securityintelligence.com Open in urlscan Pro
104.18.24.241 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Submission: On June 17 via manual (June 17th 2024, 10:18:48 pm UTC) from AU — Scanned from AU

Summary HTTP 394 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 32 IPs in 3 countries across 26 domains to perform 394 HTTP transactions. The main IP is 104.18.24.241, located in and belongs to CLOUDFLARENET, US. The main domain is securityintelligence.com. The Cisco Umbrella rank of the primary domain is 718061.
TLS certificate: Issued by E1 on May 3rd 2024. Valid for: 3 months.

This is the only time securityintelligence.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	104.18.24.241 104.18.24.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
272	23.52.231.196 23.52.231.196	16625 (AKAMAI-AS) (AKAMAI-AS)
14	172.217.167.97 172.217.167.97	15169 (GOOGLE) (GOOGLE)
2 4	104.17.248.203 104.17.248.203	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.65.244.60 18.65.244.60	16509 (AMAZON-02) (AMAZON-02)
3	142.250.67.10 142.250.67.10	15169 (GOOGLE) (GOOGLE)
9	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
5	142.250.76.110 142.250.76.110	15169 (GOOGLE) (GOOGLE)
11	18.67.93.103 18.67.93.103	16509 (AMAZON-02) (AMAZON-02)
1	216.239.36.54 216.239.36.54	15169 (GOOGLE) (GOOGLE)
1	23.216.58.187 23.216.58.187	16625 (AKAMAI-AS) (AKAMAI-AS)
5	18.65.244.94 18.65.244.94	16509 (AMAZON-02) (AMAZON-02)
1	18.67.110.3 18.67.110.3	16509 (AMAZON-02) (AMAZON-02)
2	142.250.67.8 142.250.67.8	15169 (GOOGLE) (GOOGLE)
4	3.24.67.182 3.24.67.182	16509 (AMAZON-02) (AMAZON-02)
1	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
6	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	23.32.5.109 23.32.5.109	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
1	108.158.20.71 108.158.20.71	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	18.65.244.62 18.65.244.62	16509 (AMAZON-02) (AMAZON-02)
4	52.64.144.217 52.64.144.217	16509 (AMAZON-02) (AMAZON-02)
1	18.67.93.91 18.67.93.91	16509 (AMAZON-02) (AMAZON-02)
2	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
1	18.65.244.54 18.65.244.54	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
3 6	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
2	172.217.167.67 172.217.167.67	15169 (GOOGLE) (GOOGLE)
1	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
394	32

30 104.18.24.241 (None, )

ASN13335 (CLOUDFLARENET, US)

securityintelligence.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

272 23.52.231.196 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-231-196.deploy.static.akamaitechnologies.com

1.www.s81c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www-api.ibm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.248.203 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.244.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-60.syd3.r.cloudfront.net

analytics.newscred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.76.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.67.93.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-103.syd62.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.54 (United States)

ASN15169 (GOOGLE, US)

us-central1-amp-error-reporting.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.216.58.187 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-216-58-187.deploy.static.akamaitechnologies.com

cloud.ibm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.65.244.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-94.syd3.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.110.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-3.syd62.r.cloudfront.net

scripts.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.67.8 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.24.67.182 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-24-67-182.ap-southeast-2.compute.amazonaws.com

collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.5.109 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-5-109.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.20.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-71.syd62.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.244.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-62.syd3.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.64.144.217 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-144-217.ap-southeast-2.compute.amazonaws.com

visitor-service-ap-southeast-2.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-91.syd62.r.cloudfront.net

tag-logger.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.244.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-244-54.syd3.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.68.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
271	s81c.com 1.www.s81c.com — Cisco Umbrella Rank: 49194	2 MB
30	securityintelligence.com securityintelligence.com — Cisco Umbrella Rank: 718061	648 KB
14	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 472	222 KB
11	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1321	141 KB
9	gstatic.com fonts.gstatic.com	177 KB
8	tealiumiq.com collect.tealiumiq.com — Cisco Umbrella Rank: 4169 visitor-service-ap-southeast-2.tealiumiq.com — Cisco Umbrella Rank: 246478	4 KB
6	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558	4 KB
6	bing.com bat.bing.com — Cisco Umbrella Rank: 357	31 KB
6	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3218	44 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1017	60 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 stats.g.doubleclick.net — Cisco Umbrella Rank: 132	3 KB
3	company-target.com s.company-target.com — Cisco Umbrella Rank: 1561 segments.company-target.com — Cisco Umbrella Rank: 1794 api.company-target.com — Cisco Umbrella Rank: 4480	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	3 KB
2	google.com.au www.google.com.au — Cisco Umbrella Rank: 22775	128 B
2	google.com www.google.com — Cisco Umbrella Rank: 5	128 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 2067 alb.reddit.com — Cisco Umbrella Rank: 1388	761 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1179	13 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 892	771 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	164 KB
2	demandbase.com scripts.demandbase.com — Cisco Umbrella Rank: 9837 tag-logger.demandbase.com — Cisco Umbrella Rank: 5445	24 KB
2	ibm.com www-api.ibm.com — Cisco Umbrella Rank: 74003 cloud.ibm.com — Cisco Umbrella Rank: 41438	5 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 135	19 KB
1	cloudfunctions.net us-central1-amp-error-reporting.cloudfunctions.net — Cisco Umbrella Rank: 13383	269 B
1	newscred.com analytics.newscred.com — Cisco Umbrella Rank: 105728	8 KB
394	26

	Domain	Requested by
271	1.www.s81c.com	securityintelligence.com client
30	securityintelligence.com	securityintelligence.com
14	cdn.ampproject.org	securityintelligence.com cdn.ampproject.org
11	tags.tiqcdn.com	1.www.s81c.com tags.tiqcdn.com
9	fonts.gstatic.com	fonts.googleapis.com
6	bat.bing.com	tags.tiqcdn.com bat.bing.com
6	consent.trustarc.com	tags.tiqcdn.com consent.trustarc.com
5	px.ads.linkedin.com	2 redirects snap.licdn.com
5	www.google-analytics.com	analytics.newscred.com www.google-analytics.com www.googletagmanager.com
4	visitor-service-ap-southeast-2.tealiumiq.com	tags.tiqcdn.com
4	collect.tealiumiq.com	tags.tiqcdn.com
4	unpkg.com	2 redirects securityintelligence.com
3	fonts.googleapis.com	securityintelligence.com
2	www.google.com.au
2	www.google.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	www.redditstatic.com	tags.tiqcdn.com www.redditstatic.com
2	id.rlcdn.com	2 redirects
2	www.googletagmanager.com	tags.tiqcdn.com www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	alb.reddit.com
1	pixel-config.reddit.com	www.redditstatic.com
1	tag-logger.demandbase.com	scripts.demandbase.com
1	api.company-target.com	scripts.demandbase.com
1	segments.company-target.com
1	s.company-target.com	scripts.demandbase.com
1	snap.licdn.com	tags.tiqcdn.com
1	www.googleadservices.com	tags.tiqcdn.com
1	scripts.demandbase.com	tags.tiqcdn.com
1	cloud.ibm.com	1.www.s81c.com
1	us-central1-amp-error-reporting.cloudfunctions.net	cdn.ampproject.org
1	www-api.ibm.com	1.www.s81c.com
1	analytics.newscred.com	securityintelligence.com
394	34

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.linkedin.com
www.facebook.com
www.ibm.com
malwarebreakdown.com
nakedsecurity.sophos.com
www.infosecurity-magazine.com
isc.sans.edu
openresty.org
exchange.xforce.ibmcloud.com
www.twitter.com
www.youtube.com
ibm.com

Subject Issuer	Validity	Valid
securityintelligence.com E1	`2024-05-03` - `2024-08-01`	3 months	crt.sh
www.ibm.com GeoTrust RSA CA 2018	`2023-07-20` - `2024-07-19`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.welcomesoftware.com Amazon RSA 2048 M02	`2023-12-25` - `2025-01-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
misc.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
wildcard.bluemix.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2024-03-16` - `2025-04-14`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-08-23` - `2024-09-23`	a year	crt.sh
*.tealiumiq.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.company-target.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.demandbase.com Amazon RSA 2048 M02	`2024-06-10` - `2025-07-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-30` - `2024-11-26`	6 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Frame ID: 7E69B86CD089E481E17F3BE440B341D3
Requests: 392 HTTP requests in this frame

Frame: https://s.company-target.com/s/sync?exc=lr
Frame ID: 36D6A39A796FCE5FAC2C3507E5EA5556
Requests: 1 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com
Frame ID: C31D5EC59BEAEC1FF3502664EECE7A1B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Banking Trojan IcedID Discovered by IBM X-Force Research

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

394
Requests

98 %
HTTPS

0 %
IPv6

26
Domains

34
Subdomains

32
IPs

3
Countries

3836 kB
Transfer

17103 kB
Size

45
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/intent/tweet?text=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&url=https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Search URL Search Domain Scan URL

URL: https://www.ibm.com/marketing/iwm/dre/signup?source=urx-18586&S_PKG=ov60471
Title: Read the white paper: How digital banking is transforming fraud detection

Search URL Search Domain Scan URL

URL: https://www.ibm.com/security/xforce/
Title: X-Force research

Search URL Search Domain Scan URL

URL: https://malwarebreakdown.com/2017/05/06/malspam-leads-to-malicous-word-document-which-downloads-geodoemotet-banking-malware/
Title: QakBot

Search URL Search Domain Scan URL

URL: https://nakedsecurity.sophos.com/2017/08/10/watch-out-for-emotet-the-trojan-thats-nearly-a-worm/
Title: Dridex

Search URL Search Domain Scan URL

URL: https://www.infosecurity-magazine.com/news/emotet-crimeware-adds/
Title: network worm

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/forums/diary/Malspam+pushing+Emotet+malware/22650/
Title: via malspam

Search URL Search Domain Scan URL

URL: https://isc.sans.edu/diary/rss/22658
Title: malicious macros

Search URL Search Domain Scan URL

URL: https://openresty.org/en/
Title: OpenResty

Search URL Search Domain Scan URL

URL: https://exchange.xforce.ibmcloud.com/collection/Icedid-e1afb90c4217131cca5821d00f841838
Title: X-Force Exchange

Search URL Search Domain Scan URL

URL: https://www.ibm.com/security/fraud-protection/trusteer/
Title: IBM Security Trusteer

Search URL Search Domain Scan URL

URL: http://www.twitter.com/ibmsecurity

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/company/ibm-security

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@IBMTechnology

Search URL Search Domain Scan URL

URL: http://www.ibm.com/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: © 2024 IBM

Search URL Search Domain Scan URL

URL: https://www.ibm.com/contact/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.ibm.com/privacy/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.ibm.com/legal/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US&cm_mc_uid=03001744655915532865554&cm_mc_sid_50200000=84159441565120380187
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://www.ibm.com/accessibility/?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://ibm.com/security?ce=ISM0484&ct=SWG&cmp=IBMSocial&cm=h&cr=Security&ccy=US
Title: Sponsored by .cls-1 { fill: #fff; } si-icon-eightbarfeature

Search URL Search Domain Scan URL

URL: https://www.ibm.com/privacy
Title: privacy statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js

Request Chain 28

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@11.1.4/swiper-bundle.min.css

Request Chain 347

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMXswrMGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12973m5sRsMNfgtnsOyGiM-ErZbXgihGqVwIpOeIFc_gHQ8

Request Chain 376

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9268%26time%3D1718662725522%26url%3Dhttps%253A%252F%252Fsecurityintelligence.com%252Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cookiesTest=true&liSync=true

394 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/ 143 KB
28 KB 11956ms
11836ms Document
text/html 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6159b47fb067881c2f6910753eb8702b5f0c01ada24da36a84862a45bce07950

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 89566a747a2c571b-SYD
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 17 Jun 2024 22:18:42 GMT
expires: Tue, 18 Jun 2024 02:18:42 GMT
last-modified: Mon, 17 Jun 2024 22:18:42 GMT
link: <https://securityintelligence.com/wp-json/>; rel="https://api.w.org/", <https://securityintelligence.com/wp-json/wp/v2/posts/390737>; rel="alternate"; type="application/json", <https://securityintelligence.com/?p=390737>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: cloudflare
server-timing: intid;desc=d148f70c5bb535c4
vary: Accept-Encoding

GET
H2 200 ibm-common.js Show response
1.www.s81c.com/common/stats/ 262 KB
74 KB 336ms
3ms Script
application/x-javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/stats/ibm-common.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

00e97351d5110edbfcebc73e16afb85d9c9d09696df6b06d9012d11aa2467772

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Tue, 11 Jun 2024 22:24:22 GMT
server: AkamaiNetStorage
content-md5: sNzIYNaNtDd7Pne/kPUzYQ==
etag: "b0dcc860d68db4377b3e77bf90f53361:1718144712.346345"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86848
accept-ranges: bytes
content-length: 75796
expires: Tue, 18 Jun 2024 22:26:10 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 587ms
112ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73073
x-xss-protection: 0
server: sffe
etag: "a97eff4b207291bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:42 GMT

GET
H2 200 amp-list-0.1.js Show response
cdn.ampproject.org/v0/ 42 KB
13 KB 111ms
107ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-list-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

b40171ca518b6dd358d7230c1890e1d76423338ed22d95f19a587ebda44eb0ec

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13021
x-xss-protection: 0
server: sffe
etag: "6d0eeee13538db5b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
15 KB 115ms
112ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

fefb0dcf4a8a85f14b4d96ea1a89296353ef7e17a784bd914070b67db3b7b9ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15387
x-xss-protection: 0
server: sffe
etag: "afe98a018a62dd35"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 111ms
108ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

2b07f59da28676fe2f64a694c5423538198f7163aadebcc630fd613b530f5d65

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5820
x-xss-protection: 0
server: sffe
etag: "d325a417401a4543"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-animation-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
19 KB 111ms
108ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-animation-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

bd839798395d9e9fea69c568f9449c28b96eecb756947eb0e19881158eefcdb7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18969
x-xss-protection: 0
server: sffe
etag: "106ca8ac78696390"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-position-observer-0.1.js Show response
cdn.ampproject.org/v0/ 10 KB
4 KB 107ms
104ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-position-observer-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

e3142f8f9fc481a4f365b6c3c9c774a510167924a0d450de6678f4c12fd12491

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3693
x-xss-protection: 0
server: sffe
etag: "43453e9fda776f92"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 115ms
112ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

a66ed3676d5acad73204f823a330ad283240d24b5d15a81ebfcc276a87495729

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16367
x-xss-protection: 0
server: sffe
etag: "dc3e029b194c0fd4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-autocomplete-0.1.js Show response
cdn.ampproject.org/v0/ 29 KB
9 KB 107ms
105ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-autocomplete-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

546e4bc3982abc529b8e6def8fba17b95f797a33d5a615351c3ecabbd4a32888

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9448
x-xss-protection: 0
server: sffe
etag: "71e4ab417bda7234"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 114ms
111ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

91d40010d62b672e27e66350839c5d9b0f0cf11b918d0fbe22ae28bca3bb8cc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4708
x-xss-protection: 0
server: sffe
etag: "1080e180c218a0b1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 card-section-simple.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 315 KB
32 KB 340ms
7ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2c5a8d602972048c36a43bc7204ccf206c50eb380fc209bf00b98833c26e7c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e720b5fb-23aa-44f9-be63-9b41bcd721e5
content-length: 32842
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "9aed32cd145e102091b7f6e63988d362"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e720b5fb-23aa-44f9-be63-9b41bcd721e5
cache-control: max-age=828689
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:11 GMT

GET
H2 200 card-section-simple.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 315 KB
32 KB 346ms
13ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6a342819ad55eb833b9d94923f4a3a790cbc67ffa1ec7fbc800f2682f3c2f4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0fae6e03-5561-4e0b-90d5-716f43cd091e
content-length: 32844
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "0926711a9fcae264b7b3d4138ba67e9a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0fae6e03-5561-4e0b-90d5-716f43cd091e
cache-control: max-age=61797
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:39 GMT

GET
H2 200 card-section-simple.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 239 KB
26 KB 344ms
12ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

69e90c7e56645fc910589528888c00a914b1ec05cf00c77f7ddf9d99770e9142

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dda63ec7-57a1-4ff8-b58e-424a86623fda
content-length: 26495
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "9aa4b757da692bd04b6e54a7244f1a70"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dda63ec7-57a1-4ff8-b58e-424a86623fda
cache-control: max-age=54309
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:23:51 GMT

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/v0/ 65 KB
19 KB 118ms
116ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

d0d44a9193d52db1a3210e81813ab91b841202cbb73c85dd19ef552f112b440d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19067
x-xss-protection: 0
server: sffe
etag: "b3dccc2ffc3b5a9a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@11.1.4/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js

147 KB
54 KB

15ms
14ms

Script
application/javascript

104.17.248.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Server

104.17.248.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1599352
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HZ4F7HYTW05QK200YB1C5GNR-syd
server: cloudflare
etag: "24baf-SvYRfRJkVC7ONCBpuA5fO4KwFAk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89566ac0891fa7f0-SYD

Redirect headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J0M41ESRDHDGVH8944GB88R6-syd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 473
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@11.1.4/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 89566ac06906a7f0-SYD

GET
H2 200 amp-video-0.1.js Show response
cdn.ampproject.org/v0/ 52 KB
16 KB 132ms
129ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-video-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

1b2141c05ddf511cb9d13fe61e1e97f772e12e41f34b45e2013e5c92e7eb9b28

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15909
x-xss-protection: 0
server: sffe
etag: "288f2fc27a586212"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 amp-youtube-0.1.js Show response
cdn.ampproject.org/v0/ 36 KB
11 KB 112ms
110ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

b1adc37024c81c7b878f628cf843156096426dcd8a2ca9b74dba9688b9851d09

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11219
x-xss-protection: 0
server: sffe
etag: "44759d587cd8dec7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 17 Jun 2024 22:18:43 GMT

GET
H2 200 Woman-running-on-treadmill.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/ 26 KB
26 KB 15ms
13ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/Woman-running-on-treadmill.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5465b1b664a221d0b15541bb0bec7f6ab8cebfe44d96fc087d94e9d5ced0ffe4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Thu, 06 Jun 2024 20:30:04 GMT
server: cloudflare
age: 2724
etag: "680e-61a3e8c4dbced"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89566ac2888d571b-SYD
content-length: 26638
expires: Tue, 18 Jun 2024 02:18:42 GMT

GET
H2 200 ida_stats.js Show response
1.www.s81c.com/common/stats/ 262 KB
74 KB 5ms
3ms Script
application/x-javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/stats/ida_stats.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

fcf24005b11cd05653dd1a1d3d13b8ed20f495811d5fd742ba73374eee3aa16d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
last-modified: Tue, 11 Jun 2024 22:24:14 GMT
server: AkamaiNetStorage
content-md5: LE6DF2Mqdj79L1Uhkso5jw==
etag: "2c4e8317632a763efd2f552192ca398f:1718144709.275991"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86840
accept-ranges: bytes
content-length: 75800
expires: Tue, 18 Jun 2024 22:26:02 GMT

GET
H2 200 modules.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 71 KB
10 KB 217ms
213ms Stylesheet
text/css 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/modules.css?v=1715191630
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545ef6ead6a9dc0d3d26407b68fe2249fc910d54a9657d5d32de0a856e892e13

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 08 May 2024 18:07:10 GMT
server: cloudflare
etag: "11b38-617f52bd5fb60-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 89566abe7bf6571b-SYD
content-length: 9724

GET
H2 200 style.min.css
securityintelligence.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 223ms
219ms Stylesheet
text/css 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Apr 2024 18:25:26 GMT
server: cloudflare
etag: "1bae5-615c2299bd985-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 89566abe7bf8571b-SYD
content-length: 14991

GET
H2 200 style.css
securityintelligence.com/wp-content/plugins/taxonomy-images/css/ 447 B
297 B 226ms
223ms Stylesheet
text/css 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/plugins/taxonomy-images/css/style.css?ver=0.9.6
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:01 GMT
server: cloudflare
etag: "1bf-60a227f54b752-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 89566abe7bfb571b-SYD
content-length: 217

GET
H2 200 jquery.min.js Show response
securityintelligence.com/wp-includes/js/jquery/ 86 KB
30 KB 234ms
230ms Script
application/x-javascript 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Thu, 30 Nov 2023 19:57:40 GMT
server: cloudflare
etag: "15601-60b641068b666-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 89566abe7bff571b-SYD
content-length: 30368

GET
H2 200 jquery-migrate.min.js Show response
securityintelligence.com/wp-includes/js/jquery/ 13 KB
5 KB 609ms
606ms Script
application/x-javascript 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "3509-60a227f66a926-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 89566abe7c01571b-SYD
content-length: 4872

GET
H2 200 analytics_c7caef17012f48e99285467c1b6d8423.js Show response
analytics.newscred.com/ 22 KB
8 KB 143ms
3ms Script
application/javascript 18.65.244.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-60.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3261b9d052c312bc785b144f133cb4140ef4065d95b77587538a56e6b450e57

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 21:33:19 GMT
content-encoding: gzip
via: 1.1 04fd1307f15f1ee9b65975ff5017c2f2.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jun 2024 17:51:59 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P1
age: 2724
x-amz-server-side-encryption: AES256
etag: W/"22cd4136e52491bfce49370b9caf7b7e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: vbbpO0RYjNQyhI0qwQaLRy5JjkDkQFVzLS_UVWN7sMz8-mwbFoe2Mw==

GET
H2 200 css
fonts.googleapis.com/ 10 KB
849 B 606ms
133ms Stylesheet
text/css 142.250.67.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f10.1e100.net

Software

ESF /

Resource Hash

20e00dd4e268dc8a079f63839014b0180acb03489e694d5f67c7e8ca73b9610f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 22:18:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jun 2024 22:18:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 570ms
98ms Stylesheet
text/css 142.250.67.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f10.1e100.net

Software

ESF /

Resource Hash

e878c84c5a5d323e7649bed33fee3829cbadb6ef0722d52a262099f7f906d8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 22:18:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jun 2024 22:18:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
647 B 571ms
98ms Stylesheet
text/css 142.250.67.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Serif&display=swap

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f10.1e100.net

Software

ESF /

Resource Hash

edcb16fa396f7e60ad5d1796cf74ec7ba81cb86ab93878f23c09eec468dac6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 21:51:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jun 2024 22:18:42 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@11.1.4/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@11.1.4/swiper-bundle.min.css

18 KB
6 KB

11ms
11ms

Stylesheet
text/css

104.17.248.203
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@11.1.4/swiper-bundle.min.css

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Server

104.17.248.203 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1599359
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HZ4F7AJ80KZGHYTV1SCWPPQ4-syd
server: cloudflare
etag: "47ff-d3a3yEz+9uIdA7uPkGvhHx1zZd4"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89566ac08918a7f0-SYD

Redirect headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J0M45JJENGGPYP15XJAR86HQ-syd
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 338
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@11.1.4/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 89566ac06904a7f0-SYD

GET
H2 200 single.css
securityintelligence.com/wp-content/themes/sapphire/minifications/ 71 KB
11 KB 641ms
640ms Stylesheet
text/css 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0227033bd5c1308b7c468b078482f8a512d0c3554a90a16ac95910f4b058c6d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 13 Mar 2024 19:11:39 GMT
server: cloudflare
etag: "11d79-6138f8b5af0a0-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
cf-ray: 89566abe7bfd571b-SYD
content-length: 10931

GET
H2 200 cta-section.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 92 KB
12 KB 336ms
7ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

534a72d8cbdb7e793828deb405bead2f4c57e6e6c8e4bcb70c6c1d5508e09d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 35b5785a-6e98-4581-85f5-e39efbdf69db
content-length: 12454
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "d08e76a0e2534a2d405ec768aa552d89"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 35b5785a-6e98-4581-85f5-e39efbdf69db
cache-control: max-age=828682
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:04 GMT

GET
H2 200 cta-section.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 92 KB
13 KB 341ms
13ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a70c2df9665defd3c6bcd1ecf9f29eb39f8c9ecd93e8ab522d30aa4ea25c3b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4c630696-da10-44b9-8c99-c9cbc8dbabb0
content-length: 12487
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "e1c535225493631ec8c6427afbd730a7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4c630696-da10-44b9-8c99-c9cbc8dbabb0
cache-control: max-age=71840
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:16:02 GMT

GET
H2 200 cta-section.min.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 80 KB
11 KB 346ms
17ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

82769b62d196eb232019812300ebae249a33a833797db0921447c429db379c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4f0849a5-b634-4d61-ba27-d21f8a352a44
content-length: 10752
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "bb07f2546f4434d8b5dec87d04587607"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4f0849a5-b634-4d61-ba27-d21f8a352a44
cache-control: max-age=54444
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:26:06 GMT

GET
H2 200 qppr_frontend_script.min.js Show response
securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/ 2 KB
663 B 220ms
219ms Script
application/x-javascript 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/plugins/quick-pagepost-redirect-plugin/js/qppr_frontend_script.min.js?ver=5.2.4
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:01 GMT
server: cloudflare
etag: "636-60a227f549812-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 89566abe7c03571b-SYD
content-length: 541

GET
H2 200 dbdm-data Show response
www-api.ibm.com/data-sync/ 2 KB
2 KB 675ms
322ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www-api.ibm.com/data-sync/dbdm-data?callback=_dl.fn.dataSync.callback

Requested by

Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

515ff3e09bbf3de4971f15af45a4a60b191cd9cc64e20f3463b43e1558f8516e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-powered-by: Express
etag: W/"9a0-4lwO1xQO9g2g9C2WHLI/VzbTCg0:dtagent10291240606133530e2lz"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dtSInfo;desc="0", dtRpid;desc="826922714"
content-length: 1877
x-xss-protection: 1; mode=block

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
1 KB 47ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f2c690cc6175be879d93be0ebfc16fa2e31e09ba7a536fb73b1aa5d0e05f9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fdeab434-d3ec-4a03-b797-24847aa8938f
content-length: 1177
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "d3fbccd277dc823a986d3ed1e386b9c3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fdeab434-d3ec-4a03-b797-24847aa8938f
cache-control: max-age=830399
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:41 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 25ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fc9840876318b8c21fa8718b599a2942e6e23c9e302a37274a8b19be6a439864

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8dae9985-e7c7-42fc-bb57-b9b5990d5072
content-length: 1733
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "652a317ff70442e59bbdefdfa7540f59"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8dae9985-e7c7-42fc-bb57-b9b5990d5072
cache-control: max-age=830352
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:57:54 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 32 KB
8 KB 26ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

580410bce2b2067d7f22d95475dad5abf008a95ddb3561a2eef756c431e1f35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3ffb41ea-c0e4-43dc-b029-8fe4e3eac0d0
content-length: 8364
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "3bf6e8923d8bc96696e178561bda892a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3ffb41ea-c0e4-43dc-b029-8fe4e3eac0d0
cache-control: max-age=829426
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:42:28 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 26ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

