media/1017070449891725312
last-modified: Wed, 11 Jul 2018 15:35:46 GMT
server: ECS (fcn/40AD)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5742c9d389a322cf12a15c7b6dfac55f
accept-ranges: bytes
content-length: 14970

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 6ms
5ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 6ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
S 200 Dh1fnH1XcAEbSjt
pbs.twimg.com/media/ 12 KB
13 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1fnH1XcAEbSjt?format=jpg&name=360x360

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40FD) /

Resource Hash

383c3fa8323085a3d6990e17fb2f23b90f0da903157d5bd93f8db1a8ac2dc7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 272
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/1 media/1017074216578019329
last-modified: Wed, 11 Jul 2018 15:50:44 GMT
server: ECS (fcn/40FD)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2722b96500ffd6a47a6e1b643ff56e13
accept-ranges: bytes
content-length: 12666

GET
S 200 Dh1fpTdW0AAva6E
pbs.twimg.com/media/ 40 KB
40 KB 8ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1fpTdW0AAva6E?format=jpg&name=360x360

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40EA) /

Resource Hash

92da5144fb7d471c30827aa373799ced5bacbbc0cb4ed49b70af8b468c2f2db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 216
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/5 media/1017074254058278912
last-modified: Wed, 11 Jul 2018 15:50:53 GMT
server: ECS (fcn/40EA)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5dbfcb5b925541d58c3cde608c04405c
accept-ranges: bytes
content-length: 41085

GET
S 200 e7sRsujK_normal.jpg
pbs.twimg.com/profile_images/961173522323296257/ 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/961173522323296257/e7sRsujK_normal.jpg

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AF) /

Resource Hash

58d634bb13cd1a56ba9e95226a3f94763eb18d2bacf21a4369c44f725ce7e70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 120
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/9 profile_images/961173522323296257
last-modified: Wed, 07 Feb 2018 09:41:20 GMT
server: ECS (fcn/41AF)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 098f0d6edbaa907f5e98e8f48727a1b5
accept-ranges: bytes
content-length: 1959

GET
S 200 Dh1ijFYW4AAdjQg
pbs.twimg.com/media/ 27 KB
27 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1ijFYW4AAdjQg?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D8) /

Resource Hash

ec935fbb64909ac498f03947eca80691b55a1c7e6af27bdaff179703b8fd12fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 128
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/2 media/1017077445734883328
last-modified: Wed, 11 Jul 2018 16:03:34 GMT
server: ECS (fcn/40D8)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e9eb6319bc339549bb5b6aac4f69da58
accept-ranges: bytes
content-length: 27276

GET
S 200 Dh1lA3YXcAE4YMA
pbs.twimg.com/media/ 3 KB
3 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1lA3YXcAE4YMA?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419F) /

Resource Hash

7cc34d4f2e22c171220ad58b15a01fbc4979f486254cbd35eac068b88d0aca99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 126
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/6 media/1017080156396154881
last-modified: Wed, 11 Jul 2018 16:14:20 GMT
server: ECS (fcn/419F)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 69a4ad3b4237f6bb6544620255048777
accept-ranges: bytes
content-length: 2676

GET
S 200 QqdLlw76_normal.jpg
pbs.twimg.com/profile_images/961688645777444864/ 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/961688645777444864/QqdLlw76_normal.jpg

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418B) /

Resource Hash

5e8e6eed4ef29b1280f494e2759fcfd0875a2c8aa22645c7b8b1d7692d05e558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 113
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/6 profile_images/961688645777444864
last-modified: Thu, 08 Feb 2018 19:48:15 GMT
server: ECS (fcn/418B)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fc47f1ca7d5d96ecfdc5290bd8ca159d
accept-ranges: bytes
content-length: 1579

GET
S 200 Dh1hMK3VMAA5MwN
pbs.twimg.com/media/ 46 KB
47 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh1hMK3VMAA5MwN?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

a935a700dd391929f376d1c39a84f1915c6026bd3a582abbc2361b1bc6cf8563

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 129
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/0 media/1017075952558354432
last-modified: Wed, 11 Jul 2018 15:57:38 GMT
server: ECS (fcn/41D7)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 43d2dd59ee7fb958abb1c72582a4adb1
accept-ranges: bytes
content-length: 47481