44a14fefb8c37af73e740e0cd2c36051bf2136f4bf9e834e7237c6be19d66c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 71d8a635-9919-4695-88ea-af1ceb7d966a
content-length: 3937
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "42086f88f346fe90e7038f9e96fc140b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 71d8a635-9919-4695-88ea-af1ceb7d966a
cache-control: max-age=830500
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:22 GMT

GET
H2 200 card.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 17 KB
6 KB 28ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bbc2a908d267ae71b9d9d50ea105b17c52835c0155ba62a40b4be067f4e71e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7d582b81-d416-47cb-bda3-0d327e834b89
content-length: 5417
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "ed902068ff980b9cb38551ce5bfad4ef"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7d582b81-d416-47cb-bda3-0d327e834b89
cache-control: max-age=830439
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:21 GMT

GET
H2 200 card-eyebrow.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 11 KB
4 KB 25ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-eyebrow.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cb107bfd360d379e6de729ca91b805f47a6e0affe7f814743f998d70264a671e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: df11179c-87d1-4bd9-b1f5-0435f08752ab
content-length: 3613
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "bf47b7a419b399e3b3a5b2f160fb73c0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: df11179c-87d1-4bd9-b1f5-0435f08752ab
cache-control: max-age=827315
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:07:17 GMT

GET
H2 200 card-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 14 KB
5 KB 26ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c813bcb8b6f45b885a02fa0d03cc9b499ccda7623a3b7392c84c14f18e75c3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9b12bcef-d48b-4c5f-8790-0b090231a680
content-length: 4450
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "e6263c767f10af5d283d6325cb4b89be"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9b12bcef-d48b-4c5f-8790-0b090231a680
cache-control: max-age=830408
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:50 GMT

GET
H2 200 card-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 63ms
3ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

77f5d507b3bd2c7ed625d8291b3f9a91e4ee29839781d09c67cfbe1f0f4dec49

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ce5e5cb9-82cd-43a1-a4d8-e31d5d347169
content-length: 3863
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "4521abc06cfda5b505570e93dc4a63e9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ce5e5cb9-82cd-43a1-a4d8-e31d5d347169
cache-control: max-age=830494
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:16 GMT

GET
H2 200 image-logo.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 11 KB
4 KB 55ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/image-logo.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9bb19f369be6814be10d4cf49d4755e5925e49b872341aa8fb4ea1f4ac4b90fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6d467573-7107-4071-ade4-9f7611e255c7
content-length: 3710
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "381ffc596c8b23b0760db451f77efa4d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6d467573-7107-4071-ade4-9f7611e255c7
cache-control: max-age=828690
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:12 GMT

GET
H2 200 tag-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 45 KB
8 KB 56ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/tag-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

44593cf623a1ee35822978355705c9af11033841970d543c19ee548fef0f750f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f39ed72d-1d85-4a42-9dc8-35e35e2b4904
content-length: 8068
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "b37eff0803eae8cf4741444cdf0de8f0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f39ed72d-1d85-4a42-9dc8-35e35e2b4904
cache-control: max-age=830492
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:14 GMT

GET
H2 200 tag-link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 44 KB
8 KB 56ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/tag-link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bffde2dc0f1de1372fcc64e33a129386adc36be643ed00ffeb188c06521ca2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a4acdfe1-ae49-4969-a233-505ef82bb8fe
content-length: 7936
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "e80ea1709e8ea511a2dd006136041981"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a4acdfe1-ae49-4969-a233-505ef82bb8fe
cache-control: max-age=830458
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:40 GMT

GET
H2 200 card-cta-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 13 KB
4 KB 63ms
4ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-cta-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d8c05592597de267189f0f5b92e1cff66ff3131e9d51f56adb2d33663ed76e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9b1923ed-967c-485b-adb3-c35ad0501743
content-length: 4148
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "45276c517200d818fec39674419710f7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9b1923ed-967c-485b-adb3-c35ad0501743
cache-control: max-age=830463
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:45 GMT

GET
H2 200 card-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 329 KB
33 KB 64ms
4ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bfad53aa5488b166229cc8470e7755b2ca60e6e4fa9e00de64bdbac5b564bb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 71584cdc-3d36-4dba-934a-7e4115be9000
content-length: 33313
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "ed9a5fbf275ab860d6f3ac7a523af877"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 71584cdc-3d36-4dba-934a-7e4115be9000
cache-control: max-age=830482
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:04 GMT

GET
H2 200 content-section-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 63ms
9ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c6c4aa2602e3356046f5d00ce1d6b56190e8e985618b8dc2d01e72d58ccb6492

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5b4d4704-db92-47c0-b18b-ff0c6fa1d303
content-length: 3853
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "e8a132a3e89b0396328110c73fb3a35c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5b4d4704-db92-47c0-b18b-ff0c6fa1d303
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 81 KB
9 KB 51ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ecdbd8d21ada7e09e601733e47c6451cc913b439cbea82ad83b93a96d9fa8cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2ab9d981-4518-4ce7-b243-0a10fa4fcf1f
content-length: 8977
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "fe429aa51eb3afde8a3743168509d595"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2ab9d981-4518-4ce7-b243-0a10fa4fcf1f
cache-control: max-age=828480
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:26:42 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 51ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7badf3f8d9de634e94a26ad4e6480afb424ace7b21992ecc724960c026347fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b74238b8-2104-4c19-8545-2f1bfeef020f
content-length: 3681
last-modified: Tue, 22 Aug 2023 18:01:03 GMT
server: Cleversafe
etag: "f2cee4bc4a706f2358c14c47aa229807"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b74238b8-2104-4c19-8545-2f1bfeef020f
cache-control: max-age=828682
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:04 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 10 KB
4 KB 59ms
6ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

555a116644043f85e66b58349cc49079be7192f717b8238c0ead571451c492d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 38cd086c-0888-454f-beda-b4fc2c1669a5
content-length: 3294
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "a74fea8aca62aa0330d1a115937af081"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 38cd086c-0888-454f-beda-b4fc2c1669a5
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 toPropertyKey.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 60ms
7ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/toPropertyKey.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f5846dedbc1a167297f4ea6714f75ba35da3d4049c707e3105568329b170a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3f2e2507-0575-4b7d-8e10-3834e11542b3
content-length: 1243
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "083cf563bae617538d77819eee07b00b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3f2e2507-0575-4b7d-8e10-3834e11542b3
cache-control: max-age=828470
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:26:32 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 51ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

879c800760e3d4c1180ae0a041efbeecc1420edfb13513d373e2d6c8327f5f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3123f211-d55e-4c7b-9fb2-b595c68f7293
content-length: 1477
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "2ca0cbd9ea8f310d7e96e2cfb9846b05"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3123f211-d55e-4c7b-9fb2-b595c68f7293
cache-control: max-age=830492
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:14 GMT

GET
H2 200 if-non-null.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 104ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/if-non-null.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4cdd2c5e80b344731d46a78ab0effb8b8802340c5222131514d4d4bc1787bb9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9e196920-65e3-49e6-af00-6cf0f9ae1ce3
content-length: 1041
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "489e6ac014746a8e5b4b571131e5a3e3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9e196920-65e3-49e6-af00-6cf0f9ae1ce3
cache-control: max-age=830509
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:31 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
1 KB 60ms
8ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d7082511522c4df5d87ddcabb64e2696b0b316cd7b208d2e8110089a3dc5f705

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 94ab4224-ee1e-4e95-a840-0c52c7c2283c
content-length: 1149
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "de8aa82bf0c10fc28e6b3aa62f32e6bd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 94ab4224-ee1e-4e95-a840-0c52c7c2283c
cache-control: max-age=830456
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:38 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 104ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9e5c6ffc03c35b00ba073da7047038391eae135cd65088c7667519aa25af72af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2d9f9dc7-fea4-47f9-b1de-eb815b14114d
content-length: 1110
last-modified: Tue, 22 Aug 2023 18:01:00 GMT
server: Cleversafe
etag: "8eccc3dd74ee337db5427232657cac66"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2d9f9dc7-fea4-47f9-b1de-eb815b14114d
cache-control: max-age=830100
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:53:42 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 52ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b64a42cb2d4bb0497aa1bd9f04cbe3aaafdf5e40b62bec89004b1726f0f10b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e7354b91-5aa6-4e67-82b6-9ad5de547f81
content-length: 1469
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "31aa753a5e7774e00cdaac6af4f8872c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e7354b91-5aa6-4e67-82b6-9ad5de547f81
cache-control: max-age=830208
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:55:30 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 73 KB
25 KB 61ms
8ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7c4bfbdad82735e58dd96f775aa45d11c965d9967e638e048318fc56df7dd5b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ea83e105-f03c-445c-9d74-5f646f9b148f
content-length: 25666
last-modified: Tue, 22 Aug 2023 18:01:03 GMT
server: Cleversafe
etag: "50c1b3769ed0100d916253dd6cb050c9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ea83e105-f03c-445c-9d74-5f646f9b148f
cache-control: max-age=830367
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:09 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 63ms
11ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

aa8fb84a43802c369be5cc8ffb33bb3f7099cd6c29d8c998bc49bf12f6f25241

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 849e563b-f308-4eed-96a1-8bd0cc4fdb3f
content-length: 1106
last-modified: Tue, 22 Aug 2023 18:00:53 GMT
server: Cleversafe
etag: "a8ca399241b9972d228f869d39aed40e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 849e563b-f308-4eed-96a1-8bd0cc4fdb3f
cache-control: max-age=830473
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:55 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 64ms
12ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3a530c73051135e4e846ff802b0ac00681e252200643093bcb1f095a0409cba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 55217a44-e07f-4c61-aac3-3456ad844b43
content-length: 1749
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "da18d94f1b083848510d7227b8164a8c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 55217a44-e07f-4c61-aac3-3456ad844b43
cache-control: max-age=830479
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:01 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 65ms
13ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

22eecbdf47f752eb7cec9586b3fec89b38704ed2eaab7cdb58a490552c61a437

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 69ffd0e6-b539-4713-bbcf-698a841f1c17
content-length: 1078
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "aa407b9180f3b116c8477a438fdc7449"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 69ffd0e6-b539-4713-bbcf-698a841f1c17
cache-control: max-age=830444
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:26 GMT

GET
H2 200 card2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 204 KB
20 KB 66ms
14ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

842f46a7d8ca0abc47026e28a709cb6cea557e64daad9eb91a8bff507945c92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 79ca3420-6e50-490a-addf-d286d25e4a37
content-length: 20644
last-modified: Tue, 22 Aug 2023 18:00:57 GMT
server: Cleversafe
etag: "77c8838df2cc637bf8e809268621ec63"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 79ca3420-6e50-490a-addf-d286d25e4a37
cache-control: max-age=830495
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:17 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 136 KB
17 KB 68ms
16ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1168470362c9e25221d6b6657b18253250baf449c2b6c1f1fe9db13beb2f8c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c6da4ace-f10e-4f19-a7ae-40f1457e085a
content-length: 16672
last-modified: Tue, 22 Aug 2023 18:01:03 GMT
server: Cleversafe
etag: "5b4b223a59350cf957d9164982a3c4e7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c6da4ace-f10e-4f19-a7ae-40f1457e085a
cache-control: max-age=830393
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:35 GMT

GET
H2 200 image.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 132 KB
17 KB 80ms
28ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/image.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3d4168763cc7c89e4251a5b813bc96b2a2a1cfc6b78bd01e93eb0562a2bff69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 53de9ca2-7574-4f50-8357-c73e86eb6ef3
content-length: 17471
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "4349163a9fff17a2463f61c4fb201813"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 53de9ca2-7574-4f50-8357-c73e86eb6ef3
cache-control: max-age=830452
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:34 GMT

GET
H2 200 host-listener.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 69ms
18ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/host-listener.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

75526a1f79a580e2b1452091b385354c2ef225f0d230af14f21e194f13d47c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f530b0b6-2245-4580-904e-44947fae8088
content-length: 2025
last-modified: Tue, 22 Aug 2023 18:01:00 GMT
server: Cleversafe
etag: "b14022000500342a8e1f7234af9d6a9c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f530b0b6-2245-4580-904e-44947fae8088
cache-control: max-age=830441
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:23 GMT

GET
H2 200 expressive-modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 136 KB
18 KB 69ms
19ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/expressive-modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4c5eb6a7a557ccd9622cff8e53c9b95f543c97b5411a22b726fc56f078055af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4ecb0fd3-b808-4db2-baa4-978c457a4191
content-length: 17618
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "1b08c746bf646828928aa573917f66c7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4ecb0fd3-b808-4db2-baa4-978c457a4191
cache-control: max-age=830459
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:41 GMT

GET
H2 200 modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 80 KB
9 KB 70ms
20ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fee248102959ee652ab2c28d934bbce89200a51a5cdc9968ce90f977f6dc1dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1312e7cd-74f8-40aa-afad-39275272044c
content-length: 9144
last-modified: Tue, 22 Aug 2023 18:01:04 GMT
server: Cleversafe
etag: "1606e24cbc7edbbe34729f535f704119"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1312e7cd-74f8-40aa-afad-39275272044c
cache-control: max-age=829466
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:43:08 GMT

GET
H2 200 202.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 70ms
20ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/202.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

24f0af9588d389ba730e1125fd766c1ccaf512d29d325d8cac2813d1e02ecebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d3a43e86-9ae0-47b1-99a9-312f7be5e50b
content-length: 1253
last-modified: Tue, 22 Aug 2023 18:00:55 GMT
server: Cleversafe
etag: "b3b17c62619e4601a8e4d8adebd7991a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d3a43e86-9ae0-47b1-99a9-312f7be5e50b
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 71ms
21ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5457e3f2-64dd-4475-a5ef-e9b095b552e3
content-length: 1269
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "555758947ac6d7b1171aedf648112fd2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5457e3f2-64dd-4475-a5ef-e9b095b552e3
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 lightbox-image-viewer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 134 KB
16 KB 101ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/lightbox-image-viewer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

108e3ea336fad8c51dca90cfd82f2dde7603282b773a9fa7b10a68fc5b3a3a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4fedb1db-7b61-461f-b0e8-b75fb7f983cc
content-length: 16415
last-modified: Tue, 22 Aug 2023 18:01:02 GMT
server: Cleversafe
etag: "57baf537e1bb4f76559c548e47003101"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4fedb1db-7b61-461f-b0e8-b75fb7f983cc
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 81 KB
11 KB 71ms
21ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9c8f633e0bb1e0b5e8b24936fb875ff21e28f5db929bef360731ad0adafd1653

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d44ea295-9b84-4987-81c9-a6e5832aadff
content-length: 11105
last-modified: Tue, 22 Aug 2023 18:00:55 GMT
server: Cleversafe
etag: "d400d3d44ff2972ad55ee32683e4fe97"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d44ea295-9b84-4987-81c9-a6e5832aadff
cache-control: max-age=830496
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:18 GMT

GET
H2 200 modal-render.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 5 KB
2 KB 103ms
53ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/modal-render.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c8d124da4c83eab62cb6300dab7e1c6365430c42338d3c529760a9c15dcd46f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dbd1e32b-e755-4605-a230-1ac8e3797eed
content-length: 1656
last-modified: Tue, 22 Aug 2023 18:01:04 GMT
server: Cleversafe
etag: "70c685d52b5bd085efc6841126a55e8d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dbd1e32b-e755-4605-a230-1ac8e3797eed
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 73ms
23ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c9717bdf1a395d9b36792d842da11dc0f736587439691c013c651ce5acafb3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1a73d5d7-b7fb-48c5-a246-7fb4cc005790
content-length: 1026
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "8ba56e6878e6c536a2eb82f449a89827"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1a73d5d7-b7fb-48c5-a246-7fb4cc005790
cache-control: max-age=828401
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:25:23 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 73ms
24ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4b23563b01f795fd12489dd66e36f70b33556c517c4a47de7714dfeaed3b14cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f02af9d2-4f31-4eb0-a0f8-0c2331763f16
content-length: 1194
last-modified: Tue, 22 Aug 2023 18:01:00 GMT
server: Cleversafe
etag: "b0a1cd122ab76fda7b8ecea93f986f5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f02af9d2-4f31-4eb0-a0f8-0c2331763f16
cache-control: max-age=830481
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:03 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 13 KB
4 KB 73ms
24ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d17cb7e33b4982aa013bff4d3b9aca59b461d6bcb75c9d91a12288107c30ebe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8bcc73e2-042d-409b-9146-0841959f66f8
content-length: 3607
last-modified: Tue, 22 Aug 2023 18:01:11 GMT
server: Cleversafe
etag: "2ec7088eada2e0c2184c4ec2a7d259cb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8bcc73e2-042d-409b-9146-0841959f66f8
cache-control: max-age=830432
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:14 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 67ms
25ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

aec2a44eeea6df3fe0ddd88e4f2dd5b227ef678b89ce754251060fc5160f9ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1ab54eb0-fac0-4332-89cd-1d7516ea4850
content-length: 1241
last-modified: Tue, 22 Aug 2023 18:00:55 GMT
server: Cleversafe
etag: "be0852761d88408f2bdf8d5c98ab94aa"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1ab54eb0-fac0-4332-89cd-1d7516ea4850
cache-control: max-age=830416
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:58 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 68ms
25ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3dad2475c26b0269ff5725c68d74308f0f07271473f3a8828516b21d218e9d00

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9fa75c8b-ede2-41a6-b499-db72b8b639a1
content-length: 1237
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "2ca4d6cb39daf59d6c08f0449cb15464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9fa75c8b-ede2-41a6-b499-db72b8b639a1
cache-control: max-age=828607
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:28:49 GMT

GET
H2 200 KalturaPlayer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 8 KB
3 KB 68ms
26ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/KalturaPlayer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b427f52a719026de868165a02f2bac2e8292e2b7a749e1f11fe14a71c0aed79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a02352b0-edda-45ad-bca4-c241aa051ae5
content-length: 3201
last-modified: Tue, 22 Aug 2023 18:00:53 GMT
server: Cleversafe
etag: "c99b9d40123dc5b5ef1e0f8a05d7928e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a02352b0-edda-45ad-bca4-c241aa051ae5
cache-control: max-age=828691
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:13 GMT

GET
H2 200 index2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
4 KB 68ms
26ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

efbaa31a58e8a666e4a16f95608bf41d683be39bb09d7e75c80d8ce0ce59b235

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a36743ce-5ede-44f8-b24b-40921fb39e6f
content-length: 4062
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "f825824054599d3d2ea2dd51b30a1dec"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a36743ce-5ede-44f8-b24b-40921fb39e6f
cache-control: max-age=828406
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:25:28 GMT

GET
H2 200 Analytics.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 6 KB
2 KB 72ms
31ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/Analytics.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ea19d09e274ea490bbc49dd96de986b6826b466e9a4024c6e6e066652f151093

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f9518583-e8a8-4b7e-ac97-002c36985e96
content-length: 1987
last-modified: Tue, 22 Aug 2023 18:00:52 GMT
server: Cleversafe
etag: "22e00a964cb9ed586942458b9659725a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f9518583-e8a8-4b7e-ac97-002c36985e96
cache-control: max-age=830396
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:38 GMT

GET
H2 200 index.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 68ms
27ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b0fabb6cdca970485d787ab3aa2ad69ec7be6a7e1da3d1e702431ad88f513331

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d5089146-7f7a-43e5-83e7-2f92ce0b679d
content-length: 1057
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "83705cfc0ed8a484d677ba6384f7240b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d5089146-7f7a-43e5-83e7-2f92ce0b679d
cache-control: max-age=830503
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:25 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 232 KB
23 KB 72ms
31ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

819f5f74ac359bce633d6b4f3c10981663492d901065198ca0d2df185a4a855b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f852f9ab-4817-4d4a-8923-57c184b634e7
content-length: 23505
last-modified: Tue, 22 Aug 2023 18:00:59 GMT
server: Cleversafe
etag: "cb62d7e72913879e7242d049c85d885d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f852f9ab-4817-4d4a-8923-57c184b634e7
cache-control: max-age=830535
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:57 GMT

GET
H2 200 index4.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 68ms
27ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/index4.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

520ce26b6197072574754f35e9234cdedc2ec12924558a291d6140fb39e0a8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cdbe76e2-a04a-49c9-9217-489d126ab231
content-length: 1114
last-modified: Tue, 22 Aug 2023 18:01:01 GMT
server: Cleversafe
etag: "5d7f7ec4d0ec74505102c06e5e053a62"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cdbe76e2-a04a-49c9-9217-489d126ab231
cache-control: max-age=830413
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:55 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 3 KB
1 KB 74ms
33ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f09070396827145f8cb2728f9825de55826781572964ba3394a62c8234cdb06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ae398e9d-2c80-4b9a-8265-957e01de32d2
content-length: 1192
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "4c7a033123b62ba6c9eae049bae2b0f4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ae398e9d-2c80-4b9a-8265-957e01de32d2
cache-control: max-age=830496
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:18 GMT

GET
H2 200 card-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 23 KB
5 KB 68ms
27ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c8d0dcf01dafd2c20f57fa2400fb0e95051ff11be6d9e75dcf154b9bf1e4da50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d0694875-e2e6-4da2-a42b-2c9ebc71cd20
content-length: 5049
last-modified: Tue, 22 Aug 2023 18:00:56 GMT
server: Cleversafe
etag: "b1d1ebce361fe116d1008d4d415b6136"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d0694875-e2e6-4da2-a42b-2c9ebc71cd20
cache-control: max-age=830476
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:58 GMT

GET
H2 200 play-video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 12 KB
5 KB 75ms
30ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/play-video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

801557f34e0712e2d4d8957a174f30cfc1b06f4a963e41ee46aa123c495ffabe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: da18f273-5a07-4e22-a979-7b88180ceb08
content-length: 4530
last-modified: Tue, 22 Aug 2023 18:01:04 GMT
server: Cleversafe
etag: "444c4e58493f0c91411d644afc692e3f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: da18f273-5a07-4e22-a979-7b88180ceb08
cache-control: max-age=830395
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:37 GMT

GET
H2 200 spread2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/ 4 KB
2 KB 94ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/spread2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.35.0/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 842b2d7c-ea9c-45cd-a0da-ffdc28ead2e6
content-length: 1269
last-modified: Tue, 22 Aug 2023 18:01:10 GMT
server: Cleversafe
etag: "555758947ac6d7b1171aedf648112fd2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 842b2d7c-ea9c-45cd-a0da-ffdc28ead2e6
cache-control: max-age=830465
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:47 GMT

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 75ms
31ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f52e656ea443d8568ab27dd68776e39dc7ddc03af9fa234a93e7f537287cb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c43922cd-2429-46ce-a335-186f2f6d0c8a
content-length: 959
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "ee9112816a9b0155bf35f3936c323c1e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c43922cd-2429-46ce-a335-186f2f6d0c8a
cache-control: max-age=9382
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 00:55:04 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 115ms
71ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3329f8744f63d73dc769e111107ab2e3fc688aadbbc5c26a4e64031a72ba2a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 05791a23-df03-47f1-a71b-9c3ed87936d6
content-length: 1660
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "37db46b799fbed2f1486b7184b634c5c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 05791a23-df03-47f1-a71b-9c3ed87936d6
cache-control: max-age=54340
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:22 GMT

GET
H2 200 query-assigned-elements.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 20 KB
7 KB 75ms
31ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/query-assigned-elements.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ace941f3e5f95397596ca7394eba3d53e79e7c717ba7fab29e857c4010b353b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 60b1bc0c-872b-4987-bb15-78aaf796bb79
content-length: 6918
last-modified: Mon, 11 Dec 2023 21:22:06 GMT
server: Cleversafe
etag: "e8cdaa5f4c1fce541b50d4bfd2596147"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 60b1bc0c-872b-4987-bb15-78aaf796bb79
cache-control: max-age=54409
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:31 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 83ms
40ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e0ae28c5a633fd1d7ca95e841dce0ee9614968e119122b05abe7d7bbac505558

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d8cb5909-87a9-4c2a-b553-1f347b3fec37
content-length: 3879
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "03bfb3813bc0bad7ba5c1cbbb6c152ed"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d8cb5909-87a9-4c2a-b553-1f347b3fec37
cache-control: max-age=54340
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:22 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 93ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f1ec7fd994ef08be61d7826fab880f881e7655fe756ebbedabef076769246852

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d4c54143-8c83-423f-a922-45e2c926a96c
content-length: 1062
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "503b055d5b9690784e44e087ebbacbe8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d4c54143-8c83-423f-a922-45e2c926a96c
cache-control: max-age=61763
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:05 GMT

GET
H2 200 card.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 21 KB
7 KB 83ms
40ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d22151a8ab284610169dd85aef94ae8520ea2aff3a309b196a521fcc0619afc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c4abaf72-9aa2-4105-924f-14cd56a31049
content-length: 6401
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "742ec09beb888ee0d4a2df2cf3c04d8a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c4abaf72-9aa2-4105-924f-14cd56a31049
cache-control: max-age=47893
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:36:55 GMT

GET
H2 200 card-eyebrow.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 84ms
41ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-eyebrow.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

44c9ebcdd27f2e42b1687408b43a9010aa0311a1ea4333ff589af21290e266e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1e4ceb44-7f1d-4486-b310-8d91cf56d343
content-length: 3545
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "5056ce69d29066edbf3e74328df05dee"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1e4ceb44-7f1d-4486-b310-8d91cf56d343
cache-control: max-age=61758
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:00 GMT

GET
H2 200 card-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 14 KB
5 KB 84ms
41ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

36804111118e2ad330c9e26337ae8b46cf89ffdcae9eb9cd90269004a06d8e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4b2fcd17-c47a-4e82-883d-edd8fcf5f452
content-length: 4317
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "d0d82a61201c0d82450b7c1d87e45fe3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4b2fcd17-c47a-4e82-883d-edd8fcf5f452
cache-control: max-age=61869
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:51 GMT

GET
H2 200 card-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 85ms
42ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

15bd17f46697a0c40344ca45bb526210294bdbd89f268c3f457a4d0f1956aef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d78f12e5-1d4e-47b3-9460-a6b58a7dedc6
content-length: 3795
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "0488a768dbd12b200a8a6b36f97e5c53"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d78f12e5-1d4e-47b3-9460-a6b58a7dedc6
cache-control: max-age=54431
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:53 GMT

GET
H2 200 image-logo.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 71ms
32ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/image-logo.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0fd69e78d009137906a572580d329ad4dec672810b0eec8feb54ea4b511c3078

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 10059823-3d5f-41de-a39c-ffc1c708721c
content-length: 3648
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "ff08b53682feba68d9f45ebbe9b68a0a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 10059823-3d5f-41de-a39c-ffc1c708721c
cache-control: max-age=61610
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:25:32 GMT

GET
H2 200 card-cta-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 89ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-cta-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e748d41cd9cfe01dbb54a81879719cf10802004bdf822009e81e16673a9e0bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 07aedeb1-ce97-4f9b-9f82-a7007dc4b67b
content-length: 4022
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "21b9a6d34ffdbb15c5e4508bb8122c38"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 07aedeb1-ce97-4f9b-9f82-a7007dc4b67b
cache-control: max-age=73063
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:36:25 GMT

GET
H2 200 card-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 253 KB
28 KB 89ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

af500480a770c61c159f2c95933c6b8f10f2dad5161667aaf3487cfc17a0d8a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6ff6ab5e-5a23-408b-946f-7879ad0f65b6
content-length: 27996
last-modified: Mon, 11 Dec 2023 21:21:51 GMT
server: Cleversafe
etag: "669063b2502f736220b47909494c8457"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6ff6ab5e-5a23-408b-946f-7879ad0f65b6
cache-control: max-age=61772
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:14 GMT

GET
H2 200 content-section-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 71ms
32ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

98e8a67bfc49b85d714f91c8d7fd1931c6269e2a7cb2c2e5fa554a775694abe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bbfd369c-4a4a-4a13-b20f-8f258f472fbe
content-length: 3785
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "4fb92153959b086f579e0fe73f1c918d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bbfd369c-4a4a-4a13-b20f-8f258f472fbe
cache-control: max-age=61758
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:00 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 50 KB
5 KB 90ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

45cf5e6406dc15cea5b9936a8cc17dfa66e525f541f58788ae196bd39fc59502

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f6f4ef75-2a2c-46e8-bfa8-2356c1744a23
content-length: 5046
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "e1bdb72f3b5f2c3c259437aa4e00c896"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f6f4ef75-2a2c-46e8-bfa8-2356c1744a23
cache-control: max-age=54378
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:00 GMT

GET
H2 200 state.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 71ms
33ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/state.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3be5f3576766c960983b315b072f6ca22578e2c34d97d54c27c2b44e565a8e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 44340a07-ab5f-4bd0-904f-a53f3ef852c4
content-length: 974
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "af3129e317bb6c9e5624850805c1e15d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 44340a07-ab5f-4bd0-904f-a53f3ef852c4
cache-control: max-age=61852
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:34 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 119ms
81ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8566c12e70a78fae249238e8e20989ede0f2ba0c5e54859b5a6cae6ed72a7095

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dd7134b0-badd-4ce6-9990-b604b3a71381
content-length: 1741
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "819c3d075696c145221a2126dc8e9bf2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dd7134b0-badd-4ce6-9990-b604b3a71381
cache-control: max-age=67947
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:11:09 GMT

GET
H2 200 directive.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 90ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/directive.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a2678914f25ce6f77376659fd248aa0da2f36996f4d777dba0d2dd4fc6095803

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d22047a2-267e-4c94-abde-73ee1a354528
content-length: 1106
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "0a7d2e72198662190b3a9ff7138c677e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d22047a2-267e-4c94-abde-73ee1a354528
cache-control: max-age=54397
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:19 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 8 KB
3 KB 90ms
53ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f393eb2713d80f2e7cf87f9f094f4b524eedd64e3ad0fc0a9208bb348d3359d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 54d90611-2c84-401b-bb6e-d63adf97343e
content-length: 2536
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "92a16defdf8f90f787c8f2a35cab97b7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 54d90611-2c84-401b-bb6e-d63adf97343e
cache-control: max-age=67866
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:09:48 GMT

GET
H2 200 index3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 108ms
71ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

512ad42436ff03797962addaf6aa6f3fefdda82e75fd58d30628739b49164748

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f99d3d05-de9c-4ee0-87e4-2eccbab0cc65
content-length: 3995
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "4f8c2c1e6ee5ab1e33277bef8fe5fdc7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f99d3d05-de9c-4ee0-87e4-2eccbab0cc65
cache-control: max-age=67904
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:10:26 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 79ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2dc14b2ebaa9d37bc6cb8ecda0da7588dd328660edb43a7c635d39f46a79d394

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7f24c94b-92c7-48f4-946d-faf86ecad7eb
content-length: 1039
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "9e7bbda90c668af882dda049bca88643"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7f24c94b-92c7-48f4-946d-faf86ecad7eb
cache-control: max-age=61827
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:09 GMT

GET
H2 200 index.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 90ms
53ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e63a5f14e57733c2768ffe6a3f882f125df33487603a5a1a059daf7ccdf728f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7cc6e421-c0bf-4465-9640-a688ca70c379
content-length: 986
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "d0ec029db9818c89ee77a508b0fdb8b6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7cc6e421-c0bf-4465-9640-a688ca70c379
cache-control: max-age=54395
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:17 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 90ms
54ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a43f650076aff5160d5199648cb8aba0c77431dc6118ab697006c7e677e63fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3ec00532-8065-487e-9e43-986c08b1c772
content-length: 1138
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "8947413c0190fc4dbb46a7bc8c2ec513"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3ec00532-8065-487e-9e43-986c08b1c772
cache-control: max-age=54323
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:05 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 10 KB
3 KB 90ms
54ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fb372a60a8b6705edbe2ab4c0d80b8418c5f1d26049433dd4d515c5eaa617e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bb027236-0dd6-49f4-a3bb-cb60dace610e
content-length: 2701
last-modified: Mon, 11 Dec 2023 21:22:01 GMT
server: Cleversafe
etag: "bc18f24e3d42e80704c53d3d3c18817b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bb027236-0dd6-49f4-a3bb-cb60dace610e
cache-control: max-age=67937
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:10:59 GMT

GET
H2 200 objectSpread2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 91ms
55ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/objectSpread2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8c0d06ba574de5682d0c5fce9a27ba5f0593ce31751c198b19d7bf83739a4e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4046b02a-f8a8-4c0b-8b0d-0dc1a6ffe171
content-length: 1438
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "0f53e8059faf332ff17e8c2641339c45"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4046b02a-f8a8-4c0b-8b0d-0dc1a6ffe171
cache-control: max-age=54336
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:18 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 10 KB
3 KB 79ms
44ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fc9ad7df6018269998940126df5b35af77503a3b1aabc1bf7b0fa09f38b5b333

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1fcc336e-334e-45de-bb4c-8e304055ac1e
content-length: 3218
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "c6f9683cff144c5bab27f3d02fb6e562"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1fcc336e-334e-45de-bb4c-8e304055ac1e
cache-control: max-age=61791
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:33 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 91ms
56ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

277aa765c2c0fc1eceb225af5f16552f2753e531190b61a78e1ab23b600bb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b039883b-7e0b-4ef0-b116-9e6df83c9b56
content-length: 971
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "ed037b2d1359964aeba23dc02748e56d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b039883b-7e0b-4ef0-b116-9e6df83c9b56
cache-control: max-age=54303
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:23:45 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 91ms
56ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2bea429dfcce30ae650c38ee5aa2957deed1b1f04bd81d24db0741044b025f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 07eeba52-d17d-4010-abf7-81f4c5053a28
content-length: 1368
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "5e66f671119195b4c4d66adb5a3dd3f2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 07eeba52-d17d-4010-abf7-81f4c5053a28
cache-control: max-age=61858
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:40 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 91ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cb341d420886eb30d9643840bd2017e4f74c9bb86edbee866f7e3e518495ac69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fb3f7338-6b40-43cf-83d6-e3856341e796
content-length: 1036
last-modified: Mon, 11 Dec 2023 21:21:57 GMT
server: Cleversafe
etag: "d5505f4abc086e41bbb94c65ea8be1ea"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fb3f7338-6b40-43cf-83d6-e3856341e796
cache-control: max-age=61812
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:54 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 73 KB
25 KB 105ms
71ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

87a2ae83fa4d6afce7a749def8ef96a4d1329f981f587296307c90869c580bde

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 891f7edc-2e78-4ca7-b883-232591d6dfd7
content-length: 25599
last-modified: Mon, 11 Dec 2023 21:22:02 GMT
server: Cleversafe
etag: "5ea988f16abe46bff640795e88635f4d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 891f7edc-2e78-4ca7-b883-232591d6dfd7
cache-control: max-age=54412
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:34 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 91ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

455fd63a5cee8e063c217befbf25b461788aa0e1385b2e8017422049aec2d017

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 30334189-ddb8-4f05-adaf-de1aa41559b8
content-length: 1671
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "0cd25036fe355b41d4da566a37ee6757"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 30334189-ddb8-4f05-adaf-de1aa41559b8
cache-control: max-age=61792
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:34 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 137ms
103ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4f1784ddd618453f60a7b05f4b9a28c732a42c008e2cc427babddbacd0dbbd95

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 50339ab8-9026-4a9b-a413-4e4828d63329
content-length: 1004
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "a7129ed3fcf4ac34c09036ee459b3f1c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 50339ab8-9026-4a9b-a413-4e4828d63329
cache-control: max-age=61823
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:05 GMT

GET
H2 200 card2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 170 KB
18 KB 91ms
58ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

83d7d4ad5e4725bef1d746ddbf1fc16dd065c9950a344b5ac8eb8b4a66cca642

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e5dd451e-d450-4daa-ac49-7f7932da4b99
content-length: 18233
last-modified: Mon, 11 Dec 2023 21:21:52 GMT
server: Cleversafe
etag: "a3fe5c62fc8e33365e1af5de9cb55c30"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e5dd451e-d450-4daa-ac49-7f7932da4b99
cache-control: max-age=54359
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:41 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 27 KB
8 KB 92ms
59ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8d5dfa4004f79dd34fe59fff43b7fe46c095577d58745b6a66ff677b2bfe1553

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: df7b4b6d-9e55-4246-99bd-2383797a9d29
content-length: 8280
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "60a0872e6525c725e08c7809806b6e2d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: df7b4b6d-9e55-4246-99bd-2383797a9d29
cache-control: max-age=61819
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:01 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 92ms
59ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c0d3d87b8bd38c73c165621f789cb83413e1e5a023801d8be026b8ca0617a6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ec3b27a4-be38-40fd-8508-8b7d43bbd2d7
content-length: 1144
last-modified: Mon, 11 Dec 2023 21:21:57 GMT
server: Cleversafe
etag: "cbc4d68959493a72c58ddb3be6b1b620"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ec3b27a4-be38-40fd-8508-8b7d43bbd2d7
cache-control: max-age=67879
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:10:01 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 79 KB
13 KB 105ms
72ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ba73ff4bde6333360947ed9d66ed173a7d217338d4a18a0b38a860e110e3d788

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b9686ca5-d64f-44a6-9c8a-ec7d906dcf55
content-length: 12860
last-modified: Mon, 11 Dec 2023 21:22:01 GMT
server: Cleversafe
etag: "ec1add56cf2a9201117c5e7c34c6a96a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b9686ca5-d64f-44a6-9c8a-ec7d906dcf55
cache-control: max-age=61838
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:20 GMT

GET
H2 200 20.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 92ms
60ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/20.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5ecaa6823047993e686bc225c8d2de74227f68a9758818a8a2faf37c5ecbba63

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e4ed99bc-6572-4da3-8081-08d075b35319
content-length: 1231
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "ca8b15b9570f0ae43e8150e4b838f886"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e4ed99bc-6572-4da3-8081-08d075b35319
cache-control: max-age=61874
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:56 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 93ms
60ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f52e656ea443d8568ab27dd68776e39dc7ddc03af9fa234a93e7f537287cb0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 56d0d8fb-d9a6-4da7-8245-c81ad7dee057
content-length: 959
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "ee9112816a9b0155bf35f3936c323c1e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 56d0d8fb-d9a6-4da7-8245-c81ad7dee057
cache-control: max-age=61777
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:19 GMT

GET
H2 200 image.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 75 KB
14 KB 93ms
61ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/image.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cdeb355a9ffa6456ee2917eb1e985412af551ae8d30ff799e2d2249201d740cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: db6a3b1f-4387-4099-9868-cc1a70b81dcd
content-length: 13540
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "0e54f77dd3dbd023416f3f60a86ff3f4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: db6a3b1f-4387-4099-9868-cc1a70b81dcd
cache-control: max-age=61877
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:59 GMT

GET
H2 200 host-listener.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 93ms
61ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/host-listener.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4445c246bb44fad6c54a993d4b258c1802118fa85bbccd406662c8c5c95ac123

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 037242a6-502e-4496-a4bb-f9d320da204b
content-length: 1658
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "2f1cd9a87231aae108b97883c02d8ec1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 037242a6-502e-4496-a4bb-f9d320da204b
cache-control: max-age=54454
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:26:16 GMT

GET
H2 200 expressive-modal.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 70 KB
13 KB 93ms
62ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/expressive-modal.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d1b5edc6ae60994126aa455fa391aab95e6d4c3c85356be0ce01e625cbac8ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 92e267ee-502e-4b00-8a13-c80a811e1ece
content-length: 13093
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "9f8f88e3436b9b412b665eb443c17748"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 92e267ee-502e-4b00-8a13-c80a811e1ece
cache-control: max-age=61865
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:47 GMT

GET
H2 200 expressive-modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 96ms
65ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/expressive-modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

55202926a14875494185d7df9264a3e871153129368ced8fe904da4cbe51e3fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6efe4a0d-2d9c-4c8e-80be-561b1919ae14
content-length: 3536
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "a080bcad72a71bf5f10c7e133f90775d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6efe4a0d-2d9c-4c8e-80be-561b1919ae14
cache-control: max-age=61863
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:45 GMT

GET
H2 200 modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 54 KB
8 KB 96ms
65ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fdb01d0c2c147dd308754fc4e19de4f20f4474110825eed804def2b1775c0440

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b0f50c4d-ba0d-4f38-9441-5d33bda7e8c2
content-length: 8170
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "d9c90c5f268b3a897b57ca7058ae953a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b0f50c4d-ba0d-4f38-9441-5d33bda7e8c2
cache-control: max-age=54457
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:26:19 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 97ms
66ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c05bec41bceb98e3741eec5abe5ca5db721510c1e92afabc2a222d2dfefb558d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4e0a3c0b-b1dd-48fa-9168-0b5d1c2099ac
content-length: 1190
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "0f2117d5b71736529ffea8bd91f07460"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4e0a3c0b-b1dd-48fa-9168-0b5d1c2099ac
cache-control: max-age=67841
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:09:23 GMT

GET
H2 200 lightbox-image-viewer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 77 KB
12 KB 97ms
66ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/lightbox-image-viewer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bd597b9019a5779af45853abf6ea477dec205d4b1b126ea80780ffa050570034

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3d4112d9-5d91-4f51-946e-ada076d8ecb7
content-length: 12367
last-modified: Mon, 11 Dec 2023 21:22:00 GMT
server: Cleversafe
etag: "8d2b3319cf78e44f98b942eac0700aff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3d4112d9-5d91-4f51-946e-ada076d8ecb7
cache-control: max-age=54329
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:11 GMT

GET
H2 200 button2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 80 KB
12 KB 110ms
80ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2a2ccac78fe77258cb0dcf897f713930423d19a155831adb0d4692382c879169

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1042ed11-0f2d-437c-af75-59db0342aa98
content-length: 12396
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "249c73a298fb3b62ea47e9669989579d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1042ed11-0f2d-437c-af75-59db0342aa98
cache-control: max-age=61791
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:33 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 72 KB
10 KB 97ms
67ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b0f116b6070f8658986fd7db10d550321846965128feca7d1b5ae786dad708e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: faf83809-596a-47e6-8d49-c98434653764
content-length: 10320
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "58195c8c0bf5cf9d709e2207c1139916"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: faf83809-596a-47e6-8d49-c98434653764
cache-control: max-age=54428
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:50 GMT

GET
H2 200 modal-render.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 5 KB
2 KB 122ms
92ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/modal-render.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

eb16dcbcfed35fd40c5c61f3f7cb9661c7ca7608e9ad2cb9a81752fb195c76dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9ec44604-f466-483c-9985-df7769ab177e
content-length: 1674
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "b8f3c12dc50ff91a9a80b0ccd064526f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9ec44604-f466-483c-9985-df7769ab177e
cache-control: max-age=61768
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:10 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 7 KB
3 KB 98ms
68ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ff28d591b0707bfe7a8fc66020594a85ed5d4521f1a1671623a5770d336dad4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fb27a3f6-e76f-430b-a14d-d74cd69ed660
content-length: 2512
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "7acf467bde8c22956540090097b1fe3b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fb27a3f6-e76f-430b-a14d-d74cd69ed660
cache-control: max-age=73041
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:36:03 GMT

GET
H2 200 cta2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 276 KB
28 KB 98ms
68ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b31a3b2cb739733fdf9ee5f1dfdda95bf7831e50c7085d4472ecc0ff98633df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1a5fc943-22c4-4ddc-b685-3cc6b00988f6
content-length: 28584
last-modified: Mon, 11 Dec 2023 21:21:56 GMT
server: Cleversafe
etag: "31fe7b859ef1d15bda57144cd89f9387"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1a5fc943-22c4-4ddc-b685-3cc6b00988f6
cache-control: max-age=61876
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:58 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 98ms
69ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

26691fb2a91c3fe21ac008c78b11c02853e79e82abd07fece9f7ab11b3764582

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: dabb9ba1-18e4-441d-87b0-3d5e697f3fe7
content-length: 1120
last-modified: Mon, 11 Dec 2023 21:22:16 GMT
server: Cleversafe
etag: "c045c7e13804971c2c314900d0a3fd5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: dabb9ba1-18e4-441d-87b0-3d5e697f3fe7
cache-control: max-age=61797
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:39 GMT

GET
H2 200 index5.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 139ms
110ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/index5.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8993b3ab7f762fa0645a1177e24547c2fdd729f34d1189b99e72e0c725d957cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b6eb4638-2452-4c7e-81dd-47a5fcac92c4
content-length: 1345
last-modified: Mon, 11 Dec 2023 21:21:58 GMT
server: Cleversafe
etag: "a1960d44de1dbd2cc710bcd6a489c14c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b6eb4638-2452-4c7e-81dd-47a5fcac92c4
cache-control: max-age=67870
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:09:52 GMT

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 62ms
33ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

35748f7aa812c5ab5ad698c1f82e2001f667599b7e614106ecf6fbbff84f5983

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3c06ea89-72bd-4f6a-b24e-5e78ae8327ac
content-length: 1177
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "debb11e8ba99c5a18121a38322fbf04b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3c06ea89-72bd-4f6a-b24e-5e78ae8327ac
cache-control: max-age=46186
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:28 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 64ms
35ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3278027216d38249989e1cf39be055d632e774f68118d18a5282b8cfdee08b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b5b23d42-8adc-4b9e-b07d-ec44ca077a2a
content-length: 1732
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "5eba06c8541af38ad0cbd016fcd2ea8a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b5b23d42-8adc-4b9e-b07d-ec44ca077a2a
cache-control: max-age=46250
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:32 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 32 KB
8 KB 64ms
35ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

546f45981d2584126d3157e7035c54b05115f3fe5b21b79faf6d00a6d9508b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0b1475e3-6094-4a4a-8ff8-1d788cb6a04f
content-length: 8364
last-modified: Tue, 12 Dec 2023 14:31:49 GMT
server: Cleversafe
etag: "221e07de8bce0ac6649b2749189fd7c1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0b1475e3-6094-4a4a-8ff8-1d788cb6a04f
cache-control: max-age=46220
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:02 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 115ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4daf37c4400eb748090f8ef717a92b6c2ada74d4a27206996c1c001dc2360d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8d8dcaac-479d-461a-8b7c-c2a69198b30f
content-length: 3937
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "fed4f08a205c658736e5e182edb55256"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8d8dcaac-479d-461a-8b7c-c2a69198b30f
cache-control: max-age=48039
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:21 GMT

GET
H2 200 card.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 17 KB
6 KB 116ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d2737b45406ac420fd0d05e0405a842a92dc64102ae9539385c4f5fd19df09d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 57c19ca8-cadd-41e4-97f7-dafb2ac5e22b
content-length: 5416
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "8ad64637db9932b76cfc9b9a90735815"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 57c19ca8-cadd-41e4-97f7-dafb2ac5e22b
cache-control: max-age=50839
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:26:01 GMT

GET
H2 200 card-eyebrow.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 116ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-eyebrow.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a3d562dd7f27076647d2ee17526d676491ef9fe959edd2179d5538265d8e72cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 66e91671-4338-48d3-9722-fc00b3d0d424
content-length: 3613
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "3503f24a0a4726f7b25588d48e95f06a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 66e91671-4338-48d3-9722-fc00b3d0d424
cache-control: max-age=46300
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:10:22 GMT

GET
H2 200 card-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
5 KB 116ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5f54db8a9fb067c11f77f277791ff8e8c27dc612a6eff881c233409b5e54964f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 99145cc7-512f-4a4f-a07b-7b5ee4811791
content-length: 4446
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "14e3a2f49cb50066cd090eb1df722924"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 99145cc7-512f-4a4f-a07b-7b5ee4811791
cache-control: max-age=46368
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:11:30 GMT

GET
H2 200 card-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 116ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3bdb4d576d4ad410916849e7c7d6e94f2bf3647e0fba1885b47a3b09fb262f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1d46a69a-50f1-4798-bf26-61101504aa9e
content-length: 3863
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "e14e7dbcedb35cebeb3ee4243d80661d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1d46a69a-50f1-4798-bf26-61101504aa9e
cache-control: max-age=50830
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:52 GMT

GET
H2 200 image-logo.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 104ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/image-logo.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b054619e4845729c52a31708e871e23b327a53c26d7cc52309a30d1b858fe44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 19b48b98-985a-41ca-9f60-b1e99417b679
content-length: 3710
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "c77075d7cbf915b9b4dfd68decea2c6c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 19b48b98-985a-41ca-9f60-b1e99417b679
cache-control: max-age=48131
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:40:53 GMT

GET
H2 200 tag-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 45 KB
8 KB 105ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tag-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d65b089121a7205b05eb696462e9b58048326f236f4e010c6415673f2ac42db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1e0468e2-4c6c-40d6-af6a-b698d6315844
content-length: 8067
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "3403f29e6e0ea4a7ef2249c69618007c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1e0468e2-4c6c-40d6-af6a-b698d6315844
cache-control: max-age=50681
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:23:23 GMT

GET
H2 200 tag-link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 44 KB
8 KB 105ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tag-link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c61cb46c0622deb811081ad6416cd92036f89e68e1dce91e471d92e00b0faf08

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 82d8c84d-b4b8-4fe3-a882-d534daa1ec68
content-length: 7935
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "1bbd96ba9ef20cd3af762799fc02ba77"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 82d8c84d-b4b8-4fe3-a882-d534daa1ec68
cache-control: max-age=50809
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:31 GMT

GET
H2 200 card-cta-footer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 105ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-cta-footer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e8e8a692a3d205212b325961053e9fab1e3faadc837ff38fe709efc6a62261e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 83d273ef-a7c4-423d-9395-73632fd13cad
content-length: 4147
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "e35dc2d52ce44279161581d5f553a816"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 83d273ef-a7c4-423d-9395-73632fd13cad
cache-control: max-age=46340
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:11:02 GMT

GET
H2 200 card-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 329 KB
33 KB 107ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f6fc181079860f8a70036447d0b01c27ddde9705ad9b4a85cff86e5f8d6fe991

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d1d4823e-7d25-4e25-b887-857a7e5f9499
content-length: 33313
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "c93c8e1e535edd0a986638e17d2318ef"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d1d4823e-7d25-4e25-b887-857a7e5f9499
cache-control: max-age=46257
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:39 GMT

GET
H2 200 content-section-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 127ms
73ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b11dee66c99d6b6e3444a2f66694d0f7de9a7c8d728d68690feb7b3a4d9f924d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 18d2a7d9-03ed-472e-b93e-959f8ac19643
content-length: 3853
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "7058454e4eae3a6c152acf2b8bdb4f0b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 18d2a7d9-03ed-472e-b93e-959f8ac19643
cache-control: max-age=61879
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:30:01 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 81 KB
9 KB 115ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

be3244f18ec46e3495666e8f7a9163ffac8bc1b41ec08255609fa7ed27adc30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 24bcc7a5-34b2-4707-b935-51746846a54a
content-length: 8977
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "f1a3e37754db5ea2b42b3b66ebd9ebfd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 24bcc7a5-34b2-4707-b935-51746846a54a
cache-control: max-age=46462
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:13:04 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 134ms
62ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4ad7d300b807f0923a45372fdd08592d6a85b8c17b51b9a730b82f137b700c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9d9d1244-b4ae-4b60-be8e-f065ec3aa437
content-length: 3629
last-modified: Tue, 12 Dec 2023 14:32:02 GMT
server: Cleversafe
etag: "1e550986036bfd6b710413202f519eff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9d9d1244-b4ae-4b60-be8e-f065ec3aa437
cache-control: max-age=46263
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:45 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 10 KB
4 KB 115ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9edc28759e1866c29cc73e8b388ac0b1b044e93cca651a8da39102e263b525a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9262d3de-1dfb-49bd-b968-0a8f1f5eb7fa
content-length: 3294
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "d1680ca225bf52cd3d4c00020f9f2752"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9262d3de-1dfb-49bd-b968-0a8f1f5eb7fa
cache-control: max-age=79148
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 20:17:50 GMT

GET
H2 200 toPropertyKey.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 61ms
36ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/toPropertyKey.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bbc367f73bc831632abae23bd931a4b50ebabe6bb1a36a89e48c9e5ec3dfea8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 83d446e6-d614-462a-ade8-0ead6f9e6c47
content-length: 1242
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "7c88b4f8a2f4def1d8a6b9a40faace8b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 83d446e6-d614-462a-ade8-0ead6f9e6c47
cache-control: max-age=79141
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 20:17:43 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 61ms
36ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8f19c6d6e152827203ecdde3583ef11e2f28ff0b8903beca54647f255949deaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 87812628-6338-41ec-9a58-49d6adf3e5ef
content-length: 1477
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "a7c84b7008f080615dd200aacba1e1ee"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 87812628-6338-41ec-9a58-49d6adf3e5ef
cache-control: max-age=48058
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:40 GMT

GET
H2 200 if-non-null.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 61ms
37ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/if-non-null.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bd14d0b978a5aaa57bf28684442136fe2afdb7e4768a81a5365d75250b032321

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1f340d03-0f41-4274-a765-8cb0d3887705
content-length: 1041
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "db036fee260ecc20ffe2bdabb84c6979"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1f340d03-0f41-4274-a765-8cb0d3887705
cache-control: max-age=46245
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:27 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 62ms
37ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1590392832c5c7e5fcfa0e76a406b9f40aa3384fa6d1a392c06cfff47633a920

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 727223ee-9446-48db-a3af-4c48a9230f0b
content-length: 1148
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "de9bb21ffec8151769033f0447c75ad6"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 727223ee-9446-48db-a3af-4c48a9230f0b
cache-control: max-age=50781
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:03 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 67ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e7cbc8627c6e593075352516c356c6789b7ae8d73a3f8f67d468529bbc94c4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c0dae7d8-6c7b-42a4-94be-079ea0cd310e
content-length: 1109
last-modified: Tue, 12 Dec 2023 14:31:57 GMT
server: Cleversafe
etag: "0c42d9baaa811fa1800e78b0a8e6c86f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c0dae7d8-6c7b-42a4-94be-079ea0cd310e
cache-control: max-age=50718
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:24:00 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 63ms
39ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