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 8ms
8ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
S 200 NUTtP7B-ibRLMV8F
pbs.twimg.com/ext_tw_video_thumb/978229537174630400/pu/img/ 39 KB
39 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/ext_tw_video_thumb/978229537174630400/pu/img/NUTtP7B-ibRLMV8F?format=jpg&name=small

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

1aa9437598c768e265f9c011789d3cdb9cffa89fa9a8f41d749a1088b29df648

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 118
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: ext_tw_video_thumb ext_tw_video_thumb/bucket/9 ext_tw_video_thumb/978229537174630400
last-modified: Mon, 26 Mar 2018 11:15:50 GMT
server: ECS (fcn/41A2)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: acd6f7294c551004ca3bb4634a6e69a6
accept-ranges: bytes
content-length: 39506

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 6ms
6ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
DATA 200
OK truncated
/ 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
S 200 1f914.png
abs.twimg.com/emoji/v2/72x72/ 1 KB
1 KB 20ms
6ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f914.png

Requested by

Host: malware-research.org
URL: https://malware-research.org/carbanak-source-code-leaked/

Protocol

SPDY

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4194) /

Resource Hash

5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1028
x-cache: HIT
status: 200
content-length: 1028
x-response-time: 9
surrogate-key: twitter-assets
last-modified: Wed, 21 Feb 2018 22:30:34 GMT
server: ECS (fcn/4194)
etag: "X7St/AzVm+1oZjkmNZWNow=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: f8f1b2dedf4e8bcee4cb494077b11f1c
accept-ranges: bytes
expires: Fri, 12 Jul 2019 06:48:34 GMT

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
13 KB 7ms
6ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/4191)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
H/1.1 200
OK tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 7ms
7ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/tweet.491ab81a49d69599f35b92d184213601.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 12 Jul 2018 06:48:34 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:19:30 GMT
Server: ECS (fcn/40E3)
Etag: "7f9742c5381a5d240c983fd9510121a3+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12763

GET
S 200 IMKI7yRw_normal.jpg
pbs.twimg.com/profile_images/980908177452609538/ 2 KB
2 KB 7ms
6ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/980908177452609538/IMKI7yRw_normal.jpg

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

7286c28936e1b9c130768fd0370997d2160c67cd83e6093d7160c2bd24d745ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 138
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/1 profile_images/980908177452609538
last-modified: Mon, 02 Apr 2018 20:39:48 GMT
server: ECS (fcn/41AA)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b926fd6f2c501e2a881eee36d138f110
accept-ranges: bytes
content-length: 1883

GET
S 200 Dh2nggkWsAE45D6
pbs.twimg.com/media/ 5 KB
5 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh2nggkWsAE45D6?format=jpg&name=small

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41B0) /

Resource Hash

51b43410a465ce761cfb3f678f3470283bcdbf8fd2433806e0f19b95572027a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 177
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/7 media/1017153267795668993
last-modified: Wed, 11 Jul 2018 21:04:51 GMT
server: ECS (fcn/41B0)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: daa71e9f6913035daabcdab1aad92111
accept-ranges: bytes
content-length: 4930

GET
S 200 POeCVOIW_normal.jpg
pbs.twimg.com/profile_images/781924841062592512/ 2 KB
2 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/781924841062592512/POeCVOIW_normal.jpg

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A8) /

Resource Hash

8f86e5f042e2a93ed6843abbd7c534088bfbb6e031c87e9f036f1729a56c28b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 118
date: Thu, 12 Jul 2018 06:48:34 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/8 profile_images/781924841062592512
last-modified: Fri, 30 Sep 2016 18:31:04 GMT
server: ECS (fcn/41A8)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5da1b964c7dcfba77a9ed228d9860c11
accept-ranges: bytes
content-length: 1807

GET
S 200 Dh2_PKoXkAY8wDe
pbs.twimg.com/media/ 60 KB
60 KB 7ms
7ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh2_PKoXkAY8wDe?format=jpg&name=small

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

8173d14c163dacc4e50cc7a1c613dab3ee81b61c7806a270c0014b38ab5fbef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 137
date: Thu, 12 Jul 2018 06:48:35 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/4 media/1017179358128214022
last-modified: Wed, 11 Jul 2018 22:48:31 GMT
server: ECS (fcn/41A1)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 574428349eeba0d23332af05bdd5bf92
accept-ranges: bytes
content-length: 61264