70e86f96c689b4d31fd726460660ff73fd3a4643ede63ad358ce9cbebbc3de05

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2a2f06a5-6606-4dab-950c-f60b28368b43
content-length: 1468
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "2cff5a2fff232bd480476463ef4eabe1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2a2f06a5-6606-4dab-950c-f60b28368b43
cache-control: max-age=46227
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:09 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 73 KB
25 KB 93ms
58ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5f300ce5623ab42dd2e013b707265acb5fc74b76592b04a22bc21c512c36a564

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bf156d17-d5bf-46b3-91b2-8a4958da06bb
content-length: 25666
last-modified: Tue, 12 Dec 2023 14:32:03 GMT
server: Cleversafe
etag: "6fc2834aafb6c38fb38a0ac57f1200ff"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bf156d17-d5bf-46b3-91b2-8a4958da06bb
cache-control: max-age=46307
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:10:29 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 68ms
33ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e8247375044496d06ad9447a156f1bbc1e2a50e2895041ae5552d5554d3d5d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9d75ee42-e27f-49f3-b008-297bd45487aa
content-length: 1106
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "e6a3b5009a4d6938b6d83889e55fedf3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9d75ee42-e27f-49f3-b008-297bd45487aa
cache-control: max-age=46199
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:41 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 68ms
34ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6c725974f1982b5ec1aeff0f5546683467d3a6808c686f77448bb56a438d1498

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: eb174102-ce37-42e0-8df2-6cb75b2ce2cb
content-length: 1748
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "353ad170bca7e131804bd8a2f9346aee"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: eb174102-ce37-42e0-8df2-6cb75b2ce2cb
cache-control: max-age=48068
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:50 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 125ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

10c32fc3bd960b57290d4469a55b9c3a970f58f72f3b37455d44b1f4885878ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 919b00dd-19db-4d3c-b7a7-185733e05442
content-length: 1078
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "b525f7ce9c789c23e4990ea12812fe39"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 919b00dd-19db-4d3c-b7a7-185733e05442
cache-control: max-age=46171
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:13 GMT

GET
H2 200 card2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 204 KB
20 KB 122ms
48ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

05382ca2c2ab1254bdae63c9fd696e83b884f86bb55618949ecb0dea59a5df06

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d0926589-9657-4276-8043-594ecbdcdc04
content-length: 20644
last-modified: Tue, 12 Dec 2023 14:31:52 GMT
server: Cleversafe
etag: "555bb02af27f869bad0168a95fb5cdd0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d0926589-9657-4276-8043-594ecbdcdc04
cache-control: max-age=48992
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:55:14 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 136 KB
17 KB 118ms
44ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

14b7e944a6eda6ba9615565de04c802af737a984edff3d66a2e46b2eb1cdbb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 40268abd-4d56-4472-984d-4bc6c850c6b8
content-length: 16661
last-modified: Tue, 12 Dec 2023 14:32:02 GMT
server: Cleversafe
etag: "7bb666d5bf4cfb9c05ee45ab5ac8f74d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 40268abd-4d56-4472-984d-4bc6c850c6b8
cache-control: max-age=46216
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:58 GMT

GET
H2 200 image.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 132 KB
17 KB 95ms
56ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/image.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0fc1ffd7c6b0b952f94e417532ede23e2f88ddea35dce894f03ed7e9ebfc9cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 25ca5cac-3222-4133-a0a8-6362d9fe8562
content-length: 17474
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "85f1b75de2ec26a288c7767457d4b11d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 25ca5cac-3222-4133-a0a8-6362d9fe8562
cache-control: max-age=46311
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:10:33 GMT

GET
H2 200 host-listener.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 96ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/host-listener.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d0f02fdf609ea86efc0155d8b7964bfdc08250b3920043644f831e7c28b4a9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a0a49b80-93f6-4be0-9f62-99d30c47c550
content-length: 2026
last-modified: Tue, 12 Dec 2023 14:31:58 GMT
server: Cleversafe
etag: "c009c868a2a0a9dd11f72f881df47279"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a0a49b80-93f6-4be0-9f62-99d30c47c550
cache-control: max-age=40167
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 09:28:09 GMT

GET
H2 200 expressive-modal.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 128 KB
17 KB 134ms
95ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/expressive-modal.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d9da5f743ccda2f1bc3c85cc1df42f8280feffc35dc75c38dc95b996b2369fa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 44e8a8f3-7275-48e9-8c4d-cd23fce186d5
content-length: 17367
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "f2d9cd06c66367c29aaa235d19209a0c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 44e8a8f3-7275-48e9-8c4d-cd23fce186d5
cache-control: max-age=50778
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:00 GMT

GET
H2 200 expressive-modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 96ms
58ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/expressive-modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c870aabc7adf8c354ea4a86cab2e1e6d254c829247988df9f26e6e78778d1d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1e3fafef-8088-40a2-a70a-b82c08f8c34c
content-length: 3601
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "5add5ff68d4f62c4784c206b06f6ffb5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1e3fafef-8088-40a2-a70a-b82c08f8c34c
cache-control: max-age=48066
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:48 GMT

GET
H2 200 modal-close-button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 80 KB
9 KB 129ms
91ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/modal-close-button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

40e39a2a1a1a5149a3303e38b732ac43b1c69edba7b42ab2d8688429a0fcd244

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b723a36e-94c5-4bd4-8ffc-831cc612b27a
content-length: 9144
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "d7308d403b9417d7526cfae154932d4c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b723a36e-94c5-4bd4-8ffc-831cc612b27a
cache-control: max-age=46196
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:38 GMT

GET
H2 200 202.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 114ms
42ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/202.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

588b5f84ecbbc7124ca8a9e90d2a80a3c8157db7898467e7b23a5d735c9e78fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c639cd05-6873-47cd-9e14-faa8ece2527f
content-length: 1252
last-modified: Tue, 12 Dec 2023 14:31:47 GMT
server: Cleversafe
etag: "9f01516ec7d07c264e22f282a5584408"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c639cd05-6873-47cd-9e14-faa8ece2527f
cache-control: max-age=14168
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 02:14:50 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 128ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: babe8f54-281f-4ef1-9128-c932631d4226
content-length: 1268
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "92191be29d1a12e0168221ffe8116f90"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: babe8f54-281f-4ef1-9128-c932631d4226
cache-control: max-age=46195
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:37 GMT

GET
H2 200 lightbox-image-viewer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 134 KB
16 KB 113ms
42ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/lightbox-image-viewer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

acc61f08e979d54268daa7615e1121c83687a2eece1a1de04ca00a6aad397e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 366112fa-e0d7-4103-ae48-356e715346b3
content-length: 16417
last-modified: Tue, 12 Dec 2023 14:32:01 GMT
server: Cleversafe
etag: "70f7892951d80b2fb318b6b4ed2ba148"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 366112fa-e0d7-4103-ae48-356e715346b3
cache-control: max-age=46393
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:11:55 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 81 KB
11 KB 131ms
60ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d86a381a8750a3e22956160bca45b26a41ae9068078382f7db7b59bca0962739

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 51baa22a-5779-4553-96e3-68d993eec30a
content-length: 11105
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "1d4b014808262e448f4a508d01c3f4c2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 51baa22a-5779-4553-96e3-68d993eec30a
cache-control: max-age=46294
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:10:16 GMT

GET
H2 200 modal-render.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 113ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/modal-render.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4051bad11cd51207e434739953716de9f70ca00012652b1178c449a9da6842ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fa94f828-72de-498b-a3d0-ed917f86b6e4
content-length: 1734
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "f2af730be191190497b8ac927191a861"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fa94f828-72de-498b-a3d0-ed917f86b6e4
cache-control: max-age=54569
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:28:11 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 122ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

58e96e00197e9b0750a7e98d02cb2f0aaa333de489c33ff02a72310dc361b6d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 404fccea-62ce-4b4f-9985-4cb779fbe7cf
content-length: 1025
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "94f5bab287781f6d2483ab613ed9eade"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 404fccea-62ce-4b4f-9985-4cb779fbe7cf
cache-control: max-age=13891
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 02:10:13 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 123ms
54ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

16302338afc2c7ecff024cad37c76d5ead033b25fcf4ba6354c6a31cffe8ae34

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f277da98-5cee-4f61-938e-d532ac2c34b6
content-length: 1194
last-modified: Tue, 12 Dec 2023 14:31:57 GMT
server: Cleversafe
etag: "0cacbe5eb1d62af587312aa706ad92f7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f277da98-5cee-4f61-938e-d532ac2c34b6
cache-control: max-age=50733
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:24:15 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 119ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ab94e9181ccfa0fbd37d9523154d1b8e27825737b0228d14e2ef14396d1d9f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 39d5e70f-1754-4ff4-a3e3-1697235195d3
content-length: 3606
last-modified: Tue, 12 Dec 2023 14:32:19 GMT
server: Cleversafe
etag: "52eb19c9761145ed213e92d81970febf"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 39d5e70f-1754-4ff4-a3e3-1697235195d3
cache-control: max-age=50809
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:31 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 113ms
44ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

04b235fb0434ba2996a7adad1f77b7044133f11d7a0fd1fbdde3c027d761a7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4e65d11d-eb18-4a3e-9ea0-2bd86983f3b2
content-length: 1241
last-modified: Tue, 12 Dec 2023 14:31:47 GMT
server: Cleversafe
etag: "77256b516144911d2a1db4d9bbbec384"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4e65d11d-eb18-4a3e-9ea0-2bd86983f3b2
cache-control: max-age=50806
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:28 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 129ms
73ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c0c68ee99978a72f6b30031323c8b4793e97e24ff03adb6edb22ffa7d5d6a24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a0059d63-4ec2-4d5e-a049-92c2dc595267
content-length: 1236
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "1f064723fd185b9ab855b837ea1d572a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a0059d63-4ec2-4d5e-a049-92c2dc595267
cache-control: max-age=46240
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:09:22 GMT

GET
H2 200 KalturaPlayer.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 8 KB
3 KB 93ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/KalturaPlayer.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

25db506c7e7a025930194b8b4653366c93eee617991a4eca157ba477386b9ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 13e23879-1526-4610-847a-7023a5a2763f
content-length: 3201
last-modified: Tue, 12 Dec 2023 14:31:46 GMT
server: Cleversafe
etag: "44cfdea4c61e1c3fe3817d38842ddc65"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 13e23879-1526-4610-847a-7023a5a2763f
cache-control: max-age=43965
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 10:31:27 GMT

GET
H2 200 index3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 98ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c9787b0f5966042b61044d6bf6b50de04fe2e8bd595554f41df9d6e7ea533de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 66dfa9dd-e70e-4f2b-9583-b0aef4979d9e
content-length: 4081
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "640741e42da19281f039c8c2236150a4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 66dfa9dd-e70e-4f2b-9583-b0aef4979d9e
cache-control: max-age=48037
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:19 GMT

GET
H2 200 Analytics.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 6 KB
2 KB 93ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/Analytics.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

27727943226d9adecce7b1378afd2eeb5e62a975975ffead5486615ed0f6c055

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 06d8ecf4-828d-44f3-a0e0-bfd41de628ba
content-length: 1986
last-modified: Tue, 12 Dec 2023 14:31:46 GMT
server: Cleversafe
etag: "6d829b153b3b5a326cbf4a71d8100583"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 06d8ecf4-828d-44f3-a0e0-bfd41de628ba
cache-control: max-age=47995
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:38:37 GMT

GET
H2 200 index.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 93ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e94dea6a076445d2063bbe7101fa33c8fb6cdd723863eb5c25eeaa81e3736b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 550fe1a2-359a-4c9a-bcde-860ff14f7632
content-length: 1057
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "7452bc45639068c36eb711cd01030901"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 550fe1a2-359a-4c9a-bcde-860ff14f7632
cache-control: max-age=46190
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:32 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 232 KB
23 KB 94ms
53ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

06f22cc39b965efddd2d8217790e7208ab61420129339a1dc960829719dd5137

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8c700555-d229-46a5-a037-0bfb68b75f09
content-length: 23505
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "3bc779eeb89c8bc8fe07beb66db73cde"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8c700555-d229-46a5-a037-0bfb68b75f09
cache-control: max-age=46217
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:59 GMT

GET
H2 200 index5.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 103ms
48ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/index5.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

27f02b94e79640b905bf25c89495d09fb0950faeea56a852e10f855f12c56d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d7280bed-b606-4c66-89c9-60d5a4b1f29e
content-length: 1113
last-modified: Tue, 12 Dec 2023 14:31:59 GMT
server: Cleversafe
etag: "afcae01440d8fa4cf6ef7fcaac6dbe49"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d7280bed-b606-4c66-89c9-60d5a4b1f29e
cache-control: max-age=67373
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:01:35 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 121ms
66ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7aa21b9b8893d784d946e1f07e965831823018cc6123fb0f97ec2c38cf7e0403

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 60b8cef9-c3fc-4f6f-8bfe-67cf3de12723
content-length: 1191
last-modified: Tue, 12 Dec 2023 14:32:16 GMT
server: Cleversafe
etag: "60d122e7d5ab2c5ca87b812286522f79"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 60b8cef9-c3fc-4f6f-8bfe-67cf3de12723
cache-control: max-age=46410
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:12:12 GMT

GET
H2 200 card-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 23 KB
5 KB 122ms
67ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a6d5adaf3a68ff52fcdcf50861572525528e6dbb2199724333e23f7367f9fb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8cc6138b-fd4f-4686-a8d4-871198ca2967
content-length: 5049
last-modified: Tue, 12 Dec 2023 14:31:51 GMT
server: Cleversafe
etag: "42a703cd63d04acc52291a79b711f540"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8cc6138b-fd4f-4686-a8d4-871198ca2967
cache-control: max-age=46312
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:10:34 GMT

GET
H2 200 play-video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
5 KB 103ms
48ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/play-video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7fea1aa753e5c23f4c56cfbd2707ea5a17b15b74ebd85c57128ff4499152379f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 411134dc-d190-492c-ba00-e611a780c058
content-length: 4530
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "38b2dde046d224e001bce86b78085dfc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 411134dc-d190-492c-ba00-e611a780c058
cache-control: max-age=48058
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:40 GMT

GET
H2 200 spread2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 103ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/spread2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/card-section-simple.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:42 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 77666f90-37d6-4608-924e-a32fb3f1bc20
content-length: 1268
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "92191be29d1a12e0168221ffe8116f90"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 77666f90-37d6-4608-924e-a32fb3f1bc20
cache-control: max-age=46189
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:31 GMT

GET
BLOB 200
OK f4f37a68-7197-48cc-aef6-41be1047144d
https://securityintelligence.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securityintelligence.com/f4f37a68-7197-48cc-aef6-41be1047144d
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 414ms
14ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 20:08:53 GMT
x-content-type-options: nosniff
age: 180590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Jun 2025 20:08:53 GMT

GET
H2 200 logo-white.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 8 KB
3 KB 472ms
457ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/logo-white.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2136-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3492c571b-SYD
content-length: 3207

GET
H2 200 search.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 951 B
571 B 289ms
275ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/search.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "3b7-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3492f571b-SYD
content-length: 491

GET
H2 200 close.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 455 B
415 B 468ms
455ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/close.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "1c7-60a227f614a20-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac34931571b-SYD
content-length: 294

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 12 KB
4 KB 117ms
6ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jun 2024 10:06:12 GMT
age: 130351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "d6baacf2ffc164c5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 16 Jun 2025 10:06:12 GMT

GET
H2 200 loading.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 564 B
463 B 428ms
427ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/loading.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44a55e68b0089ee691777917ed9bf22f764251c0a7f0253024a8b27c2278a8c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "234-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac37954571b-SYD
content-length: 377

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 301ms
16ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:36:54 GMT
x-content-type-options: nosniff
age: 333709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 01:36:54 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 303ms
19ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjXr8AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 05:09:42 GMT
x-content-type-options: nosniff
age: 234541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20352
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Jun 2025 05:09:42 GMT

GET
H2 200 scroll-to-top.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 715 B
539 B 216ms
216ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/scroll-to-top.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2cb-60a227f62f002-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3a980571b-SYD
content-length: 424

GET
H2 200 arrow-right.svg
securityintelligence.com/wp-content/themes/sapphire/images/ 743 B
533 B 381ms
381ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/arrow-right.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/wp-content/themes/sapphire/minifications/single.css?v=1710357099
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2e7-60a227f614a20-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3c99b571b-SYD
content-length: 453

GET
H2 200 LimorK22-head.png
securityintelligence.com/wp-content/uploads/2022/08/ 290 KB
291 KB 381ms
381ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2022/08/LimorK22-head.png
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a471adff76be3d1424ea51211c2d61f0f1ac441be15e86ce6606d50b7789fc24

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:56 GMT
server: cloudflare
etag: "4892a-60a22829b8941"
vary: Accept
content-type: image/webp
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 89566ac3c99e571b-SYD
content-length: 297258

GET
H2 200 default-pic.jpg
securityintelligence.com/wp-content/themes/sapphire/images/ 76 KB
76 KB 384ms
384ms Image
image/jpeg 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/default-pic.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9b0dd77d7e31d1d0d9e319a81b838f3641cbd982bb5c9ad45d68cda1ca4e99

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "12ea0-60a227f614a20"
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 89566ac3c9a0571b-SYD
content-length: 77472

GET
H2 200 tal_darsan.png
securityintelligence.com/wp-content/uploads/2019/03/ 11 KB
12 KB 845ms
844ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2019/03/tal_darsan.png
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b35308dc2d61f097257b0ad2cb3b7308276a9f50e288f1ca99a0434080cd0673

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:44 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:57 GMT
server: cloudflare
etag: "2d8e-60a2282aa9cb1"
vary: Accept
content-type: image/webp
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 89566ac3c9a1571b-SYD
content-length: 11662

GET
H2 200 Agayev_Tomer.jpg
securityintelligence.com/wp-content/uploads/2016/06/ 12 KB
12 KB 844ms
844ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/uploads/2016/06/Agayev_Tomer.jpg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b78c84d51eee5fd2e57b890b669c0fec62c832c1c6841034b332a2f8d27e1c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:44 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:58 GMT
server: cloudflare
etag: "2f76-60a2282b8d561"
vary: Accept
content-type: image/webp
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 89566ac3c9a2571b-SYD
content-length: 12150

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 258ms
17ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjR7_AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 10:11:51 GMT
x-content-type-options: nosniff
age: 130012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20716
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Jun 2025 10:11:51 GMT

GET
H2 200 Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 19 KB
19 KB 259ms
18ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8lN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYapyK4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

374c61fb8261a766c9a6d5d78a36047aa8f82ac86e5811008d3131de82795413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 19:41:23 GMT
x-content-type-options: nosniff
age: 355040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19828
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:35:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 19:41:23 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 19 KB
19 KB 259ms
18ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY4S7bvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

2e50fd20cc0430024ee9914d1b372f4d98d4490712ca7eb0cda9d786e3a2b07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 10:15:44 GMT
x-content-type-options: nosniff
age: 129779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19428
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:28:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Jun 2025 10:15:44 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 19 KB
20 KB 256ms
15ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

cdf398f0b57b04f7174b818d55ed5b1d0462802e2cd327aac8c11d2602ef39ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 10:09:14 GMT
x-content-type-options: nosniff
age: 130169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19944
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:34:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Jun 2025 10:09:14 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 255ms
14ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans:200,300,400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 16:44:52 GMT
x-content-type-options: nosniff
age: 279231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 16:44:52 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v14/ 20 KB
20 KB 253ms
13ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v14/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Condensed:300,400,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

bb18d4166211ffb4d0b77cd388bfbb4d89718a11ba413ee5fbca320fe0f2cc2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 10:13:22 GMT
x-content-type-options: nosniff
age: 129921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20004
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:29:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Jun 2025 10:13:22 GMT

GET
H2 200 new-banking-trojan-icedid-discovered-by-ibm-x-force-research.jpg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2017/11/ 66 KB
66 KB 368ms
366ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2017/11/new-banking-trojan-icedid-discovered-by-ibm-x-force-research.jpg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23073691dede45e2d556775ab7c67dc2ec4dee5413ede517b8423ee83e4cc9c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 20:19:56 GMT
server: cloudflare
etag: "108e8-60a22829f32c5"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89566ac3f9d1571b-SYD
content-length: 67816
expires: Tue, 18 Jun 2024 02:18:43 GMT

GET
H2 200 AI-artificial-intelligence-on-red-warning-flag-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/ 6 KB
6 KB 233ms
231ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/AI-artificial-intelligence-on-red-warning-flag-630x330.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e517dd8ad821858de84b73d31c0efeb392eb780b46a38b79bba0005b33d694f1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 13:00:05 GMT
server: cloudflare
etag: "169c-61a4c60e46c76"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89566ac3f9d2571b-SYD
content-length: 5788
expires: Tue, 18 Jun 2024 02:18:43 GMT

GET
H2 200 Cloud-computing-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/ 27 KB
27 KB 361ms
360ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/Cloud-computing-630x330.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e745c780d070b45ada0bc56e39390c19caec2381c6678cb477a59b95cec0a6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Thu, 06 Jun 2024 13:00:09 GMT
server: cloudflare
etag: "6c2a-61a3843411a12"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89566ac3f9d3571b-SYD
content-length: 27690
expires: Tue, 18 Jun 2024 02:18:43 GMT

GET
H2 200 twitter.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 551 B
453 B 206ms
205ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/twitter.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51b55d095033da97c0b57b7d02035cec0064e83018d9c04378e98fd72336ae0d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "227-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3f9d4571b-SYD
content-length: 372

GET
H2 200 linkedin.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 693 B
491 B 207ms
206ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/linkedin.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2f5cf75a63fc6050035c507c308b27f1298db9c178bf0a98e852041d3bf574d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "2b5-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3f9d5571b-SYD
content-length: 410

GET
H2 200 facebook.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 822 B
520 B 205ms
204ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/facebook.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d4cb2bdcedfe67851df0a0098e36c6fecb22a3832cb46e59f663e37169cdd14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "336-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3f9d6571b-SYD
content-length: 439

GET
H2 200 link.svg
securityintelligence.com/wp-content/themes/sapphire/images/social-icons/ 3 KB
1 KB 204ms
203ms Image
image/svg+xml 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/social-icons/link.svg
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70b9635dd7cebe8634aa78201f5533e14c7521c46462f036fc82feaa0dfddb6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "b22-60a227f635d62-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
accept-ranges: bytes
cf-ray: 89566ac3f9d7571b-SYD
content-length: 1339

GET
H2 200 Man-typing-on-keyboard-with-virus-detected-alert-on-hologram-screen-630x330.jpeg.webp
securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/ 14 KB
14 KB 582ms
582ms Image
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securityintelligence.com/wp-content/webp-express/webp-images/doc-root/wp-content/uploads/2024/06/Man-typing-on-keyboard-with-virus-detected-alert-on-hologram-screen-630x330.jpeg.webp
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5244398b242f5982921e6f2d76116bd02e3896a584aa4db945df4e26264676d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: REVALIDATED
last-modified: Wed, 12 Jun 2024 13:00:12 GMT
server: cloudflare
etag: "3920-61ab0f6841494"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89566ac3f9d8571b-SYD
content-length: 14624
expires: Tue, 18 Jun 2024 02:18:43 GMT

GET
H2 200 carbon-element.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 32 KB
8 KB 27ms
5ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/carbon-element.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a550027dbe16ae842d3f4e3632f8ade0c352c147330698f518c38f8f87555989

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2a155939-2794-4ede-9457-b87b7cdcc976
content-length: 8381
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "d20c717042ca6e86e8b66167330a4379"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2a155939-2794-4ede-9457-b87b7cdcc976
cache-control: max-age=828474
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:26:37 GMT

GET
H2 200 settings.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 14ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1ce57fe09c3a2b9bb5703bfb387c57a91be0baae1d219771455dd3f8e1503dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ef92ba57-a886-410a-8be5-aa8a875554fe
content-length: 1177
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "cde7729aaec872785f415e59f9d38a34"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ef92ba57-a886-410a-8be5-aa8a875554fe
cache-control: max-age=828386
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:25:09 GMT

GET
H2 200 stable-selector.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 11ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/stable-selector.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c23269df2b82f8486814488d21a8e6e1ed55afae34877a44fc2573a5914a3cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 596b2eb1-4a33-44c7-abea-f918da9b8ac2
content-length: 1732
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "7e746dbccd83d336d34387680087702f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 596b2eb1-4a33-44c7-abea-f918da9b8ac2
cache-control: max-age=830490
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:13 GMT

GET
H2 200 content-section.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 12ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-section.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1fad73efd1fa15b2d69d2ec0d65bf11d4d3bf5ed4681462c6ddf05b8259cfb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6d6b65aa-124f-4c25-9c68-e8753950467f
content-length: 3936
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "db8e2dfc6a48cfdd3dd9d741f81a17cc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6d6b65aa-124f-4c25-9c68-e8753950467f
cache-control: max-age=830499
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:22 GMT

GET
H2 200 button-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 12ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

148f5bd38cf3b8e0aec0003782dfbba92df960a30944bbe2f9f977213c762a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a22dfec6-d225-430f-bae9-86e40ba67fc1
content-length: 4096
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "da3a74018492d21a651bae65dd688d8e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a22dfec6-d225-430f-bae9-86e40ba67fc1
cache-control: max-age=828695
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:18 GMT

GET
H2 200 button-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 127 KB
16 KB 13ms
0ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

70c35a3b3b36b2fc6bfa0561f148268064ecc7ccf10e336bf3b91540326a647a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3b7f4af7-d0e2-49e1-8739-ba998abb0c3f
content-length: 15815
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "df113add096d9452599f6378cbb29586"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3b7f4af7-d0e2-49e1-8739-ba998abb0c3f
cache-control: max-age=828448
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:26:11 GMT

GET
H2 200 button-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 30ms
5ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7bb85c6b3eb442173f57214a267449e51548381a82fedb86428812815d0ec64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: aa829e55-09d4-4962-8a06-154fda630535
content-length: 3973
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "035ecc3241fde544862020321e3e32b2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: aa829e55-09d4-4962-8a06-154fda630535
cache-control: max-age=827599
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:12:02 GMT

GET
H2 200 text-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 30ms
6ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/text-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

055242be429679afbdc44ca60d2060eff0d478b817102a347105adc5bbb6f90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0dd9900f-1013-49a7-8dba-a5910bcf82d1
content-length: 4180
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "ff75975d2411b24d42ae5d3d6ce886c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0dd9900f-1013-49a7-8dba-a5910bcf82d1
cache-control: max-age=828583
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:28:26 GMT

GET
H2 200 cta-block-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 283 KB
29 KB 47ms
22ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-block-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bb91a3d6fa4ce291537aa3a50eccedf2fd8c79c98f89083a9fae9aad5b106f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5f71345a-06bb-4fc4-b738-f2129e478b9f
content-length: 28922
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "fbcfcc78d5c6436ed00bff92f613ab38"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5f71345a-06bb-4fc4-b738-f2129e478b9f
cache-control: max-age=829822
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:49:05 GMT

GET
H2 200 content-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 30ms
6ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cde8866183a768c3e0b93a8ff2efb0c999e65029ca02d853f5798bedb3a41095

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d9dec75c-7f8a-42b7-934a-3aca22a671f1
content-length: 4028
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "00741a023f3588933358211859a90162"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d9dec75c-7f8a-42b7-934a-3aca22a671f1
cache-control: max-age=828695
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:18 GMT

GET
H2 200 content-item-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 31ms
7ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d6919a40101e75c8accad2e0e756dc04e61a582c3f33ccfd51dd2593418e11fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 875c501b-c47c-4937-8b27-49df4ed85ab1
content-length: 3863
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "8cfee48262c0020a5dbd8fdbe6d7c7be"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 875c501b-c47c-4937-8b27-49df4ed85ab1
cache-control: max-age=828677
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:00 GMT

GET
H2 200 content-item-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 31ms
7ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a93ccf89475f83336712a14da8d52d2d4a8f1b93e62465507e5e74fec5857860

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 12c37898-a16b-4602-ad2f-70b7dd1c2c0a
content-length: 3869
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "19f5ae5a4d8ede510d5b62c0b90f5435"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 12c37898-a16b-4602-ad2f-70b7dd1c2c0a
cache-control: max-age=830371
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:14 GMT

GET
H2 200 content-item-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 11 KB
4 KB 32ms
8ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

45725f6aba012413709dd5927c4af00fe05e56d69da79134e4f8fb747450d897

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 34962a66-fd88-4af1-8fd3-5b66c1811997
content-length: 3592
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "554236d004b11bf9916c077dd44425c7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 34962a66-fd88-4af1-8fd3-5b66c1811997
cache-control: max-age=830492
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:15 GMT

GET
H2 200 content-block-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 47ms
23ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3cc6d6cbbcb082f1536061bb5cd7387b729b62f147a461b7201156eb1d10c7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0516481d-53a7-4101-ae01-0bdd8dd64b62
content-length: 3952
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "cebc609089e0485a433aa3ee264c29e8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0516481d-53a7-4101-ae01-0bdd8dd64b62
cache-control: max-age=828652
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:29:35 GMT

GET
H2 200 content-block-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 32ms
8ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

061d68548d70b449039f082ba0e4d8b5931e37eb74f0c1a1784a0fa83369476f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: efbfc758-e5b9-4f88-b175-7334ff486a28
content-length: 3926
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "4899367e48dea17d482254adfbb3a51f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: efbfc758-e5b9-4f88-b175-7334ff486a28
cache-control: max-age=830493
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:16 GMT

GET
H2 200 content-section2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 81 KB
9 KB 32ms
9ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-section2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6be62c2f8d5edfd48f4d8de499432b74c846ad441c4edf63d0d4a68f14a3d368

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ca49807a-1255-44d6-88ff-72b4f30f2d23
content-length: 8977
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "cfe52852586fa6bff9274171763d3173"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ca49807a-1255-44d6-88ff-72b4f30f2d23
cache-control: max-age=830431
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:14 GMT

GET
H2 200 defs3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 33ms
9ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

687a057c92b4f6239167f336f96e053988db59f36e61c906ae61a85d0abe5896

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b10fad70-f907-4e60-9ae5-36f636e8b0dd
content-length: 1188
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "9a6e5108e0e1a3893faa94d34ea7053a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b10fad70-f907-4e60-9ae5-36f636e8b0dd
cache-control: max-age=828647
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:29:30 GMT

GET
H2 200 settings3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 85ms
61ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1fb80047319fc7f35bf012bb331440197f1c7c9f4928a7d73e77f961985a5412

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 22b6aa2b-dd04-4f95-853e-885f1bcee159
content-length: 1026
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "5333197840d4b7a87e4f21ba3dfdf368"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 22b6aa2b-dd04-4f95-853e-885f1bcee159
cache-control: max-age=829393
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:41:56 GMT

GET
H2 200 button.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 81 KB
11 KB 33ms
10ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/button.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f42d85a1fbec8757d847b58ea0138e7c8a93e6769af086f4a1cf9dc46b5e6fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 336a7ce4-b88d-4713-9e80-e7d423c8be00
content-length: 11106
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "4141e1de4422846f393b225f03325a6e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 336a7ce4-b88d-4713-9e80-e7d423c8be00
cache-control: max-age=828695
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:18 GMT

GET
H2 200 class-map.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 47ms
24ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/class-map.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

68969bac2a1db27ac853c8c231e8031bbd53afc29379ab0e4ee68a20fb85bafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 77d277b6-30df-4890-8cca-d4ea15d807de
content-length: 1477
last-modified: Tue, 18 Apr 2023 01:06:22 GMT
server: Cleversafe
etag: "a8174435cbb707f6375d73df5ab7bdcb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 77d277b6-30df-4890-8cca-d4ea15d807de
cache-control: max-age=829506
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:43:49 GMT

GET
H2 200 if-non-null.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 34ms
11ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/if-non-null.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

835de0b00f5d8ea56795085cefcaf53d6017c132e081129f100188e005d6f2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6c01a33a-ff9d-404d-a44b-46083e2ea8d3
content-length: 1040
last-modified: Tue, 18 Apr 2023 01:06:27 GMT
server: Cleversafe
etag: "572f7b1bb3ac9dd2a96bb37d30adf228"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6c01a33a-ff9d-404d-a44b-46083e2ea8d3
cache-control: max-age=829468
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:43:11 GMT

GET
H2 200 if-defined.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 34ms
12ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/if-defined.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

438836179e58da34ffa952d54044cd6418887f212dcd9cbdbfb1e184f6d2d03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9f893639-da84-4171-a671-23df027dc786
content-length: 1149
last-modified: Tue, 18 Apr 2023 01:06:27 GMT
server: Cleversafe
etag: "88f65872495e7597e4e7b3fa0f38b002"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9f893639-da84-4171-a671-23df027dc786
cache-control: max-age=830451
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:34 GMT

GET
H2 200 focus.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 47ms
25ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/focus.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

65abc7b0e6de94afe1a08ad5ca902eae3e8ddca70f632cf80c304d39c5a4434e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1afe19cd-4f9f-4d38-b639-e0b86a5e8cc3
content-length: 1109
last-modified: Tue, 18 Apr 2023 01:06:26 GMT
server: Cleversafe
etag: "b72c1d6e4f4dbb16710847371cc20a35"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1afe19cd-4f9f-4d38-b639-e0b86a5e8cc3
cache-control: max-age=829464
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:43:07 GMT

GET
H2 200 settings2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 37ms
14ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/settings2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d9df6451975419c0b0f7b076b048cf03e83262c6643940a0d6ab5f976028a353

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 49378db2-319c-4edc-8bfc-d1293d80840f
content-length: 1469
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "acc037b12dbec89bd6f704cebe41430a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 49378db2-319c-4edc-8bfc-d1293d80840f
cache-control: max-age=830390
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:33 GMT

GET
H2 200 formatVideoCaption.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 34ms
12ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/formatVideoCaption.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

87aa7e8eecbcc64fcd6878351518a72c7e495269e206cb10472959d50d6c8f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6cbd5c3d-c3cd-43b5-816a-9da37912364c
content-length: 1194
last-modified: Tue, 18 Apr 2023 01:06:26 GMT
server: Cleversafe
etag: "e92dfc66fbdcc126f98c0b3ad63ca8d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6cbd5c3d-c3cd-43b5-816a-9da37912364c
cache-control: max-age=829499
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:43:42 GMT

GET
H2 200 video.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 13 KB
4 KB 35ms
13ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/video.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7a3a1a24324b661e918681982552dba1b617b5f0313344dcce1bc39fd36f773f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6d222862-e344-4720-ae45-7ca2b442d753
content-length: 3515
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "fff6c80a0f6118336d8c50b3bbcfefd1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6d222862-e344-4720-ae45-7ca2b442d753
cache-control: max-age=828632
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:29:15 GMT

GET
H2 200 203.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 35ms
13ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/203.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

636c039cd55a93fd5f45174a3ad250ea24413e065b509bfed3b06d9644d0896c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: fcfcde6c-35c3-4a4e-ad2d-23a6ed7c505f
content-length: 1242
last-modified: Tue, 18 Apr 2023 01:06:20 GMT
server: Cleversafe
etag: "82591de9ad2c4449741055ef5df433e8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: fcfcde6c-35c3-4a4e-ad2d-23a6ed7c505f
cache-control: max-age=830480
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:03 GMT

GET
H2 200 spread.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 36ms
14ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/spread.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a5468ad5750d7374997aefbfe093ae29c3ee7dfc8ec5f51702c40eb6b90f91ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8d72197a-6727-4128-854c-924394b3b919
content-length: 1268
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "04e35c4d36a747a803aea55b77299545"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8d72197a-6727-4128-854c-924394b3b919
cache-control: max-age=828695
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:18 GMT

GET
H2 200 defs2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 36ms
15ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f059a5aa0a112fddeea0086027cdfb5c4c612a2e6d86e7e430213093b7425424

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a5c5b072-a773-486b-a2b4-bad4456422b6
content-length: 1236
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "fdd56e1ed8819aea706b71fa428ff807"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a5c5b072-a773-486b-a2b4-bad4456422b6
cache-control: max-age=828664
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:29:47 GMT

GET
H2 200 cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 232 KB
23 KB 47ms
25ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f976589b67405bbc6b9c773eaf742662f600465db7843d1e70100bb8f3c173cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cba49297-7e70-4468-b1b2-78f08602a9b5
content-length: 23480
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "48fbd3dc2b37e763662be3628c26706d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cba49297-7e70-4468-b1b2-78f08602a9b5
cache-control: max-age=830413
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:56 GMT

GET
H2 200 link-with-icon.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 136 KB
17 KB 37ms
15ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/link-with-icon.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

480ee17ae9bd1943c860d3ca42f244b02462071cbf31bbf06e314f37bad84b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 409dd57d-cb78-494a-8549-d5a3ec6f52a3
content-length: 16637
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "c8f396f454f8c754b8aef2fe35fb23d4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 409dd57d-cb78-494a-8549-d5a3ec6f52a3
cache-control: max-age=830481
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:04 GMT

GET
H2 200 link.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 12 KB
4 KB 37ms
16ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/link.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b6b223048d53962ba8887fa17fd057385058f87474cd247e974ec87c2df4d693

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f873e8c4-2a4f-417b-9b03-454a299a11b6
content-length: 3680
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "39f60bca545a4339b05602b1d50fc3ea"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f873e8c4-2a4f-417b-9b03-454a299a11b6
cache-control: max-age=830507
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:30 GMT

GET
H2 200 decorate.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 10 KB
4 KB 38ms
17ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/decorate.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

591a6a94143a5b8cbdd7fe5551d441d899ddfb6448737be08941f7f4373222c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 86c40282-0b7e-4763-99da-c822b2fb2827
content-length: 3294
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "2bb4ff5160fed9d028c8a8e7eebb3162"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 86c40282-0b7e-4763-99da-c822b2fb2827
cache-control: max-age=828472
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:26:35 GMT

GET
H2 200 toPropertyKey.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 84ms
63ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/toPropertyKey.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

73f701d7eed1b391a0387b4337cb71fd5ac4cae4cdd90baa4a8e30eab0ba413d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c0c660cb-a2ec-44a2-be60-0781da0ff4b7
content-length: 1242
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "1d42be3474c21a2f0f4ac6998a2f7528"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c0c660cb-a2ec-44a2-be60-0781da0ff4b7
cache-control: max-age=830535
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:58 GMT

GET
H2 200 defs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 38ms
17ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/defs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1c227006efb1fba0e36bb30543339fb562dca62f378baa11ec8b8ddfc8b97cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 937c353f-2ddd-4f95-832b-ea0131170ce2
content-length: 1077
last-modified: Tue, 18 Apr 2023 01:06:25 GMT
server: Cleversafe
etag: "3a22828140e3312aacb0df7057f0dbd4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 937c353f-2ddd-4f95-832b-ea0131170ce2
cache-control: max-age=830394
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:37 GMT

GET
H2 200 content-block.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 14 KB
5 KB 46ms
26ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ebd04a96b54329b8a1254bc7bd0e1479415c2f4b5e475216c7658a5874c1b071

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ea4ab3a6-c5bf-408b-8313-8942397d3508
content-length: 4356
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "ccc15c868cf5de9923b5df2de6b5bccd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ea4ab3a6-c5bf-408b-8313-8942397d3508
cache-control: max-age=830382
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:25 GMT

GET
H2 200 content-block2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 145 KB
16 KB 38ms
18ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

391dc528a428a16f90b7ba966a0ed85d1ada1fbcf828c24ad3eb9b02d91f33fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3ba3db96-61ec-449f-b50f-7894484cbc4a
content-length: 16244
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "e87e4241d1d98146ad13d7347705c74a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 3ba3db96-61ec-449f-b50f-7894484cbc4a
cache-control: max-age=830489
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:12 GMT

GET
H2 200 sameHeight.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 39ms
18ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/sameHeight.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

84d1bf4cd5b5fefe99357eac6db2f21c1e0e579112ffce60b2c69cd098f3ebeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9e1b088b-7542-424d-aba3-2f2b2ec980f8
content-length: 1191
last-modified: Tue, 18 Apr 2023 01:06:39 GMT
server: Cleversafe
etag: "3a2459c72ffe9fa4600a02bef9bc7d04"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9e1b088b-7542-424d-aba3-2f2b2ec980f8
cache-control: max-age=830499
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:22 GMT

GET
H2 200 index4.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 56ms
36ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/index4.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

808e3f3b08cb517cabda3690db1ba2ba69c39f0a8b201aa7ad57114485d9181f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 976ab82c-ef37-48db-ba70-4fdc2bd175bd
content-length: 1113
last-modified: Tue, 18 Apr 2023 01:06:27 GMT
server: Cleversafe
etag: "90293045e674b60df4d205343c8a9d4b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 976ab82c-ef37-48db-ba70-4fdc2bd175bd
cache-control: max-age=827558
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:11:21 GMT

GET
H2 200 parent-visibility.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 39ms
19ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/parent-visibility.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

60ed749d6f5cfc6cbaef111aeee9a3d3fc37807555bc3152210b1a7824fa8872

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8a12788a-1adf-43e6-9a61-2ac36fee9b01
content-length: 1280
last-modified: Tue, 18 Apr 2023 01:06:32 GMT
server: Cleversafe
etag: "04405a69245bbac18c5cbb9f0109f18d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8a12788a-1adf-43e6-9a61-2ac36fee9b01
cache-control: max-age=829377
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:41:40 GMT

GET
H2 200 tab.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 448 KB
38 KB 40ms
20ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/tab.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4e57cf766447c0f0f0473dd492b395ea0e401261811c8f8218faac081a107a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 56895992-5633-4120-a134-39736d98d614
content-length: 38107
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "76b8d9ca7e5442d036bea6c77b4d5a36"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 56895992-5633-4120-a134-39736d98d614
cache-control: max-age=830522
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:45 GMT

GET
H2 200 content-item2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 133 KB
15 KB 46ms
27ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-item2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2474929d0b22a0b5083acba9ee9f6e50e0e68d0f8fe0001468af372ceb237a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0f6ea518-3229-4750-a026-9730f838fce8
content-length: 14572
last-modified: Tue, 18 Apr 2023 01:06:24 GMT
server: Cleversafe
etag: "29f26189a194b440599996533d019fc9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0f6ea518-3229-4750-a026-9730f838fce8
cache-control: max-age=829476
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:43:19 GMT

GET
H2 200 markdown.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 24 KB
7 KB 47ms
27ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/markdown.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b2892b1c7e5dba9aa27ca9559244807f20538bd11574076962478a06cf08e0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a1ac82d4-7c64-42e7-ac8e-69006a8b0ea8
content-length: 6818
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "6a5d889e73f8b5b5f7a696afc6bdc3e4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a1ac82d4-7c64-42e7-ac8e-69006a8b0ea8
cache-control: max-age=828677
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:00 GMT

GET
H2 200 unsafe-html.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
2 KB 40ms
21ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/unsafe-html.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4676df23d89cb1eb3ccc4355ad76e8b03f913b27333d24fa9137d7902492f6d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4740e619-2c00-4596-af93-d0c80378ef9b
content-length: 1230
last-modified: Tue, 18 Apr 2023 01:06:41 GMT
server: Cleversafe
etag: "cba06ca2f3cb0175773f14502ea9a0bb"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4740e619-2c00-4596-af93-d0c80378ef9b
cache-control: max-age=828695
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:18 GMT

GET
H2 200 get.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 4 KB
1 KB 38ms
19ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/get.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5790f65182367ee37e03f746cb278c50d07f2224d9658c34b98c2d8f8f60dc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 770071f3-8e4e-4a73-8474-df13a8a8eddd
content-length: 1214
last-modified: Tue, 18 Apr 2023 01:06:26 GMT
server: Cleversafe
etag: "1aff1c6dae84498454e38a819070dc22"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 770071f3-8e4e-4a73-8474-df13a8a8eddd
cache-control: max-age=830414
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:58:57 GMT

GET
H2 200 marked.umd.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 72 KB
25 KB 53ms
34ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/marked.umd.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

df5e72491de42d519d782711ffe4b0914a57585f13235927db42324c5c8b8154

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cde83478-5646-46c6-8407-87bbca6e9ec8
content-length: 25350
last-modified: Tue, 18 Apr 2023 01:06:30 GMT
server: Cleversafe
etag: "1976addcda8f882f66fd3eb6cc68184b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cde83478-5646-46c6-8407-87bbca6e9ec8
cache-control: max-age=830422
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:59:05 GMT

GET
H2 200 _commonjsHelpers.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 40ms
21ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/_commonjsHelpers.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d566b0df5ed3c4e90da21a0ee58cce6cbd0d3259bb0f98bb31d524b00c0e9afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1abf554f-1bde-4555-bd07-467c29bb2916
content-length: 1106
last-modified: Tue, 18 Apr 2023 01:06:18 GMT
server: Cleversafe
etag: "1a3b850c975b04227ccbdde9bacde7dc"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1abf554f-1bde-4555-bd07-467c29bb2916
cache-control: max-age=830491
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 13:00:14 GMT

GET
H2 200 striptags.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 5 KB
2 KB 38ms
19ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/striptags.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d8bc2fabd324a865fb6f11276bc6b7517f8c66e637f1b585b1a2a568a7065112

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c493172f-18f7-49fc-8372-9f58185421de
content-length: 1749
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "03431af3cc4749dd205df026756a22c9"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c493172f-18f7-49fc-8372-9f58185421de
cache-control: max-age=828651
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:29:34 GMT

GET
H2 200 stripHTML.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 3 KB
1 KB 55ms
37ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/stripHTML.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

131637e802df8efe821db2e04e2d5fbf8156e8dfd21c86f7568e0ed55c5ffa6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d851ac1b-1310-4915-9879-19ac1735f92d
content-length: 1087
last-modified: Tue, 18 Apr 2023 01:06:40 GMT
server: Cleversafe
etag: "5cc450f0b54da43ffe3db40586321992"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d851ac1b-1310-4915-9879-19ac1735f92d
cache-control: max-age=828695
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:30:18 GMT

GET
H2 200 content-block-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/ 11 KB
4 KB 79ms
61ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/content-block-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

60a69b71ca37f27f48a3ddf5ed1fd31e0ce2669ef9638654c9f5aaea2d60de5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/version/v1.31.0-rc.0/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: bf50c000-5192-47e4-9fd2-2bcb667729c6
content-length: 3606
last-modified: Tue, 18 Apr 2023 01:06:23 GMT
server: Cleversafe
etag: "b8feb95690402e4bb84d8a8623a6a0dd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: bf50c000-5192-47e4-9fd2-2bcb667729c6
cache-control: max-age=828433
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Thu, 27 Jun 2024 12:25:56 GMT

GET
H2 200 button-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 45ms
28ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

17f7dec0e77938aac0a94d62a97ad70ed43d4365da5b8edd49376583d25b28bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9e2db527-ef11-4cb5-a244-1ae00483c094
content-length: 4095
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "8589b5a93d61e76181432c495a316cb0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9e2db527-ef11-4cb5-a244-1ae00483c094
cache-control: max-age=46501
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:13:44 GMT

GET
H2 200 button-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 127 KB
16 KB 46ms
29ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e1a2ed0c708a2a9f8f96128e0f0ff4518dbf1af4e2f56276681273bb1659642f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 156050e8-9a3b-4349-8cac-0318c77cbf86
content-length: 15852
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "16b723cbc4d5e58a07e794079c47d537"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 156050e8-9a3b-4349-8cac-0318c77cbf86
cache-control: max-age=48073
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:56 GMT

GET
H2 200 button-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 54ms
38ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/button-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fd553f6229e34abb458572766f7c5693c7fbe509dfb24558f5d9e99532d3d9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 76f7bfa8-5c68-4a80-b924-7b4cbb774c15
content-length: 3973
last-modified: Tue, 12 Dec 2023 14:31:48 GMT
server: Cleversafe
etag: "db3941c3712f56b7c3a843eeefb85afd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 76f7bfa8-5c68-4a80-b924-7b4cbb774c15
cache-control: max-age=61800
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:43 GMT

GET
H2 200 text-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 55ms
38ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/text-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9b6a8a47b2ee723329aaceb68a28e591c7da541832af19b6efda3310a46a8dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 6ff5e38c-6a65-47d3-85e8-a36dd3fbce6a
content-length: 4178
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "a00b6482bdea326ccbbab8c048412454"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 6ff5e38c-6a65-47d3-85e8-a36dd3fbce6a
cache-control: max-age=72969
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:34:52 GMT

GET
H2 200 cta-block-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 283 KB
29 KB 55ms
39ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-block-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

2f22eeac4501bb24cd47630791adafd966bd0940d398def0c94b3f22767c7485

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 13e4d0ab-dde9-45cf-b4f1-e871a04f86df
content-length: 28938
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "26cf2e870e40a79c2ce6befa817c5683"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 13e4d0ab-dde9-45cf-b4f1-e871a04f86df
cache-control: max-age=73031
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:35:54 GMT

GET
H2 200 content-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 13 KB
4 KB 57ms
40ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fb4529cc42ed4fdee59dfb30fec6d069634cb6b3211c2274505e556c8be0cf3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f4049d7c-f652-4af3-9ebd-36638dc76eb6
content-length: 4028
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "3a2d5f4facf7a383384ed4e687575a02"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f4049d7c-f652-4af3-9ebd-36638dc76eb6
cache-control: max-age=61905
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:30:28 GMT

GET
H2 200 content-item-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 57ms
41ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

8bfbc721b242454c04cd907419888ac023dc4c4f4986bd7b8cfa71194cde0821

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: cff7094d-ebff-4166-beaa-46635975b809
content-length: 3865
last-modified: Tue, 12 Dec 2023 14:31:54 GMT
server: Cleversafe
etag: "c1e12d04c638288a9134cb5f6d251ee5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: cff7094d-ebff-4166-beaa-46635975b809
cache-control: max-age=71820
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:15:43 GMT

GET
H2 200 content-item-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 58ms
42ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f71745c11db1688fbefd3d72b7f748568b29fd2ca3ead276cdd08c95310b98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 383d24e7-3eea-4afd-ae75-fcee299b9ee0
content-length: 3869
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "30c30dbc416790cd7eb21a582e8da147"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 383d24e7-3eea-4afd-ae75-fcee299b9ee0
cache-control: max-age=54448
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:26:11 GMT

GET
H2 200 content-item-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 59ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

426088c52a92325403e37c7799edcd262e67191849c6d4b564d82467c77097cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 190f7f75-ec90-404c-92b3-985a0d8d2b26
content-length: 3592
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "c614994e77ad8dc3d58ce9e8c29b9b9a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 190f7f75-ec90-404c-92b3-985a0d8d2b26
cache-control: max-age=54403
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:25:26 GMT

GET
H2 200 content-block-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 44ms
29ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

6eb1725148073b0d97917b373c481dd25c2d4c07fdf00f1377a2591cddde3b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e09c4494-54ba-496a-9491-816b5fa75f20
content-length: 3948
last-modified: Tue, 12 Dec 2023 14:31:53 GMT
server: Cleversafe
etag: "13cb349fec6b31dd9e11c8eb8158581d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: e09c4494-54ba-496a-9491-816b5fa75f20
cache-control: max-age=61880
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:30:03 GMT

GET
H2 200 content-block-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 12 KB
4 KB 45ms
29ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a5bb5196d568ccc436e40919b0daaefdbbec711bfcfdbf3a82930bbb58a7bd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ff35249b-700d-41cc-ab83-9d1569d8ff34
content-length: 3926
last-modified: Tue, 12 Dec 2023 14:31:53 GMT
server: Cleversafe
etag: "59c86a8e58415a41a98df633f75e6f24"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ff35249b-700d-41cc-ab83-9d1569d8ff34
cache-control: max-age=48056
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:39:39 GMT

GET
H2 200 defs3.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 45ms
30ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/defs3.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f8f2ea1401819fe906dc24d499bec9d073c2f3757be8f5e3944432001b9556f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9b1285fe-58aa-47b5-9120-b263af2a7eea
content-length: 1188
last-modified: Tue, 12 Dec 2023 14:31:56 GMT
server: Cleversafe
etag: "d22f03d2654f63d18357561749b54036"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9b1285fe-58aa-47b5-9120-b263af2a7eea
cache-control: max-age=48009
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:38:52 GMT

GET
H2 200 content-block.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 14 KB
5 KB 42ms
30ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

212c50e5e49761927400c63fd6afa36d34cccfa0ed307d8d01a54bc1b1cf1af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b842f72b-3249-4c74-9a5c-d7d5c0a296cf
content-length: 4448
last-modified: Tue, 12 Dec 2023 14:31:54 GMT
server: Cleversafe
etag: "11b02631fee090ac99d6e9b11089e198"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b842f72b-3249-4c74-9a5c-d7d5c0a296cf
cache-control: max-age=50840
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:26:03 GMT

GET
H2 200 content-block2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 324 KB
32 KB 42ms
31ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5c18e13e16f8f31e2072cb42c3b9b351ae354b14348385be05e59dc767be32a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ed3b14ec-334b-4022-9920-15ef9f0ba06b
content-length: 32615
last-modified: Tue, 12 Dec 2023 14:31:54 GMT
server: Cleversafe
etag: "0d3c2e854ea93c25f4ecb3af8ca5b538"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ed3b14ec-334b-4022-9920-15ef9f0ba06b
cache-control: max-age=10259
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 01:09:42 GMT

GET
H2 200 parent-visibility.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 44ms
32ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/parent-visibility.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

84470416d4c27fdaf829fb73d080038f38c4162b4fcf13453198af1080346520

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0fe568b0-a91b-4229-b312-bdd3705b6158
content-length: 1278
last-modified: Tue, 12 Dec 2023 14:32:06 GMT
server: Cleversafe
etag: "a1709d5da5e9f41eb2044794bba5a45d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0fe568b0-a91b-4229-b312-bdd3705b6158
cache-control: max-age=50776
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:24:59 GMT