GET
S 200 ea29ff68ff22a9d44a09f640cf57e9d7_normal.png
pbs.twimg.com/profile_images/3576510365/ 7 KB
7 KB 8ms
7ms Image
image/png 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/3576510365/ea29ff68ff22a9d44a09f640cf57e9d7_normal.png

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A1) /

Resource Hash

9de7fb5339444fe29b789ea0b0e20753f6f48c74639deecd4701bd8adcdcb1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:35 GMT
x-content-type-options: nosniff
content-md5: aWHXCxFwm7UY2BWhmcD/+g==
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 337
surrogate-key: profile_images profile_images/bucket/9 profile_images/3576510365
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/41A1)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a08e619f23e3ee7831b7d40a79b0feb2
accept-ranges: bytes

GET
S 200 Dh22qw6XUAA5JUs
pbs.twimg.com/media/ 47 KB
47 KB 8ms
8ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/Dh22qw6XUAA5JUs?format=jpg&name=small

Protocol

SPDY

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A5) /

Resource Hash

2dcf3f8a73853ed349798b40e8f0a6e1e3fe5f2a3f16bdd55b485e98bdc06cfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 128
date: Thu, 12 Jul 2018 06:48:35 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/5 media/1017169936656060416
last-modified: Wed, 11 Jul 2018 22:11:05 GMT
server: ECS (fcn/41A5)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba8edd3da0222d37884794a327f4c6fa
accept-ranges: bytes
content-length: 47952

GET
S 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1EAA 337 B
650 B 11ms
10ms Stylesheet
text/css 2400:cb00:2048:1::6810:4ea6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

SPDY

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 13 Apr 2018 22:15:35 GMT
server: cloudflare
fastly-debug-digest: ddbb547324842fbef412f9cb6a75e494efb72ac30deb102492dc2845863dccf3
etag: "5ad12c07-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 439190a2fe9964db-FRA
expires: Wed, 17 Apr 2019 17:40:46 GMT

GET
S 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 8808 337 B
308 B 8ms
8ms Stylesheet
text/css 2400:cb00:2048:1::6810:4ea6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: malwareresearchorg.disqus.com
URL: https://malwareresearchorg.disqus.com/embed.js

Protocol

SPDY

Server

2400:cb00:2048:1::6810:4ea6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Fri, 13 Apr 2018 22:15:35 GMT
server: cloudflare
fastly-debug-digest: ddbb547324842fbef412f9cb6a75e494efb72ac30deb102492dc2845863dccf3
etag: "5ad12c07-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 439190a2fe9b64db-FRA
expires: Wed, 17 Apr 2019 17:40:46 GMT

GET
S 200 jot
syndication.twitter.com/i/ 43 B
241 B 118ms
117ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fmalware-research.org%2Fcarbanak-source-code-leaked%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22GelosSnake%22%2C%22item_ids%22%3A%5B%221017084469541527552%22%5D%2C%22item_details%22%3A%7B%221017084469541527552%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22unbucketed%22%3Atrue%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1531378115207%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%228d2dbdd%3A1531255802470%22%2C%22format_version%22%3A%228d2dbdd%3A1531255802470%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22element%22%3A%22notice%22%2C%22action%22%3A%22seen%22%7D%7D&notice_seen=true

Protocol

SPDY

Server

104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://malware-research.org/carbanak-source-code-leaked/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 12 Jul 2018 06:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 111
pragma: no-cache
last-modified: Thu, 12 Jul 2018 06:48:35 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: a138db417e31a1b917b6a77781154cbc
x-transaction: 0055862c00275dcb
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 8277
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B3) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 03648368599547778CFE6556612F80F6

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Jul 2018 06:48:35 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 10 Jul 2018 21:20:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B3)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Thu, 12 Jul 2018 06:48:35 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Thu, 12 Jul 2018 06:48:35 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: a138db417e31a1b917b6a77781154cbc
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 112
x-transaction: 003449b900b3a49c
x-tsa-request-body-time: 5
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.malware-research.org/	1970-01-18 17:22:58	Name: _gat Value: 1
.malware-research.org/	1970-01-18 17:24:24	Name: _gid Value: GA1.2.1741580438.1531378114
.malware-research.org/	1970-01-19 10:54:10	Name: _ga Value: GA1.2.126032867.1531378114
.malware-research.org/	1970-01-19 02:08:34	Name: __cfduid Value: da2ea0f82f3f8f785976bafe4eddd97501531378114