GET
H2 200 tab.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 450 KB
38 KB 68ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/tab.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

dd5588c8432d8f1630319a4d3a12d7f77adcf1e01e315a649275dca5e5921198

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 2af8fce1-3eb2-46a7-9ddf-6d1c50aa256d
content-length: 38831
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "fc95b1b41aeb9ac08b2bd6c559aadd5a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 2af8fce1-3eb2-46a7-9ddf-6d1c50aa256d
cache-control: max-age=50712
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:23:55 GMT

GET
H2 200 media-query.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 5 KB
2 KB 45ms
35ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/media-query.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bdd999dce9f8de3da1944d2ceb87bb7dfdd13cce89ccda787500b796a5251740

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4a4d3849-0ac4-4289-8d9d-3db674302137
content-length: 1776
last-modified: Tue, 12 Dec 2023 14:32:03 GMT
server: Cleversafe
etag: "509f3d0a1cf1d750407affa563bd6190"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4a4d3849-0ac4-4289-8d9d-3db674302137
cache-control: max-age=50779
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 12:25:02 GMT

GET
H2 200 content-item2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 133 KB
15 KB 57ms
47ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-item2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

15f0de6f72f96c642c24a05c883f7e6bec2c8ab4f9c165ebe7fb2e447cca3f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f9e3a7c0-5f06-46bb-b204-84ce8f6d9408
content-length: 14609
last-modified: Tue, 12 Dec 2023 14:31:55 GMT
server: Cleversafe
etag: "496be66775ff27f745804c23bec48fc8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f9e3a7c0-5f06-46bb-b204-84ce8f6d9408
cache-control: max-age=61802
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:45 GMT

GET
H2 200 markdown.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 24 KB
7 KB 55ms
45ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/markdown.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1e02759d55df0cf6bfc3fae3f962a47c635693835441d8a83254d3a7600ddcbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4eb04a0d-a777-45d7-ba82-2ea074706c68
content-length: 6827
last-modified: Tue, 12 Dec 2023 14:32:02 GMT
server: Cleversafe
etag: "5caca5681a764b111493506891378f99"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4eb04a0d-a777-45d7-ba82-2ea074706c68
cache-control: max-age=46391
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:11:54 GMT

GET
H2 200 unsafe-html.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
2 KB 52ms
42ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/unsafe-html.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

48d3bcb4f8e3b1e50266dfe8bbf41815b4043c450d0042bbf5c057a0ba34512e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 1da589f8-b821-4460-b796-5aba79e89fe4
content-length: 1230
last-modified: Tue, 12 Dec 2023 14:32:18 GMT
server: Cleversafe
etag: "3f9221a64dba8c0d199c9cb69d09b884"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 1da589f8-b821-4460-b796-5aba79e89fe4
cache-control: max-age=46383
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:11:46 GMT

GET
H2 200 get.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 4 KB
1 KB 53ms
43ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/get.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7ecbc1d3b6c0d537ea94cf1485a9a9ef2734fbc48fa977d911bc5ac499cda2fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: ebc1baf5-da22-4cf0-aa05-85063a059086
content-length: 1214
last-modified: Tue, 12 Dec 2023 14:31:57 GMT
server: Cleversafe
etag: "c180ec8ad2db08c46cc6adee44ba8c4d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: ebc1baf5-da22-4cf0-aa05-85063a059086
cache-control: max-age=46177
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:08:20 GMT

GET
H2 200 stripHTML.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 3 KB
1 KB 54ms
44ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/stripHTML.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f09f7ed9350c681587c37e087601818e96a09bfccda3cf5f86daae2d9bab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 0987bc45-9f89-49dc-a890-114bdb961e79
content-length: 1087
last-modified: Tue, 12 Dec 2023 14:32:17 GMT
server: Cleversafe
etag: "764109a1a292a94add0bf80e8ef8593d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 0987bc45-9f89-49dc-a890-114bdb961e79
cache-control: max-age=48104
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:40:27 GMT

GET
H2 200 content-block-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/ 11 KB
4 KB 54ms
44ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/content-block-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

bd3c06907c8bae0fbe82d227181eb6aeb1f1e8c38b693e6bf403de980c2f2a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/latest/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 37bd242f-1cba-45a5-b4e1-339fa60c3506
content-length: 3606
last-modified: Tue, 12 Dec 2023 14:31:53 GMT
server: Cleversafe
etag: "1ae717c4c8f4a5fbc229ef707ce4e0f8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 37bd242f-1cba-45a5-b4e1-339fa60c3506
cache-control: max-age=46442
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:12:45 GMT

GET
H2 200 button-group.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 58ms
48ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-group.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

466d120fa656f164b036e1f9de2cdd29faa8e43b37d847d1e7e675a2f2846343

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f20fc831-be0c-4a4d-9a74-d6d93fea3c53
content-length: 4015
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "bd4c02e1b696c7e9d2dbbbddd5ec86c3"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f20fc831-be0c-4a4d-9a74-d6d93fea3c53
cache-control: max-age=61772
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:15 GMT

GET
H2 200 button-group-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 116 KB
16 KB 64ms
54ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-group-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

35524a2b84d2688f84a3a9b19b3af5a56773d1e9c2f8d469cf4625e5c833a6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9c3e08f9-805a-496b-abec-d769010030f1
content-length: 16172
last-modified: Mon, 11 Dec 2023 21:21:50 GMT
server: Cleversafe
etag: "c7baa7186d0f2d037369f1c6fb5eb886"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9c3e08f9-805a-496b-abec-d769010030f1
cache-control: max-age=54353
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:36 GMT

GET
H2 200 button-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 65ms
56ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/button-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

46dc3b84e343393bc25e512a3466a68f2035647c1515ab3ce3b17e7beb52dc82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f88a3789-9fde-4311-bb86-f62d3819bc2f
content-length: 4029
last-modified: Mon, 11 Dec 2023 21:21:49 GMT
server: Cleversafe
etag: "5364122c7f4ecb5354f58ed3cb21941c"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f88a3789-9fde-4311-bb86-f62d3819bc2f
cache-control: max-age=67893
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:10:16 GMT

GET
H2 200 text-cta.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 56ms
46ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/text-cta.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

33d4cab117cef7685e20a4546688c0a5df5fb974fb596f26c1d276f84156e0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 76efe4db-3863-4dda-b9ee-e505feb94c68
content-length: 4233
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "01117154b1c367a241cd80e08c08b708"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 76efe4db-3863-4dda-b9ee-e505feb94c68
cache-control: max-age=61817
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:00 GMT

GET
H2 200 cta-block-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 239 KB
28 KB 73ms
64ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-block-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fed64fa7478ee94e0ed2e324e1b260be161b9f91b8ccf80c05724f88cac96109

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f1c1b0d8-11f9-44f8-940e-f9d2962cf451
content-length: 28329
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "1b31588dcfe692e39e3ac6d4bbc098d8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f1c1b0d8-11f9-44f8-940e-f9d2962cf451
cache-control: max-age=61850
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:33 GMT

GET
H2 200 content-item.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 13 KB
4 KB 59ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9b7941b794961b6e08a51f63b7c7b2878740b5b6da37673a4e95618e13b0c495

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 90ff00c9-732a-4472-b6b4-8a65686d09e0
content-length: 4117
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "81d14ac475c42ac6776c14cef916be84"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 90ff00c9-732a-4472-b6b4-8a65686d09e0
cache-control: max-age=73077
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:36:40 GMT

GET
H2 200 content-item-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 57ms
48ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

9bba7bc380932c1423013444386143a21a3ec797e78f68c2bdf81350d4e79eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: f2e09b50-92c0-4b13-b029-b31712e1cc50
content-length: 3848
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "c8a11b7fba5b58fd85e4d680a76bee03"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: f2e09b50-92c0-4b13-b029-b31712e1cc50
cache-control: max-age=61743
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:27:46 GMT

GET
H2 200 content-item-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 56ms
47ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

ad16e16f52ee83e37132ca80f7f8b1f50286407656eab81fe73e45c1cbd164ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5b1e708c-2a89-44a0-8956-3f9bfa7bdcc9
content-length: 3807
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "b6ef4955824738752bb4f0fd48726ffd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5b1e708c-2a89-44a0-8956-3f9bfa7bdcc9
cache-control: max-age=54349
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:32 GMT

GET
H2 200 content-block-heading.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 71ms
63ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-heading.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

d2838a560ed590e2d2b0dfe28b0dfe664bf5ba55a675c6bd4195d77521b9a576

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 77c02c99-0372-4d00-a929-b9251779cdef
content-length: 3873
last-modified: Mon, 11 Dec 2023 21:21:53 GMT
server: Cleversafe
etag: "16b65cdc6fff0ebea33b09b219b7d776"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 77c02c99-0372-4d00-a929-b9251779cdef
cache-control: max-age=61827
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:10 GMT

GET
H2 200 content-block-copy.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 12 KB
4 KB 54ms
46ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-copy.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

1039b43b5737d01337792f0fbaca68989e7a4f14c8d29bf5e778a7d2c2a3182f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: a9744907-85c7-496e-b82d-951c77344954
content-length: 3907
last-modified: Mon, 11 Dec 2023 21:21:53 GMT
server: Cleversafe
etag: "38468cf1744944d7e9a62d1992955a27"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: a9744907-85c7-496e-b82d-951c77344954
cache-control: max-age=47910
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:37:13 GMT

GET
H2 200 content-block.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 15 KB
5 KB 58ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0a3567cea782cf988632d67e366719a558655271771c40df1fdbb9a07c241157

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 687dae8a-064d-4b69-bcb2-ebe061f11ef4
content-length: 4395
last-modified: Mon, 11 Dec 2023 21:21:54 GMT
server: Cleversafe
etag: "66c8e62ecf7913daf5e8adc2e0b454d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 687dae8a-064d-4b69-bcb2-ebe061f11ef4
cache-control: max-age=61868
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:51 GMT

GET
H2 200 content-block2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 318 KB
33 KB 60ms
52ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a7c866af237441e1f47b0cf45fe22fce9f25d35671b0b0cf87a30157024394e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d38f4c4f-fb3e-4bb5-9b89-b82f10023ac2
content-length: 33254
last-modified: Mon, 11 Dec 2023 21:21:54 GMT
server: Cleversafe
etag: "4e1397fa3ee2e7e70aa091b69b2c3eea"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d38f4c4f-fb3e-4bb5-9b89-b82f10023ac2
cache-control: max-age=61858
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:41 GMT

GET
H2 200 parent-visibility.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 62ms
54ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/parent-visibility.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

5cbf8fd3a1f019a086ebe036f6083d8762a9e1a6520702022ebb7e4dd07d22e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 4afcd23c-6721-4140-84d5-ac0bb798d991
content-length: 1209
last-modified: Mon, 11 Dec 2023 21:22:05 GMT
server: Cleversafe
etag: "41d7ba6e7ad2653b43eea7b305f3d7c8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 4afcd23c-6721-4140-84d5-ac0bb798d991
cache-control: max-age=54376
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:59 GMT

GET
H2 200 tab2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 58ms
50ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tab2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

3bd1a494bf2c8c0506d01ba94fcfeb5c58e5b19a7555b29174355ed35a5b0955

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7bc9b0a8-ac6c-4e41-b92b-87f99aa7f216
content-length: 3485
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "b3765e2f3098225909c7d630d8f96ebe"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7bc9b0a8-ac6c-4e41-b92b-87f99aa7f216
cache-control: max-age=54459
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:26:22 GMT

GET
H2 200 tabs-extended.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 85 KB
10 KB 61ms
53ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tabs-extended.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e1c34f7ead90dea4877914b63dff670d5c62fd5837232d3a37896687af68ae9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: aeb1ee22-0810-4e89-80af-86d834320322
content-length: 9774
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "404db4c9a1213d7b4439f87861db8125"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: aeb1ee22-0810-4e89-80af-86d834320322
cache-control: max-age=47876
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 11:36:39 GMT

GET
H2 200 tab.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 7 KB
2 KB 67ms
59ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tab.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a84d21bb9220d654c977c2329c6cdd8918a2be930816587babe6d7d302d03ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9fd2fe25-4055-4579-a939-3d13268bcff7
content-length: 2241
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "b088dca44ac9ce47c47fef322d56f229"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9fd2fe25-4055-4579-a939-3d13268bcff7
cache-control: max-age=67810
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:08:53 GMT

GET
H2 200 get.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 66ms
59ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/get.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

a05993da80658bd5e341c5db65d4817f22db3f64722e336708fc188e8a16cf41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: b1c059f5-15f9-4dcb-b68c-b6220b622350
content-length: 1145
last-modified: Mon, 11 Dec 2023 21:21:57 GMT
server: Cleversafe
etag: "f998188fc3a16ce3ae882d03cd80bbc7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: b1c059f5-15f9-4dcb-b68c-b6220b622350
cache-control: max-age=67967
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 17:11:30 GMT

GET
H2 200 tabs.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 135 KB
18 KB 58ms
51ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/tabs.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

cd182d7ea1f4904b9b9b092a9fe2ef0a3413656e9222ccd319632861784ffdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8f08bd30-a24e-4ef2-af48-35d6fa0d9f4c
content-length: 18461
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "2543a19c173f2ece660037bce3f8c39a"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8f08bd30-a24e-4ef2-af48-35d6fa0d9f4c
cache-control: max-age=61758
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:01 GMT

GET
H2 200 collection-helpers2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 61ms
54ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/collection-helpers2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

de1324cf9615178ed5fd102bd4f7b793d0a27dfc5058470e896961be6adb1eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 61677a5c-fb60-41d8-a806-3ccfab10ae69
content-length: 996
last-modified: Mon, 11 Dec 2023 21:21:53 GMT
server: Cleversafe
etag: "b2d6c2eb16ca3b593b9ac6a37f43f29d"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 61677a5c-fb60-41d8-a806-3ccfab10ae69
cache-control: max-age=61833
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:29:16 GMT

GET
H2 200 162.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
1 KB 56ms
49ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/162.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

f9cedf3e356ef50849d37fa9e132a137f91584334ee823fa61d2c881784c6d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7bec1879-215a-40bc-8476-4e076e51b46f
content-length: 1167
last-modified: Mon, 11 Dec 2023 21:21:46 GMT
server: Cleversafe
etag: "105813b947576fadba5a6c0c572d68b4"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 7bec1879-215a-40bc-8476-4e076e51b46f
cache-control: max-age=61807
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:50 GMT

GET
H2 200 content-item2.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 124 KB
15 KB 71ms
64ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item2.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

e23fd7d9aaeb533a5fa226c21fd0cb510959b31351b638633eb3f6cd91287920

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 5726bdba-0e39-4dc1-bfee-5a564b1b7e81
content-length: 15271
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "2f2cf514b5c6ec3e005152f5b04376f8"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 5726bdba-0e39-4dc1-bfee-5a564b1b7e81
cache-control: max-age=54338
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 13:24:21 GMT

GET
H2 200 markdown.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 20 KB
6 KB 68ms
61ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/markdown.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7f4c138819c28d666fe76c9649f73fc15234b3e0c012d1568a56471576981e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 9211c017-1d75-4d55-b96c-4793ad246755
content-length: 5858
last-modified: Mon, 11 Dec 2023 21:22:02 GMT
server: Cleversafe
etag: "28fd12f7df4b4f4548ee055f96bea489"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 9211c017-1d75-4d55-b96c-4793ad246755
cache-control: max-age=73066
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:36:29 GMT

GET
H2 200 unsafe-html.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 4 KB
2 KB 65ms
59ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/unsafe-html.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

fe526d60c0f5076fbbc412b20ac31027669f546b9c8f974ae8cc0a051698877d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: d6d4d78c-86bf-4fa9-940f-c6f411e8bba9
content-length: 1235
last-modified: Mon, 11 Dec 2023 21:22:18 GMT
server: Cleversafe
etag: "0ce575b2dcd1b570706fb9d493c4c00e"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: d6d4d78c-86bf-4fa9-940f-c6f411e8bba9
cache-control: max-age=73057
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:36:20 GMT

GET
H2 200 content-item-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 64ms
58ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-item-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

b9b7d6f4795baa46e5b6c84f52913aac15361608a2891ed985ffce99bf3f0486

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: defd7099-0b04-498a-b1c1-05e11be8a32c
content-length: 3525
last-modified: Mon, 11 Dec 2023 21:21:55 GMT
server: Cleversafe
etag: "fbd85424074c20a83fac3f6df36544a7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: defd7099-0b04-498a-b1c1-05e11be8a32c
cache-control: max-age=61813
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:56 GMT

GET
H2 200 stripHTML.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 3 KB
1 KB 69ms
63ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/stripHTML.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

c1ff2dbeb7ec307f4c0c212bbddd5c0ebaab97ca20e3b47b41b3addf7bf75e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: c36114fb-dabe-49d7-9214-d92166901573
content-length: 1019
last-modified: Mon, 11 Dec 2023 21:22:17 GMT
server: Cleversafe
etag: "2d8857dd30d8fcd25e05b75d132d8521"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: c36114fb-dabe-49d7-9214-d92166901573
cache-control: max-age=73075
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 18:36:38 GMT

GET
H2 200 content-block-paragraph.js Show response
1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/ 11 KB
4 KB 63ms
57ms Script
text/javascript 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/content-block-paragraph.js

Requested by

Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

7be74588981e0dae1ec0bb1bd26e6af2e4203b97176be92de475ab5a06bd2c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://1.www.s81c.com/common/carbon-for-ibm-dotcom/tag/v1/next/cta-section.min.js
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:43 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 8af01b77-6c15-4e2a-95e1-db251ecdd02d
content-length: 3535
last-modified: Mon, 11 Dec 2023 21:21:54 GMT
server: Cleversafe
etag: "c9744c0cbdd60cc6f017a13de9ece3c0"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-clv-request-id: 8af01b77-6c15-4e2a-95e1-db251ecdd02d
cache-control: max-age=61799
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 15:28:42 GMT

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012405300626000/ 51 KB
14 KB 9ms
4ms Fetch
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

d5e79e1d62c2955ff7996be7c49c02bfe527b56e6bf47d62e54face1ada0160b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: text/plain
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 16 Jun 2024 10:10:17 GMT
age: 130106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14451
x-xss-protection: 0
server: sffe
etag: "20edad0c62abc5b7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 16 Jun 2025 10:10:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 103ms
3ms Script
text/javascript 142.250.76.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: analytics.newscred.com
URL: https://analytics.newscred.com/analytics_c7caef17012f48e99285467c1b6d8423.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 21:20:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3520
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 17 Jun 2024 23:20:03 GMT

GET
H2 200 wp-emoji-release.min.js Show response
securityintelligence.com/wp-includes/js/ 18 KB
5 KB 432ms
432ms Script
application/x-javascript 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:44 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Wed, 10 Apr 2024 18:25:26 GMT
server: cloudflare
etag: "4926-615c2299d7f67-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes
cf-ray: 89566ac65c42571b-SYD
content-length: 5062

GET
BLOB 200
OK 94f749db-2efd-4332-a215-761b8b235f68
https://securityintelligence.com/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://securityintelligence.com/94f749db-2efd-4332-a215-761b8b235f68
Requested by: Host: securityintelligence.com
URL: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bbe7de5108b119a65b2c480dbfa708846a11d83fa3c329143f0558fad471a97

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 52081
Content-Type: text/javascript

GET
H2 200 p_12c26b645bf374a49570ef4ca94c771947277b1996374ea7c5b028658b80c0e8.js Show response
tags.tiqcdn.com/dle/ibm/web/ 998 B
1 KB 1219ms
893ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/dle/ibm/web/p_12c26b645bf374a49570ef4ca94c771947277b1996374ea7c5b028658b80c0e8.js
Requested by: Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 243a166f89a57b2aa9482d40a206f82298d557f1ee94d179a7af9a65ca3b9b51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
last-modified: Sat, 13 Apr 2024 11:54:28 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
etag: "7850abcf31ec3b16c424c2399c423907"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 998
x-amz-cf-id: AH4pTryKOJEdj1j9awS723jcyVvhtaUrVfATWAEpTA2-jsi5prlA-g==

POST
H2 400 r Show response
us-central1-amp-error-reporting.cloudfunctions.net/ 11 B
269 B 548ms
191ms XHR
text/plain 216.239.36.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-amp-error-reporting.cloudfunctions.net/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jun 2024 22:18:44 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 232cb845b4353a534d5bef8eec48eb44
cache-control: private
function-execution-id: pu2mycsd7yic
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 356 KB
93 KB 3ms
3ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Requested by: Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0ce00c5e34798e7a17d3fedeb01624650b43e52d6bd225e1c79c2db013ae10c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: PtIeKykfP1C4coVu8gp6_9ONgJPXJQ3E
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:14:12 GMT
last-modified: Mon, 17 Jun 2024 17:40:10 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 277
x-amz-server-side-encryption: AES256
etag: W/"de87a1fb4cb5a9bace25b7e8098846cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 0uYV6FYVla9CyKNDZ8sT77dd830y2oGtQT62cDV6e090Q9utyLhYmg==

GET
H2 200 bmaid Show response
cloud.ibm.com/analytics/ 48 B
2 KB 136ms
123ms XHR
application/json 23.216.58.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.ibm.com/analytics/bmaid

Requested by

Host: 1.www.s81c.com
URL: https://1.www.s81c.com/common/stats/ibm-common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.216.58.187 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-216-58-187.deploy.static.akamaitechnologies.com

Software

Resource Hash

2038d3e6e7c025806202d2893cb7412372d92215bfb18cbe84c6228582316e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: */*
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Mon, 17 Jun 2024 22:18:45 GMT
x-content-type-options: nosniff
akamai-grn: 0.9df23717.1718662724.2db5013
x-envoy-upstream-service-time: 7
content-length: 48
x-xss-protection: 1; mode=block
x-request-id: undefined
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
etag: W/"30-+AsXYRC1Bk2Gabd5wgmJsWuUwUc"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 utag.28.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 2 KB
1 KB 5ms
2ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.28.js?utv=ut4.46.201803300231
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70a689877e94704ab6533146c6c94a39774c5399bb3554107fdc20736e0ab3f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ZODCnsVR1zURoafEHzZmnSo4vKgn5Bs6
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:15:50 GMT
last-modified: Mon, 17 Jun 2024 17:40:08 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 175
x-amz-server-side-encryption: AES256
etag: W/"52c75a78be4adafeb03665a2e0a8a724"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: oHx_q8AeePWU0oDD9u-Di1ofYq7-bfMArKbd66Xeis_n_Ager7Z9EA==

GET
H2 200 utag.162.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 59 KB
13 KB 5ms
3ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.162.js?utv=ut4.46.202312041527
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ca2e492935730b187034c6cf95970edee6f2cf24f33307f60f4295a7b5ee2774

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: xtBUHL5kCS4bFDh7poKoh.XhF.wbegdE
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:17:55 GMT
last-modified: Mon, 17 Jun 2024 17:40:03 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 62
x-amz-server-side-encryption: AES256
etag: W/"e85a583c3c8a59aded1d87ad33bfa746"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: HIN4bPzkvSe2IHbMNPmgu6pKBIrJbX7xH2TlaAUC6gTSmUqJcvASTA==

GET
H2 200 utag.238.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 79 KB
15 KB 7ms
5ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.238.js?utv=ut4.46.202405221714
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46b9cd5a89bba2857aac0b5e8c24658738fce66bd9461de1913c58f05f761f09

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .Z8jBEeBvtKdhQsAb_gJKOtDaE9CHMPL
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:17:55 GMT
last-modified: Mon, 17 Jun 2024 17:40:09 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 62
x-amz-server-side-encryption: AES256
etag: W/"915baf1ae96ce5f4f36cb23a7f2ca9bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: yXlYgkxh3Jgi87dezYkvYKOyPCbBqrqBVyE1jqo3xwzUwgKx91Habg==

GET
H2 200 utag.184.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 16 KB
5 KB 7ms
5ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e070715527628cca4fbefeb4aca155122d465927f027749002686ab1e5996e31

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: M.GclnKCjTjQOkg2Orn_TDUF3oP6VtBh
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:17:55 GMT
last-modified: Mon, 17 Jun 2024 17:40:05 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 62
x-amz-server-side-encryption: AES256
etag: W/"6ac835da1b923dc97a29acc1e348804c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: w6A20nU6KJELAfAkUCnj16kqeuI02yOLGU5jkkjho-KCsAVD6a-pwQ==

GET
H2 200 utag.16.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 6 KB
2 KB 13ms
11ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.16.js?utv=ut4.46.202307241802
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab0c85bb7d7e520e804eae416b5154387a38b1a34cdf41d8ce13071649eaff37

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fnl2mGS1rZVPlikQwZwa_6wpgC3wa6LT
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:18:44 GMT
last-modified: Mon, 17 Jun 2024 17:40:07 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 6
x-amz-server-side-encryption: AES256
etag: W/"4bafce8c84250f4715e7d7985de2654a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: fWPauAlyZXXwathAoqoYsaLNd04R-dkQycHfe6kt-gALJ6Xs40jQ9Q==

GET
H2 200 utag.233.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 25 KB
5 KB 7ms
6ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.233.js?utv=ut4.46.202209151740
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81527351dcca40774320392c4848e906fb667cc78b05f44279874a08684cff25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: x27kUzrjtKUrErV7B_vkdbYrOy0EgAUu
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:17:55 GMT
last-modified: Mon, 17 Jun 2024 17:40:03 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 62
x-amz-server-side-encryption: AES256
etag: W/"795cb227bcc86c005cb5d80a410ca748"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 4u-ESAQHNvUoga9ZWhNmkmTCsiwUZBnUvRuMm-VfCG1gyRqELAcxog==

GET
H2 200 utag.222.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 4 KB
2 KB 9ms
8ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.222.js?utv=ut4.46.202206270344
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad96d92f9dd1d6fae5f44e563c410c9eec4cd25b8b58feed3b9347bf333f1ad9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fHORZVexAG1lnnWzghdos2_4Z_ZNoXM_
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:18:44 GMT
last-modified: Mon, 17 Jun 2024 17:40:05 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 6
x-amz-server-side-encryption: AES256
etag: W/"ee5b34f1f6bde5137a489928ac7c8249"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 683GpModE5L3VmWUjavSn6sKOQlX1bdj4bPbXyqSV28rP54XiooMYw==

GET
H2 200 SI_primary_rgb-80x80.png
securityintelligence.com/wp-content/uploads/2016/04/ 2 KB
3 KB 202ms
202ms Other
image/webp 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/uploads/2016/04/SI_primary_rgb-80x80.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69926b96246d404d0ff12457196703cb2c0dfd63c76f85f5bc7d75594ff9060c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:58 GMT
server: cloudflare
etag: "9b8-60a2282b877a1"
vary: Accept
content-type: image/webp
x-webp-express: Redirected directly to existing webp
accept-ranges: bytes
cf-ray: 89566acecbf0571b-SYD
content-length: 2488