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
c.disquscdn.com
cdn.syndication.twimg.com
code.jquery.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
malware-research.org
malwareresearchorg.disqus.com
pbs.twimg.com
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
www.google-analytics.com
104.244.42.72
104.244.43.241
151.101.12.134
151.101.64.134
205.185.208.52
2400:cb00:2048:1::6810:4ea6
2400:cb00:2048:1::6818:218
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:816::2003
2a00:1450:400c:c0c::9d
009e25e259519d6ba957875cc8d3fb35ac88fc00d1777f89dece81588d4ba921
012855cb1423bb44035532360d13878068aeee580745df244aade4d25fe75600
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
06c848a7caa7a24c4e3f7c227ff28757125e258afdc887426381949295ebcf31
06e38b7dcf5c000be9e037c7217623cc6991ca4e96ee571ce06839493c12bc27
098d7b287dc4a32bf4c5442e980bc7367ca01a45319c81aa5e0a26120d25514f
0b4125c19a4abf60a7a4794158e71274022e8256e2a09875e85994a776acbd77
11b0d7b4945a03013ecd61647ca294d8039bca9ee37e5cdd1c4f8553351a1336
13927c73a5e96a302e08db898f8411fa846b9d584a857230d92213963b59a4d1
163f925fc9af176f7ed0ccebbf7e4b44604e1258aa35e1a4490aafb8298dc7c5
16b2eaccbbbb0648a0043d7e115bc6c29b515f0a59bed24caead361191fedf88
1a2265148b87789d560e3a2564859d299753a3b2bb8594adaf2ced15a7ad0327
1aa9437598c768e265f9c011789d3cdb9cffa89fa9a8f41d749a1088b29df648
1fc7f14f1197591b622e3e6fe98a03ef3e556c0290bb408f3343f6ce1fde5fb3
2016115c8f6fa18ccad2f04fb1d8eb4145371630dccce85be25943ee8b0d9bf9
224e7e17b55591dead17729ed0e89e0b6c1dcb3c0c8952c2bd7bb26db42860e6
243e341966bfdb3fe441229ab043416150bd42dfed006873311386d2541bd282
2aa65ab20771e58027b5702e2ed45445c8af5976eafcf8ed02af0d180ce769f2
2dcf3f8a73853ed349798b40e8f0a6e1e3fe5f2a3f16bdd55b485e98bdc06cfd
314aebeb103ccc1a391eac226584115684c241c0c2baee77cc344d997c367724
33855138dbc516c8ca09fccd2551f1ed0faed4cdf6b6ee9356ed6b1b76760fea
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
348fc48731df1d2e457a0e297a76b5c440697acac51d9fc353f6d517313fb617
383c3fa8323085a3d6990e17fb2f23b90f0da903157d5bd93f8db1a8ac2dc7f5
3f275b5815ecd7259e3edc7f777fd0f51bd64f644ac361cc0cc74adc7f5807e1
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
43e810fa5daa18d4b7258b6fe79c11fbed9236ed4e34ce41efd7f934b95c1818
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
4491bec3775c928d11e50c546dd30f34dd36315bd490b62f789f7b86fd3b159c
4b4fd4dc1525ecbd49cb8fe926c1c554272ebf7c744c5d2131cdf5e01b35caf9
5116f7d07677f06785887c0af23c189b541a306d6b792d605ffaf3ed9f0e912d
51b43410a465ce761cfb3f678f3470283bcdbf8fd2433806e0f19b95572027a1
58d634bb13cd1a56ba9e95226a3f94763eb18d2bacf21a4369c44f725ce7e70c
5e8e6eed4ef29b1280f494e2759fcfd0875a2c8aa22645c7b8b1d7692d05e558
613904c3852f7d6738fe2b7a57b49e1b60be2fc5c0158445c2ef0ff7f49dcb23
643ca3bddc30489dbdfa50b9b7c9803877371403531813b9c42fc814de0dd339
6acf132c6a3c12a151ce8133de6212a0ef74229c17641109c1db1ef0f2bddd14
7286c28936e1b9c130768fd0370997d2160c67cd83e6093d7160c2bd24d745ed
742cf624f7cbcae8570af66851bade7a4ed668bde3c8165bd62f7cd66c73e082
74f009dfeca4257b65818f285d104312cea09f0792376a38f71f0b4bbc4a2e94
7cc34d4f2e22c171220ad58b15a01fbc4979f486254cbd35eac068b88d0aca99