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 2ms
2ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=ibm/web/202406171738&cb=1718662724938
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Mon, 17 Jun 2024 22:11:20 GMT
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 445
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: ivlVeynfhc0U1XIxqs8d073YlPtgpqpt1wfsLxnXl5CT9j9QryayiQ==

GET
H2 200 notice Show response
consent.trustarc.com/ 45 KB
14 KB 286ms
271ms Script
text/javascript 18.65.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=AU&language=en&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.244.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-244-94.syd3.r.cloudfront.net

Software

Resource Hash

8fa42619b223e34545ca62e0748cd06aaa92654cbd2b7e2cc9a370d7c3133e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
via: 1.1 490b2d87256587a734fcd39d5d6c7392.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SYD3-P1
vary: Accept-Encoding, Origin
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: max-age=3600
x-amz-cf-id: afCw4otijAvhMCJrxlncIK8fQdXIBk132mgn73Thojl60djLQS4tXQ==

GET
H2 200 ab057a07.min.js Show response
scripts.demandbase.com/ 87 KB
24 KB 18ms
3ms Script
application/javascript 18.67.110.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://scripts.demandbase.com/ab057a07.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.110.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-110-3.syd62.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dd3a85ea0a4fe7bc1e7915cb0a43226c00d75e26cd0721f73124714933073d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XpifpVC3d7yb7hY8WaknPr8anCkdbYw0
content-encoding: gzip
via: 1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 21:20:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: SYD62-P2
age: 3501
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 12 Jun 2024 21:15:04 GMT
server: AmazonS3
etag: W/"c65439fbde71f50b3ebf7d79597d8b60"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: EHK9tNwOlbYHvX9nl32ndXJQhKiMu9oqwif9N5O0547zNToJhq7xqQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 657ms
113ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-143580012-4

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

67e73c2f4c5c3acc9383632080a096fe97c1642ff68884062b73e4a1aa63bdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72384
x-xss-protection: 0
last-modified: Mon, 17 Jun 2024 21:18:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 17 Jun 2024 22:18:45 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
756 B 23ms
8ms XHR
image/gif 3.24.67.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.67.182 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-67-182.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryu3rFh5EJ2AvIAEwz

Response headers

date: Mon, 17 Jun 2024 22:18:44 GMT
x-serverid: uconnect_i-047bf9d671eb88b00
x-tid: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: ap-southeast-2
content-length: 43
pragma: no-cache
x-did: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 88e526f0-c95a-4c36-bc3f-7347e52fb1dc
expires: Mon, 17 Jun 2024 22:18:44 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 53 KB
19 KB 212ms
111ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

34034d6bdaa7c74e2f5fc190253d43cab2c4386e046f99076c891f7b808d0362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19410
x-xss-protection: 0
server: cafe
etag: 9471715316976839693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 17 Jun 2024 22:18:45 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 646ms
121ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Jun 2024 22:18:44 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8464F22C6ED44EA3ABC5AF092DB56154 Ref B: SYD03EDGE1613 Ref C: 2024-06-17T22:18:45Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 utag.199.js Show response
tags.tiqcdn.com/utag/ibm/web/prod/ 4 KB
2 KB 8ms
7ms Script
application/javascript 18.67.93.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.199.js?utv=ut4.46.202406171738
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-103.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bbfa145271dfeeabc191664ab8c9ad90af4f5120b2e8a6f6f2cf1a828911e7c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .0IXerHHbJfqDsZS2ANu9vqfsa2VPOtA
content-encoding: br
via: 1.1 0cf8dd8ff8bb60665199a3fb2c2f8e9e.cloudfront.net (CloudFront)
date: Mon, 17 Jun 2024 22:18:44 GMT
last-modified: Mon, 17 Jun 2024 17:40:08 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 190
x-amz-server-side-encryption: AES256
etag: W/"099be60be21f52eaf87b60935839f67d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: M70j4QsSPVWyrtt8o8Re_IW73V0FYWBcw3RqRWJHrrV_0COGVJCTdA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 536ms
3ms Script
application/javascript 23.32.5.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.32.5.109 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-32-5-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:42 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=48860
accept-ranges: bytes
content-length: 16683

GET
H2 200 sync
s.company-target.com/s/ Frame 36D6 0
0 209ms
198ms Document
text/html 34.96.71.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.company-target.com/s/sync?exc=lr
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.71.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.71.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-methods: GET,OPTIONS
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 634
content-type: text/html; charset=UTF-8
date: Mon, 17 Jun 2024 22:18:45 GMT
via: 1.1 google

GET
H/1.1

200
OK

log
segments.company-target.com/
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCMXswrMGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12973m5sRsMNfgtnsOyGiM-ErZbXgihGqVwIpOeIFc_gHQ8

26 B
348 B

335ms
201ms

Image
image/gif

108.158.20.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12973m5sRsMNfgtnsOyGiM-ErZbXgihGqVwIpOeIFc_gHQ8
Protocol: HTTP/1.1
Server: 108.158.20.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-71.syd62.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 17 Jun 2024 22:18:45 GMT
Via: 1.1 8a987ddeb53d46074ad1f07f669c10c4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SYD62-P3
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: 5ntlvDh8DJpcviltV01oQRiHlGFt__41ArwugjoMbPirCN28KWcHuw==

Redirect headers

date: Mon, 17 Jun 2024 22:18:45 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://segments.company-target.com/log?vendor=liveramp&user_id=Xc12973m5sRsMNfgtnsOyGiM-ErZbXgihGqVwIpOeIFc_gHQ8
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 511ms
2ms Script
application/javascript 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 22 May 2024 17:01:28 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12104

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ 460 B
970 B 168ms
154ms XHR
application/json 18.65.244.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&page_title=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.244.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-244-62.syd3.r.cloudfront.net
Software: nginx /
Resource Hash: 0c6360095b095e0aeea120f1581a49652ffe0e3ab0c55164684677064a12124f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
identification-source: CENTRAL
via: 1.1 59b0eb2f33939f549a18868a652690fe.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD3-P1
x-cache: Miss from cloudfront
request-id: 190ec874-6c17-4557-865f-7e8a46657097
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://securityintelligence.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8f_DJSxP1bFUn-oK5Pm4jGZ6WE5ilQnTXRfXinpVfmdKFi1M0PF0gA==
expires: Sun, 16 Jun 2024 22:18:45 GMT

GET
H2 200 01902847fd1f001cbdae67e2d25d0506f005e06700b08 Show response
visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/ 27 B
245 B 16ms
5ms Script
application/javascript 52.64.144.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/01902847fd1f001cbdae67e2d25d0506f005e06700b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1718662724983

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.64.144.217 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-144-217.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 5bb250642aee1969f11538f6e000acbc52752b43-SNAPSHOT
date: Mon, 17 Jun 2024 22:18:44 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-southeast-2
content-length: 27
x-nodeid: i-0fc06d1877990b2cc
content-type: application/javascript; charset=utf-8

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
755 B 6ms
5ms XHR
image/gif 3.24.67.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.67.182 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-67-182.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary3GauiEvZHcj4lmxA

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
x-serverid: uconnect_i-0ec19ed8b41d2bb52
x-tid: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: ap-southeast-2
content-length: 43
pragma: no-cache
x-did: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 2a97d598-8f66-4cae-a1bd-3def01a4713c
expires: Mon, 17 Jun 2024 22:18:45 GMT

GET
H2 200 01902847fd1f001cbdae67e2d25d0506f005e06700b08 Show response
visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/ 27 B
244 B 3ms
3ms Script
application/javascript 52.64.144.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/01902847fd1f001cbdae67e2d25d0506f005e06700b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1718662725074

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.64.144.217 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-144-217.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 5bb250642aee1969f11538f6e000acbc52752b43-SNAPSHOT
date: Mon, 17 Jun 2024 22:18:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-southeast-2
content-length: 27
x-nodeid: i-0bc3e58d170fc7e16
content-type: application/javascript; charset=utf-8

GET
H2 200 favicon.ico
securityintelligence.com/wp-content/themes/sapphire/images/ 15 KB
2 KB 194ms
194ms Other
image/x-icon 104.18.24.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securityintelligence.com/wp-content/themes/sapphire/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.241 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22a20d772ae2efb4f5455ff81bd4bbbd04e6649ad28e9f946218ad74a2602f12

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
last-modified: Tue, 14 Nov 2023 20:19:02 GMT
server: cloudflare
etag: "3aee-60a227f614a20-gzip"
vary: Accept-Encoding
content-type: image/x-icon
accept-ranges: bytes
cf-ray: 89566ad01d44571b-SYD
content-length: 2367

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
754 B 6ms
6ms XHR
image/gif 3.24.67.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.67.182 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-67-182.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVl0FSKtaPsPQQH4K

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
x-serverid: uconnect_i-01dfe61cf6356ff8a
x-tid: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: ap-southeast-2
content-length: 43
pragma: no-cache
x-did: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: aa942dca-5551-432a-a301-d952f7aaa4c3
expires: Mon, 17 Jun 2024 22:18:45 GMT

POST
H2 200 i.gif Show response
collect.tealiumiq.com/ibm/main/2/ 43 B
755 B 6ms
6ms XHR
image/gif 3.24.67.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collect.tealiumiq.com/ibm/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.184.js?utv=ut4.46.202202020151
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.24.67.182 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-24-67-182.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryRLCm5RxTGFSwokP5

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
x-serverid: uconnect_i-06571f8662bfded31
x-tid: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc: ibm:main:2:datacloud
x-region: ap-southeast-2
content-length: 43
pragma: no-cache
x-did: 01902847fd1f001cbdae67e2d25d0506f005e06700b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://securityintelligence.com
x-ulver: 48d6d444c60a48b0fb994a4aed1c725e05c4a4b7-SNAPSHOT
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-uuid: 1e6ca7cc-5e05-44b8-9e85-961a1941859e
expires: Mon, 17 Jun 2024 22:18:45 GMT

GET
H2 200 bg9s Show response
tag-logger.demandbase.com/ 0
419 B 1147ms
823ms XHR
text/html 18.67.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag-logger.demandbase.com/bg9s?x-amz-cf-id=8f_DJSxP1bFUn-oK5Pm4jGZ6WE5ilQnTXRfXinpVfmdKFi1M0PF0gA==&api-version=v2
Requested by: Host: scripts.demandbase.com
URL: https://scripts.demandbase.com/ab057a07.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-91.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8SdDCdpJvGjkSiMFPv08XcVSgwOMVVmH
date: Mon, 17 Jun 2024 02:27:59 GMT
via: 1.1 3437ef72cec711eb0ebed9222a22cf66.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 71455
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
content-length: 0
last-modified: Tue, 07 Mar 2023 20:47:02 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: JBQrgYB7euuRbS6ZUBoZugAVCk3UZpyZyNUY0KGEi_ML1zE0W9uq2A==

GET
H2 200 01902847fd1f001cbdae67e2d25d0506f005e06700b08 Show response
visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/ 27 B
244 B 7ms
4ms Script
application/javascript 52.64.144.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/01902847fd1f001cbdae67e2d25d0506f005e06700b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1718662725169

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.64.144.217 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-144-217.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 5bb250642aee1969f11538f6e000acbc52752b43-SNAPSHOT
date: Mon, 17 Jun 2024 22:18:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-southeast-2
content-length: 27
x-nodeid: i-0ee7ee490d38449d9
content-type: application/javascript; charset=utf-8

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069499076/ 3 KB
1 KB 414ms
104ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069499076/?random=1718662725176&cv=9&fst=1718662725176&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tiba=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

f75641bdf876b5bb0f4bdc6835ca11b88e7afa5f1b65de18fd82734d957686df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069499076/ 3 KB
1 KB 412ms
103ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069499076/?random=1718662725180&cv=9&fst=1718662725180&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926%2C509562773%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tiba=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

b74e15c53792ce175f4a3cfc3a11bb7759a6a90334dd5c18571b486a618ed079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1438
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 01902847fd1f001cbdae67e2d25d0506f005e06700b08 Show response
visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/ 27 B
244 B 3ms
3ms Script
application/javascript 52.64.144.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://visitor-service-ap-southeast-2.tealiumiq.com/ibm/main/01902847fd1f001cbdae67e2d25d0506f005e06700b08?callback=utag.ut%5B%22writevamain%22%5D&rnd=1718662725181

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/ibm/web/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.64.144.217 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-144-217.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-version: 5bb250642aee1969f11538f6e000acbc52752b43-SNAPSHOT
date: Mon, 17 Jun 2024 22:18:45 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-region: ap-southeast-2
content-length: 27
x-nodeid: i-0bc3e58d170fc7e16
content-type: application/javascript; charset=utf-8

GET
H2 200 get
consent.trustarc.com/ Frame C31D 0
0 3ms
2ms Document
text/html 18.65.244.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=ibm.com

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?c=teconsent&domain=ibm.com&country=AU&language=en&privacypolicylink=https%3A%2F%2Fwww.ibm.com%2Fprivacy&js=nj&noticeType=bb&text=true&pcookie&cdn=1&gtm=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.244.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-244-54.syd3.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 1968
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Mon, 17 Jun 2024 21:45:56 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 eeb64902174f0e1f0d97e045fce78e24.cloudfront.net (CloudFront)
x-amz-cf-id: EkqfosdkXV5TK2clmarkH6GfmIDvaZXsk8qcCl9wdNSQN9q8iqnRJA==
x-amz-cf-pop: SYD3-P1
x-cache: Hit from cloudfront

GET
H2 200 v1.7-518 Show response
consent.trustarc.com/asset/notice.js/v/ 93 KB
27 KB 6ms
2ms Script
text/javascript 18.65.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-518

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.244.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-244-94.syd3.r.cloudfront.net

Software

Resource Hash

d7d5fd37104b920289011c87a92c7e3681251179c9fd1ff79a47ab93e128424b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 17 Jun 2024 21:37:39 GMT
content-encoding: gzip
via: 1.1 eeaafdd5e22d1448912c6cf3e1e5bd58.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 13 Jun 2024 04:06:42 GMT
x-amz-cf-pop: SYD3-P1
age: 2467
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
x-amz-cf-id: oCvNhpCABmUU-7pNNk9oNMZ0bU_isSoMgDc2z2y6JLFF5smsjzv2IA==

GET
H2 200 log
consent.trustarc.com/ 43 B
1 KB 261ms
260ms Image
image/gif 18.65.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=ibm.com&country=au&state=&behavior=implied&session=22fd5461-76a0-44c7-8704-58c7a48eb59e&userType=NEW&c=932e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.244.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-244-94.syd3.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 490b2d87256587a734fcd39d5d6c7392.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: SYD3-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: 7SzDwyV9M-UdnsvyG-erY0i0iB0vMPxbxfO4mKUn7KTKpXXEciMSUg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_63t7ez76/ 3 B
124 B 14ms
0ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_63t7ez76/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_63t7ez76_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 314ms
9ms XHR
application/json 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_63t7ez76_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 97

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 19ms
1ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1718662725510&id=t2_63t7ez76&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=b4f25941-910a-4541-b079-0b59ae279f4d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 sans-hebrew.css
1.www.s81c.com/common/carbon/plex/ 3 KB
658 B 5ms
3ms Stylesheet
text/css 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-hebrew.css?family=IBM+Plex+Sans+Hebrew:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

0cbf79af6d2132bca6eed80db08f55f84a564924f6946552221baa73baedd306

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 3dc2c848-b819-4c5b-8e2e-0d8865133396
content-length: 348
last-modified: Fri, 17 May 2024 17:55:37 GMT
server: Cleversafe
etag: "0e3e8a821d64aa8bf9053545e9dc57e1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 3dc2c848-b819-4c5b-8e2e-0d8865133396
cache-control: max-age=35510
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 08:10:35 GMT

GET
H2 200 sans-arabic.css
1.www.s81c.com/common/carbon/plex/ 3 KB
658 B 7ms
5ms Stylesheet
text/css 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-arabic.css?family=IBM+Plex+Sans+Arabic:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

4cca4309ca87d494514c4ba3e5b75cd593306b2891891480f871970e3ad242d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: e7d104c0-736d-4600-b28d-9cac50d360d7
content-length: 348
last-modified: Fri, 17 May 2024 17:55:36 GMT
server: Cleversafe
etag: "42836eb9a71af2bbed2595f473d35be6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: e7d104c0-736d-4600-b28d-9cac50d360d7
cache-control: max-age=8618
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 00:42:23 GMT

GET
H2 200 sans-jp.css
1.www.s81c.com/common/carbon/plex/ 675 KB
159 KB 7ms
5ms Stylesheet
text/css 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-jp.css?family=IBM+Plex+Sans+JP:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

46d5afa9b13dbd0bb7f5cb4a06880cb662782cfdd740e2f1db2c7fc92b8cc9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7c9aa621-60ff-4ab7-bd75-45a783a5a0be
content-length: 162198
last-modified: Fri, 17 May 2024 17:55:37 GMT
server: Cleversafe
etag: "03e30c28baffaa730907544eabaed604"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 7c9aa621-60ff-4ab7-bd75-45a783a5a0be
cache-control: max-age=25624
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 05:25:49 GMT

GET
H2 200 sans-kr.css
1.www.s81c.com/common/carbon/plex/ 404 KB
87 KB 11ms
10ms Stylesheet
text/css 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/carbon/plex/sans-kr.css?family=IBM+Plex+Sans+KR:wght@400;600&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

Cleversafe /

Resource Hash

43400012faefe705b9fe8f49a088c3037476e6de6f139e4ef7a54ffd1598776e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
x-amz-request-id: 7a42b7f9-1b08-42ae-a276-3d5133b5afd5
content-length: 88360
last-modified: Fri, 17 May 2024 17:55:38 GMT
server: Cleversafe
etag: "68e3eb466c17d539299d469b0f23235f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-clv-request-id: 7a42b7f9-1b08-42ae-a276-3d5133b5afd5
cache-control: max-age=36414
accept-ranges: bytes
x-clv-s3-version: 2.5
expires: Tue, 18 Jun 2024 08:25:39 GMT

GET
H2 200 ibmplexsans-semibold.woff2
1.www.s81c.com/common/fonts/plex/v1/ 37 KB
37 KB 10ms
4ms Font
font/woff2 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-semibold.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
strict-transport-security: max-age=2592000
last-modified: Mon, 19 Jun 2017 20:17:05 GMT
server: AkamaiNetStorage
content-md5: z5UWknac7Z0FWhN2mXfHFw==
etag: "cf951692769ced9d055a13769977c717:1672864811.754472"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=296596
accept-ranges: bytes
content-length: 37416
expires: Fri, 21 Jun 2024 08:42:01 GMT

GET
H2 200 ibmplexsans-regular.woff2
1.www.s81c.com/common/fonts/plex/v1/ 34 KB
35 KB 11ms
5ms Font
font/woff2 23.52.231.196
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1.www.s81c.com/common/fonts/plex/v1/ibmplexsans-regular.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.52.231.196 Sydney, Australia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-52-231-196.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/
Origin: https://securityintelligence.com
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
strict-transport-security: max-age=2592000
last-modified: Mon, 19 Jun 2017 20:17:05 GMT
server: AkamaiNetStorage
content-md5: eSYTpp4e/tmcui3POb3b1A==
etag: "792613a69e1efed99cba2dcf39bddbd4:1672864811.711241"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=192921
accept-ranges: bytes
content-length: 35276
expires: Thu, 20 Jun 2024 03:54:06 GMT

GET
H2 200 get
consent.trustarc.com/ 679 B
996 B 5ms
0ms Image
image/svg+xml 18.65.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=ibm_close_icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.244.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-244-94.syd3.r.cloudfront.net

Software

Resource Hash

96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Mon, 17 Jun 2024 21:25:25 GMT
via: 1.1 490b2d87256587a734fcd39d5d6c7392.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SYD3-P1
age: 3199
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 679
x-amz-cf-id: LGrtqn3ljiCyh4dsdHBQ30TPKi-GvjrNhp88mRGMEE0ZVkSXU8vyeA==

GET
H2 200 bannermsg
consent.trustarc.com/ 43 B
1 KB 269ms
262ms Image
image/gif 18.65.244.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/bannermsg?action=views&domain=ibm.com&behavior=implied&country=au&language=en&rand=0.37342004745771296&session=22fd5461-76a0-44c7-8704-58c7a48eb59e&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.244.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-244-94.syd3.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.prod.internal.trustarc.com https://.trustarc.eu https://.prod.internal.trustarc.eu https://.staging.internal.trustarc.com https://.trustarc-svc.net https://.truste-svc.net https://.qa.truste-svc.net https://.dev.truste-svc.net http://localhost: https://.nymity.com https://.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-security-policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.prod.internal.trustarc.com https://*.trustarc.eu https://*.prod.internal.trustarc.eu https://*.staging.internal.trustarc.com https://*.trustarc-svc.net https://*.truste-svc.net https://*.qa.truste-svc.net https://*.dev.truste-svc.net http://localhost:* https://*.nymity.com https://*.qanym;; upgrade-insecure-requests; block-all-mixed-content; report-uri https://csp-reporter.tools.trustarc-svc.net/report
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 490b2d87256587a734fcd39d5d6c7392.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: SYD3-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: cross-origin
expect-ct: enforce, max-age=60
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), camera=(), speaker=(), microphone=(), vibrate=()
x-amz-cf-id: mSYOJY6q-emzzsEZ2T8WkNFbgphyeERRhxBG7Q9GW263X4llpEQAMw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
980 B 573ms
255ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYbHVlE8FAaDryw+MQp8w==
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E11351251C6D4A72812361C6DD176E2F Ref B: SYD03EDGE0917 Ref C: 2024-06-17T22:18:45Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 00061b1d5944f0501a0ebcb0f8c429f3

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9268%26time%3D1718662725522%26url%3Dhttps%253A%252F%252Fsecurityintelligence.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cookiesTest=t...

0
163 B

190ms
190ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cookiesTest=true&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 17 Jun 2024 22:18:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 43568DABF08348A19E0413DDC95D9C52 Ref B: SYD03EDGE2014 Ref C: 2024-06-17T22:18:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYbHVlNf4aB32815G4yAg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
date: Mon, 17 Jun 2024 22:18:46 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYbHVlKeeRIWv4trmW/4Q==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: D30CCC7B681B4F20BA6E9B5B10C1D33B Ref B: SYD03EDGE2014 Ref C: 2024-06-17T22:18:46Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9268&time=1718662725522&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069499076/ 42 B
64 B 201ms
102ms Image
image/gif 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069499076/?random=1718662725180&cv=9&fst=1718661600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926%2C509562773%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tiba=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLFVg0xS0TR928GsGuN7V1DRKSWLoWUw&random=2637798220&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1069499076/ 42 B
64 B 202ms
103ms Image
image/gif 172.217.167.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1069499076/?random=1718662725180&cv=9&fst=1718661600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926%2C509562773%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tiba=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLFVg0xS0TR928GsGuN7V1DRKSWLoWUw&random=2637798220&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069499076/ 42 B
64 B 201ms
102ms Image
image/gif 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069499076/?random=1718662725176&cv=9&fst=1718661600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tiba=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLdAVqFhcBJ8eQauNKobQuv3OelkgYaA&random=4080981583&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com.au/pagead/1p-user-list/1069499076/ 42 B
64 B 203ms
105ms Image
image/gif 172.217.167.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/1069499076/?random=1718662725176&cv=9&fst=1718661600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C466465926&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=480&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tiba=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&hn=www.googleadservices.com&async=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLdAVqFhcBJ8eQauNKobQuv3OelkgYaA&random=4080981583&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 146001191.js Show response
bat.bing.com/p/action/ 1 KB
841 B 121ms
121ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/146001191.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b03972a0a55517f3f807c4f9cc99663428d3dc9416bb78b1649a20ffa11f3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 17 Jun 2024 22:18:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23600FC0ABD54E5D92D9587521B37F39 Ref B: SYD03EDGE1613 Ref C: 2024-06-17T22:18:45Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
362 B 120ms
120ms Image
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=146001191&Ver=2&mid=4dfd7586-cf21-4222-8f5b-116db4e86dfd&sid=900627002cf711efb57c39817f97ca7e&vid=90065d402cf711ef840eabfe27428614&vids=1&msclkid=N&pi=918639831&lg=en-AU&sw=1600&sh=1200&sc=24&tl=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&p=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&r=&lt=14572&evt=pageLoad&sv=1&rn=548693

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jun 2024 22:18:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7872DFE4DC14DCB8A38DFBDA7A9F1DE Ref B: SYD03EDGE1613 Ref C: 2024-06-17T22:18:45Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
151 B 99ms
98ms XHR
text/plain 142.250.76.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=283384315&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&dr=None&dp=%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&ul=en-au&de=UTF-8&dt=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDACUABBAAAACgDo~&jid=1663099853&gjid=1476806654&cid=1994813499.1718662724&tid=UA-143580012-4&_gid=460181615.1718662724&_r=1&cd12=securityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research&cd15=(undefined)&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cd17=None&gtm=457e46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&cd6=implied&cm54=1&cd1=0&cd2=SECURITYINTELLIGENCE&cd5=f95be134-cf8c-42f0-aafe-6667463c2e9a&cd7=US&cd8=IBM%20Software&cd14=MKT&cd27=10A00&cd31=en&cd32=Security%20Software&cd33=15SCT&cd34=url-12c26b645bf374a49570ef4ca94c771947277b1996374ea7c5b028658b80c0e8&cd35=1718662722682&cd37=securityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research&cd39=PC090&cd69=prod&cg1=Article%2FBlog&did=dYmQxMT&gdid=dYmQxMT&z=606856353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
93 KB 108ms
108ms Script
application/javascript 142.250.67.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FYECCCS21D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-143580012-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.8 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9a2d087fa2d4b3da28f642c6ab8ab410744cce6f5b549956066164f4d85c3f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 17 Jun 2024 22:18:45 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 2ms
2ms Image
image/gif 142.250.76.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=283384315&t=event&ni=1&_s=2&dl=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&dr=None&dp=%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&ul=en-au&de=UTF-8&dt=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=USER_PROFILE&ea=USER_PROFILE&ev=0&_u=6HDACUABBAAAACgDoAC~&jid=&gjid=&cid=1994813499.1718662724&tid=UA-143580012-4&_gid=460181615.1718662724&cd12=securityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research&cd13=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&cd17=None&cd16=None&gtm=457e46c0za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&cm54=0&cd1=0&cd2=SECURITYINTELLIGENCE&cd5=f95be134-cf8c-42f0-aafe-6667463c2e9a&cd7=US&cd8=IBM%20Software&cd14=MKT&cd27=10A00&cd31=en&cd32=Security%20Software&cd33=15SCT&cd34=url-12c26b645bf374a49570ef4ca94c771947277b1996374ea7c5b028658b80c0e8&cd35=1718662722682&cd37=securityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research&cd39=PC090&cd69=prod&cg1=Article%2FBlog&did=dYmQxMT&gdid=dYmQxMT&cd40=identify&cd41=identify&cd46=2d08a95f-5daf-438c-98f2-0b3ac9d62bc8&cd48=1718662725058&cd49=003d0f25-7c28-f9c8-0308-0f257c290308&cd60=false&cd68=false&cd3=2d08a95f-5daf-438c-98f2-0b3ac9d62bc8&z=1597723192