8173d14c163dacc4e50cc7a1c613dab3ee81b61c7806a270c0014b38ab5fbef4
832d06ef797c563abe1e9af135f933dbfbb7840090c96d931ecd09ef6d8d6ae4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84009318b6d1a27b739de27a1fb9ab7d7f9653b8e61d5d3684e7196c4b123dc6
84c3e9dd0a587bebc22dad106e0ea25041a0a3b1e5dd14e740673b93f03e4061
8705507e1881c72359a5a506a500661ba6f4aa80f055e61016df90fd5c43f38f
8724c1ab1b87fd70feb5f40b16a03725286093dc1619423add8a9b89e15fed7c
8f86e5f042e2a93ed6843abbd7c534088bfbb6e031c87e9f036f1729a56c28b7
92da5144fb7d471c30827aa373799ced5bacbbc0cb4ed49b70af8b468c2f2db2
936c8b6207d92df345d26c2a27a68dc4c884ab0770a47c790014f973f135fa61
93762e4b6256c53f61a1c9efbc31f37f648f0153445fa362ffe05b6711ded772
9804686e0fe01d3482ea0c4db96fcf4d346f9234223bc7b5616c62dc02f51a9b
9de7fb5339444fe29b789ea0b0e20753f6f48c74639deecd4701bd8adcdcb1ef
a286f997dad6806d2447d6232ea02b52edacddfdc64ecb41d503abd87cf44cd9
a3e24dafde3110ae4e4eb8b758cb015d8844edf8cf3f3b87d4e047e6a1b7478b
a6fe2268a9586d7f213de21701ba5e535ddc371ba9a63bfde4486b600260b58f
a8deb5934917c7e270c690ca3e4488d3f4731be13678ec1d9ec8658485b168f9
a935a700dd391929f376d1c39a84f1915c6026bd3a582abbc2361b1bc6cf8563
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b6bdcc5379ba1d331b58ccea5b9a31e726c8a384abcae337af53c985dd8365be
bc4852e6d958fef6193c0cc3f2755322d3a1bda6a20fb049a38c2b63316dea9d
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c34cc1349e26b6ddb921db41ab68f37d4105eebf35d54928a4c6df2ea9a4daf9
c3622f33de052e9f5a2cdd56a3b5fb82f5394a77f4ee7a3fa37788b6edbb5d12
c8b6b1d128d6eef1bc8bf05b7728b32df519e658c476f136df7351f7e4d639b5
cace2a37b8827ba7ade9c999f9bb62c29046e4c26d7ee5208a6dbbb5e6b3fea3
cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865
d933289d9345a832641ea80499ab63f7c1b0200a832a2dbef3559c90130eea80
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e19f70f99cf52c41d32de33e91a395e3c3348e1be3f465bd15c45ebb0844bb8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b4cb8a844ee06501bd7e8a5bfdade80459e7268fff27598c996c2946ca5a3
e8af34af66462455971604ca554d7fc443750b81c298114b43f86a68783b5693
ea8d16732c6a106f8cb8ce5817c568ba2fc9c1f453eb0c1899528a43bc9a5157
ec935fbb64909ac498f03947eca80691b55a1c7e6af27bdaff179703b8fd12fb
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f2ca033c84a0f34070f815704b2029231cc12240a97ffbb0571cf9b517ea9820
f3c006d72a78ffbbd3c19a0bd306cfbb1d0fd7c1b7a0e66b9fa1910d56a028d3
f99252d93445257b132637247dfaa66bf856d530d5dc3e1524b52caf66d5dac6
fe97668e7eb3cc12669ff77d9a1560d3e12495cd48c30500c9f123688b7e1bc1

malware-research.org Open in urlscan Pro 2400:cb00:2048:1::6818:218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

100 Requests

8 %HTTPS

64 %IPv6

10 Domains

15 Subdomains

15 IPs

2 Countries

2084 kBTransfer

3459 kBSize

4 Cookies

8 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

malware-research.org Open in urlscan Pro
2400:cb00:2048:1::6818:218 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

8 %
HTTPS

64 %
IPv6

10
Domains

15
Subdomains

15
IPs

2
Countries

2084 kB
Transfer

3459 kB
Size

4
Cookies

100 HTTP transactions
7 data transactions