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 05:03:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62135
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 146001191 Show response
bat.bing.com/p/insights/t/ 712 B
903 B 330ms
330ms Script
application/x-javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/146001191

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/146001191.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

51943bd99d7e5e5e2b32c76fdf25a609ea9139b00da2b7031c5ce519fbcefb5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 17 Jun 2024 22:18:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A944939C4FCB44E48F1D4D80E3A9AC01 Ref B: SYD03EDGE1613 Ref C: 2024-06-17T22:18:45Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-azure-ref: 20240617T221845Z-165f476fb8bqh7tqygf1zdv7cg00000003f0000000009fde
content-type: application/x-javascript
x-cache: CONFIG_NOCACHE
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 603
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
352 B 585ms
94ms XHR
text/plain 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-143580012-4&cid=1994813499.1718662724&jid=1663099853&gjid=1476806654&_gid=460181615.1718662724&_u=6HDACUAABAAAACgDo~&z=1879707541

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jun 2024 22:18:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 103ms
103ms Fetch
text/plain 142.250.76.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FYECCCS21D&gtm=45je46c0v9103482433za200&_p=1718662724932&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&gdid=dYmQxMT&cid=1994813499.1718662724&ul=en-au&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&dt=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&sid=1718662726&sct=1&seg=0&dl=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&dp=%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&tfd=15671&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FYECCCS21D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s24-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.7.32 Show response
bat.bing.com/p/insights/s/ 35 KB
15 KB 123ms
123ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/s/0.7.32

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/t/146001191

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 17 Jun 2024 22:18:45 GMT
x-cache: CONFIG_NOCACHE
x-fd-int-roxy-purgeid: 51562430
content-length: 14999
last-modified: Fri, 10 May 2024 17:30:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C6FBF17DCF8E482696431FE784D27D7A Ref B: SYD03EDGE1613 Ref C: 2024-06-17T22:18:46Z
etag: W/"0x8DC7116E7C400CE"
vary: Accept-Encoding
x-azure-ref: 20240617T221846Z-165f476fb8b2glvc8geffn6vrc00000006q0000000006r55
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8ba3db90-a01e-003d-7092-bd58c0000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28

POST
H2 204 p Show response
bat.bing.com/p/insights/c/ 0
217 B 330ms
330ms XHR
text/plain 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/c/p

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.32

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-webinsights-gzip
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jun 2024 22:18:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C42296CB9AF8435FA3F9B55301B6703C Ref B: SYD03EDGE1613 Ref C: 2024-06-17T22:18:46Z
x-powered-by: ARR/3.0
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://securityintelligence.com
access-control-allow-credentials: true
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 99ms
98ms XHR
text/plain 142.250.76.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=0&a=283384315&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&dp=https%3A%2F%2Fsecurityintelligence.com%2Fnew-banking-trojan-icedid-discovered-by-ibm-x-force-research%2F&ul=en-au&de=UTF-8&dt=New%20Banking%20Trojan%20IcedID%20Discovered%20by%20IBM%20X-Force%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDACUABBAAAACgDoAC~&jid=73421321&gjid=1967544664&cid=1994813499.1718662724&tid=UA-150713566-56&_gid=460181615.1718662724&_r=1&_slc=1&cd12=c7caef17012f48e99285467c1b6d8423&cd15=26b924d9-dcc8-4423-a776-2a9f1f614ee7&cd13=(not%20set)&cd17=(not%20set)&cd16=(not%20set)&cd1=(not%20set)&cd14=(not%20set)&z=1322240283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.76.110 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 22:18:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securityintelligence.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
201 B 193ms
193ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://securityintelligence.com/new-banking-trojan-icedid-discovered-by-ibm-x-force-research/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 22:18:46 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7059E9FE4B4449BEB6368028D1618166 Ref B: SYD03EDGE2014 Ref C: 2024-06-17T22:18:46Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://securityintelligence.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYbHVlQeartQn/0q470jw==

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cloud.ibm.com/analytics	1970-01-21 07:00:22	Name: com.ibm.cloud.console.analytics.anonymousId Value: 2d08a95f-5daf-438c-98f2-0b3ac9d62bc8
.ibm.com/analytics	1970-01-20 21:24:24	Name: BM_SESSION_ID Value: 1718662724932
.securityintelligence.com/	1969-12-31 23:59:59	Name: pageviewContext Value: f95be134-cf8c-42f0-aafe-6667463c2e9a
.securityintelligence.com/	1970-01-21 06:09:58	Name: __ncuid Value: 26b924d9-dcc8-4423-a776-2a9f1f614ee7
.securityintelligence.com/	1970-01-20 21:25:49	Name: _gid Value: GA1.2.460181615.1718662724
www-api.ibm.com/	1970-01-21 06:54:37	Name: notice_preferences_master Value: {}
www-api.ibm.com/	1969-12-31 23:59:59	Name: 1816d7fd5563fd474b747d804593718b Value: d9a9ac1eb47afc3715c5b56265c1d60e
.securityintelligence.com/	1970-01-21 06:09:58	Name: userContext Value: n/a\|0\|0\|0\|AU\|NSW\|0\|n/a\|implied\|zz\|n/a\|n/a\|n/a\|n/a
.securityintelligence.com/	1970-01-21 06:09:58	Name: OPTOUTMULTI Value: 0:0%7Cc1:1%7Cc2:0%7Cc3:0
.securityintelligence.com/	1970-01-20 23:33:58	Name: ga_visitor Value: Direct\|Organic\|0
.tealiumiq.com/	1970-01-21 06:09:58	Name: TAPID Value: ibm/main>01902847fd1f001cbdae67e2d25d0506f005e06700b08\|
.cloud.ibm.com/	1970-01-20 21:25:49	Name: com.ibm.cloud.console.nEU Value: 1
.securityintelligence.com/	1970-01-21 06:09:58	Name: BMAID Value: 2d08a95f-5daf-438c-98f2-0b3ac9d62bc8
.securityintelligence.com/	1970-01-21 06:09:58	Name: utag_main Value: v_id:01902847fd1f001cbdae67e2d25d0506f005e06700b08$_sn:1$_se:4$_ss:0$_st:1718664525159$ses_id:1718662724896%3Bexp-session$_pn:1%3Bexp-session$is_country_requiring_explicit_consent:false$dc_visit:1$dc_event:4%3Bexp-session$dc_region:ap-southeast-2%3Bexp-session
.rlcdn.com/	1970-01-21 06:09:58	Name: rlas3 Value: Isoh3Vpi9LjMqLzcyEt7j4LH/mM4R77Ub3jvWZTisWA=
.company-target.com/	1970-01-21 07:00:22	Name: tuuid Value: 9326ca60-c76f-4d36-ab89-be197c0c5122
.company-target.com/	1970-01-21 07:00:22	Name: tuuid_lu Value: 1718662725\|ix:0\|mctv:0\|rp:0
.securityintelligence.com/	1970-01-20 21:24:24	Name: TAsessionID Value: 22fd5461-76a0-44c7-8704-58c7a48eb59e\|NEW
.securityintelligence.com/	1969-12-31 23:59:59	Name: notice_behavior Value: implied\|eu
.casalemedia.com/	1970-01-21 06:09:58	Name: CMID Value: ZnC2RYsFVkQAAAi.AI7SEAAA
.casalemedia.com/	1970-01-20 23:33:58	Name: CMPS Value: 4988
.casalemedia.com/	1970-01-20 23:33:58	Name: CMPRO Value: 4988
.rlcdn.com/	1970-01-20 22:50:46	Name: pxrc Value: CMXswrMGEgUI6AcQABIGCMrdKhAA
.securityintelligence.com/	1970-01-20 23:33:58	Name: _rdt_uuid Value: 1718662725508.b4f25941-910a-4541-b079-0b59ae279f4d
.doubleclick.net/	1970-01-20 21:24:23	Name: test_cookie Value: CheckForPermission
.securityintelligence.com/	1970-01-20 21:24:22	Name: _gat_gtag_UA_143580012_4 Value: 1
.bing.com/	1970-01-21 06:45:58	Name: MUID Value: 054C6EC338A06F02151C7A6239926E16
.bat.bing.com/	1970-01-20 21:34:27	Name: MR Value: 0
.rubiconproject.com/	1970-01-21 06:09:58	Name: khaos Value: LXJJEUIG-C-GX6J
.rubiconproject.com/	1970-01-21 06:09:58	Name: audit Value: 1\|bsyJZ8J4UcaCkZW9bSTSz+VprEd5C5I7bvq2v//MlaEFdJM/KZ/oM0sb4wkLxu1lWt3gvCXyCGCM1KxoLazIt5mwZQnb46mpP+pfrn8bRujqUfik/Dceh8Ajh4Wcs8gdq+/xcs/lPX+0bjnVV0RheAm6Em7YWEofcmESKmf2cwrTmoFL5pKQsaZr5ZVxLWDe
.rubiconproject.com/	1970-01-20 23:33:58	Name: receive-cookie-deprecation Value: 1
.securityintelligence.com/	1970-01-21 06:09:58	Name: _ga Value: GA1.1.1994813499.1718662724
.securityintelligence.com/	1970-01-21 06:09:58	Name: _ga_FYECCCS21D Value: GS1.1.1718662726.1.0.1718662726.0.0.0
.linkedin.com/	1970-01-20 23:33:58	Name: li_sugr Value: 8bdfee4c-e3ba-4968-ab62-5991a6abc667
.linkedin.com/	1970-01-21 06:09:58	Name: bcookie Value: "v=2&39a690a3-ac0d-4a11-8c1f-6397f700d0ae"
.linkedin.com/	1970-01-20 21:25:49	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3228:u=1:x=1:i=1718662725:t=1718749125:v=2:sig=AQF3rvEW4aZ6xSopyBAZVhQWRWQyK0xE"
.tremorhub.com/	1970-01-21 06:10:19	Name: tvid Value: 360d7a1c70c3440d9ba045cc31952bbb
.tremorhub.com/	1970-01-21 07:00:22	Name: tv_UIDM Value: 9326ca60-c76f-4d36-ab89-be197c0c5122
.linkedin.com/	1970-01-20 22:07:34	Name: UserMatchHistory Value: AQI9p-_szV6Y1wAAAZAoSAH1T4ijSbyzW4Q5KQf7wENPdArtjdaR6y2a00VZbdiiD4ruMI007k2Tyw
.linkedin.com/	1970-01-20 22:07:34	Name: AnalyticsSyncHistory Value: AQJuhC3y3npLUAAAAZAoSAH1c5c9Y_3MvuYqVAzxceky4lkzgZ5904OLmZllz8dMclhP9RIgWO4HOnBluRBYEg
.bat.bing.com/	1970-01-21 06:45:58	Name: MSPTC Value: m51ZoE1LFYEl0KWMiD3fIZI6SMbkKLaIbNNTemVyh-g
.securityintelligence.com/	1970-01-20 21:25:49	Name: _uetsid Value: 900627002cf711efb57c39817f97ca7e\|1pzub4\|2\|fmp\|0\|1629
.www.linkedin.com/	1970-01-21 06:09:58	Name: bscookie Value: "v=1&202406172218465b3b0bce-ddc2-4474-897b-b5b4c60d25a7AQG5pKDuZcIZNpnykeRSMTLpkepblcfH"
.securityintelligence.com/	1970-01-20 21:24:22	Name: _gat_ncAudienceInsightsGa Value: 1
.securityintelligence.com/	1970-01-21 06:09:58	Name: _uetvid Value: 90065d402cf711ef840eabfe27428614\|k2eixb\|1718662726679\|1\|1\|bat.bing.com/p/insights/c/p

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://us-central1-amp-error-reporting.cloudfunctions.net/r Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.www.s81c.com
alb.reddit.com
analytics.newscred.com
api.company-target.com
bat.bing.com
cdn.ampproject.org
cloud.ibm.com
collect.tealiumiq.com
consent.trustarc.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
pixel-config.reddit.com
px.ads.linkedin.com
s.company-target.com
scripts.demandbase.com
securityintelligence.com
segments.company-target.com
snap.licdn.com
stats.g.doubleclick.net
tag-logger.demandbase.com
tags.tiqcdn.com
unpkg.com
us-central1-amp-error-reporting.cloudfunctions.net
visitor-service-ap-southeast-2.tealiumiq.com
www-api.ibm.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.17.248.203
104.18.24.241
108.158.20.71
13.107.42.14
142.250.204.2
142.250.204.4
142.250.66.194
142.250.67.10
142.250.67.8
142.250.76.110
142.251.221.67
151.101.1.140
151.101.193.140
172.217.167.67
172.217.167.97
18.65.244.54
18.65.244.60
18.65.244.62
18.65.244.94
18.67.110.3
18.67.93.103
18.67.93.91
204.79.197.237
216.239.36.54
23.216.58.187
23.32.5.109
23.52.231.196
3.24.67.182
34.96.71.22
35.244.154.8
52.64.144.217
74.125.68.156
00e97351d5110edbfcebc73e16afb85d9c9d09696df6b06d9012d11aa2467772
03d81c05d2b7bcd709563806be145309333dd0f398a91885350953cda5a1a04f
04b235fb0434ba2996a7adad1f77b7044133f11d7a0fd1fbdde3c027d761a7e5
05382ca2c2ab1254bdae63c9fd696e83b884f86bb55618949ecb0dea59a5df06
055242be429679afbdc44ca60d2060eff0d478b817102a347105adc5bbb6f90a
061d68548d70b449039f082ba0e4d8b5931e37eb74f0c1a1784a0fa83369476f
06f22cc39b965efddd2d8217790e7208ab61420129339a1dc960829719dd5137
0a3567cea782cf988632d67e366719a558655271771c40df1fdbb9a07c241157
0b03972a0a55517f3f807c4f9cc99663428d3dc9416bb78b1649a20ffa11f3f3
0c6360095b095e0aeea120f1581a49652ffe0e3ab0c55164684677064a12124f
0cbf79af6d2132bca6eed80db08f55f84a564924f6946552221baa73baedd306
0e82da81b591f6ffc35aa67bcd9e1c39aa5983f7f8baaf35892956e8b2dc004b
0fc1ffd7c6b0b952f94e417532ede23e2f88ddea35dce894f03ed7e9ebfc9cf4
0fd69e78d009137906a572580d329ad4dec672810b0eec8feb54ea4b511c3078
1039b43b5737d01337792f0fbaca68989e7a4f14c8d29bf5e778a7d2c2a3182f
108e3ea336fad8c51dca90cfd82f2dde7603282b773a9fa7b10a68fc5b3a3a30
10c32fc3bd960b57290d4469a55b9c3a970f58f72f3b37455d44b1f4885878ae
1168470362c9e25221d6b6657b18253250baf449c2b6c1f1fe9db13beb2f8c7f
131637e802df8efe821db2e04e2d5fbf8156e8dfd21c86f7568e0ed55c5ffa6a
148f5bd38cf3b8e0aec0003782dfbba92df960a30944bbe2f9f977213c762a5f
14b7e944a6eda6ba9615565de04c802af737a984edff3d66a2e46b2eb1cdbb83
1590392832c5c7e5fcfa0e76a406b9f40aa3384fa6d1a392c06cfff47633a920
15bd17f46697a0c40344ca45bb526210294bdbd89f268c3f457a4d0f1956aef1
15f0de6f72f96c642c24a05c883f7e6bec2c8ab4f9c165ebe7fb2e447cca3f1b
16302338afc2c7ecff024cad37c76d5ead033b25fcf4ba6354c6a31cffe8ae34
17f7dec0e77938aac0a94d62a97ad70ed43d4365da5b8edd49376583d25b28bc
1b2141c05ddf511cb9d13fe61e1e97f772e12e41f34b45e2013e5c92e7eb9b28
1c227006efb1fba0e36bb30543339fb562dca62f378baa11ec8b8ddfc8b97cd4
1ce57fe09c3a2b9bb5703bfb387c57a91be0baae1d219771455dd3f8e1503dca
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e02759d55df0cf6bfc3fae3f962a47c635693835441d8a83254d3a7600ddcbc
1fad73efd1fa15b2d69d2ec0d65bf11d4d3bf5ed4681462c6ddf05b8259cfb5d
1fb80047319fc7f35bf012bb331440197f1c7c9f4928a7d73e77f961985a5412
2038d3e6e7c025806202d2893cb7412372d92215bfb18cbe84c6228582316e75
20e00dd4e268dc8a079f63839014b0180acb03489e694d5f67c7e8ca73b9610f
212c50e5e49761927400c63fd6afa36d34cccfa0ed307d8d01a54bc1b1cf1af2
22a20d772ae2efb4f5455ff81bd4bbbd04e6649ad28e9f946218ad74a2602f12
22eecbdf47f752eb7cec9586b3fec89b38704ed2eaab7cdb58a490552c61a437
23073691dede45e2d556775ab7c67dc2ec4dee5413ede517b8423ee83e4cc9c4
243a166f89a57b2aa9482d40a206f82298d557f1ee94d179a7af9a65ca3b9b51
2474929d0b22a0b5083acba9ee9f6e50e0e68d0f8fe0001468af372ceb237a21
24f0af9588d389ba730e1125fd766c1ccaf512d29d325d8cac2813d1e02ecebc
25db506c7e7a025930194b8b4653366c93eee617991a4eca157ba477386b9ea2
26691fb2a91c3fe21ac008c78b11c02853e79e82abd07fece9f7ab11b3764582
27727943226d9adecce7b1378afd2eeb5e62a975975ffead5486615ed0f6c055
277aa765c2c0fc1eceb225af5f16552f2753e531190b61a78e1ab23b600bb186
27f02b94e79640b905bf25c89495d09fb0950faeea56a852e10f855f12c56d85
2a2ccac78fe77258cb0dcf897f713930423d19a155831adb0d4692382c879169
2b07f59da28676fe2f64a694c5423538198f7163aadebcc630fd613b530f5d65
2bea429dfcce30ae650c38ee5aa2957deed1b1f04bd81d24db0741044b025f46
2c5a8d602972048c36a43bc7204ccf206c50eb380fc209bf00b98833c26e7c68
2c9b0dd77d7e31d1d0d9e319a81b838f3641cbd982bb5c9ad45d68cda1ca4e99
2dc14b2ebaa9d37bc6cb8ecda0da7588dd328660edb43a7c635d39f46a79d394
2e50fd20cc0430024ee9914d1b372f4d98d4490712ca7eb0cda9d786e3a2b07d
2f22eeac4501bb24cd47630791adafd966bd0940d398def0c94b3f22767c7485
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
3278027216d38249989e1cf39be055d632e774f68118d18a5282b8cfdee08b6e
3329f8744f63d73dc769e111107ab2e3fc688aadbbc5c26a4e64031a72ba2a41
33d4cab117cef7685e20a4546688c0a5df5fb974fb596f26c1d276f84156e0aa
33e745c780d070b45ada0bc56e39390c19caec2381c6678cb477a59b95cec0a6
34034d6bdaa7c74e2f5fc190253d43cab2c4386e046f99076c891f7b808d0362
35524a2b84d2688f84a3a9b19b3af5a56773d1e9c2f8d469cf4625e5c833a6e8
35748f7aa812c5ab5ad698c1f82e2001f667599b7e614106ecf6fbbff84f5983
36804111118e2ad330c9e26337ae8b46cf89ffdcae9eb9cd90269004a06d8e8a
374c61fb8261a766c9a6d5d78a36047aa8f82ac86e5811008d3131de82795413
391dc528a428a16f90b7ba966a0ed85d1ada1fbcf828c24ad3eb9b02d91f33fd
3a530c73051135e4e846ff802b0ac00681e252200643093bcb1f095a0409cba0
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bd1a494bf2c8c0506d01ba94fcfeb5c58e5b19a7555b29174355ed35a5b0955
3bdb4d576d4ad410916849e7c7d6e94f2bf3647e0fba1885b47a3b09fb262f1c
3be5f3576766c960983b315b072f6ca22578e2c34d97d54c27c2b44e565a8e16
3cc6d6cbbcb082f1536061bb5cd7387b729b62f147a461b7201156eb1d10c7a2
3d4168763cc7c89e4251a5b813bc96b2a2a1cfc6b78bd01e93eb0562a2bff69b
3dad2475c26b0269ff5725c68d74308f0f07271473f3a8828516b21d218e9d00
3df4c72b33d93f627a79f3ec0e4744d88f9478a3513a41ae0a2386abac4ef831
3fc2845d22c09928ba9dae73f657a21ede05bed89a42efafe1028bcbe4ee499b
4051bad11cd51207e434739953716de9f70ca00012652b1178c449a9da6842ca
40e39a2a1a1a5149a3303e38b732ac43b1c69edba7b42ab2d8688429a0fcd244
426088c52a92325403e37c7799edcd262e67191849c6d4b564d82467c77097cd
43400012faefe705b9fe8f49a088c3037476e6de6f139e4ef7a54ffd1598776e
438836179e58da34ffa952d54044cd6418887f212dcd9cbdbfb1e184f6d2d03b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4445c246bb44fad6c54a993d4b258c1802118fa85bbccd406662c8c5c95ac123
44593cf623a1ee35822978355705c9af11033841970d543c19ee548fef0f750f
44a14fefb8c37af73e740e0cd2c36051bf2136f4bf9e834e7237c6be19d66c68
44a55e68b0089ee691777917ed9bf22f764251c0a7f0253024a8b27c2278a8c7
44c9ebcdd27f2e42b1687408b43a9010aa0311a1ea4333ff589af21290e266e0
455fd63a5cee8e063c217befbf25b461788aa0e1385b2e8017422049aec2d017
45725f6aba012413709dd5927c4af00fe05e56d69da79134e4f8fb747450d897
45cf5e6406dc15cea5b9936a8cc17dfa66e525f541f58788ae196bd39fc59502
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
466d120fa656f164b036e1f9de2cdd29faa8e43b37d847d1e7e675a2f2846343
4676df23d89cb1eb3ccc4355ad76e8b03f913b27333d24fa9137d7902492f6d7
46b9cd5a89bba2857aac0b5e8c24658738fce66bd9461de1913c58f05f761f09
46d5afa9b13dbd0bb7f5cb4a06880cb662782cfdd740e2f1db2c7fc92b8cc9a9
46dc3b84e343393bc25e512a3466a68f2035647c1515ab3ce3b17e7beb52dc82
47b78c84d51eee5fd2e57b890b669c0fec62c832c1c6841034b332a2f8d27e1c
480ee17ae9bd1943c860d3ca42f244b02462071cbf31bbf06e314f37bad84b99
48d3bcb4f8e3b1e50266dfe8bbf41815b4043c450d0042bbf5c057a0ba34512e
4ad7d300b807f0923a45372fdd08592d6a85b8c17b51b9a730b82f137b700c8c
4b23563b01f795fd12489dd66e36f70b33556c517c4a47de7714dfeaed3b14cd
4c5eb6a7a557ccd9622cff8e53c9b95f543c97b5411a22b726fc56f078055af9
4cca4309ca87d494514c4ba3e5b75cd593306b2891891480f871970e3ad242d8
4cdd2c5e80b344731d46a78ab0effb8b8802340c5222131514d4d4bc1787bb9b
4d4cb2bdcedfe67851df0a0098e36c6fecb22a3832cb46e59f663e37169cdd14
4daf37c4400eb748090f8ef717a92b6c2ada74d4a27206996c1c001dc2360d72
4dd1908c6a8fd56a009de150a0d1b0c6c18a21543ff2f246a7108f385a22500e
4e57cf766447c0f0f0473dd492b395ea0e401261811c8f8218faac081a107a8b
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f1784ddd618453f60a7b05f4b9a28c732a42c008e2cc427babddbacd0dbbd95
512ad42436ff03797962addaf6aa6f3fefdda82e75fd58d30628739b49164748
515ff3e09bbf3de4971f15af45a4a60b191cd9cc64e20f3463b43e1558f8516e
51943bd99d7e5e5e2b32c76fdf25a609ea9139b00da2b7031c5ce519fbcefb5a
51b55d095033da97c0b57b7d02035cec0064e83018d9c04378e98fd72336ae0d
520ce26b6197072574754f35e9234cdedc2ec12924558a291d6140fb39e0a8d3
5244398b242f5982921e6f2d76116bd02e3896a584aa4db945df4e26264676d0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
534a72d8cbdb7e793828deb405bead2f4c57e6e6c8e4bcb70c6c1d5508e09d02
545ef6ead6a9dc0d3d26407b68fe2249fc910d54a9657d5d32de0a856e892e13
5465b1b664a221d0b15541bb0bec7f6ab8cebfe44d96fc087d94e9d5ced0ffe4
546e4bc3982abc529b8e6def8fba17b95f797a33d5a615351c3ecabbd4a32888
546f45981d2584126d3157e7035c54b05115f3fe5b21b79faf6d00a6d9508b50
55202926a14875494185d7df9264a3e871153129368ced8fe904da4cbe51e3fa
555a116644043f85e66b58349cc49079be7192f717b8238c0ead571451c492d5
5790f65182367ee37e03f746cb278c50d07f2224d9658c34b98c2d8f8f60dc61
580410bce2b2067d7f22d95475dad5abf008a95ddb3561a2eef756c431e1f35f
588b5f84ecbbc7124ca8a9e90d2a80a3c8157db7898467e7b23a5d735c9e78fb
58e96e00197e9b0750a7e98d02cb2f0aaa333de489c33ff02a72310dc361b6d0
591a6a94143a5b8cbdd7fe5551d441d899ddfb6448737be08941f7f4373222c1
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c18e13e16f8f31e2072cb42c3b9b351ae354b14348385be05e59dc767be32a8
5cbf8fd3a1f019a086ebe036f6083d8762a9e1a6520702022ebb7e4dd07d22e2
5d5997f11a9482db230a12a91801a5006294d0c68817607fb2d8efdc7ecf006a
5ecaa6823047993e686bc225c8d2de74227f68a9758818a8a2faf37c5ecbba63
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
5f300ce5623ab42dd2e013b707265acb5fc74b76592b04a22bc21c512c36a564
5f54db8a9fb067c11f77f277791ff8e8c27dc612a6eff881c233409b5e54964f
60a69b71ca37f27f48a3ddf5ed1fd31e0ce2669ef9638654c9f5aaea2d60de5e
60ed749d6f5cfc6cbaef111aeee9a3d3fc37807555bc3152210b1a7824fa8872
6159b47fb067881c2f6910753eb8702b5f0c01ada24da36a84862a45bce07950
636c039cd55a93fd5f45174a3ad250ea24413e065b509bfed3b06d9644d0896c
64541d6d00c236d45a4b46b189a5adbd2336349ed8fbebee9e03a9e0b6e823fd
65abc7b0e6de94afe1a08ad5ca902eae3e8ddca70f632cf80c304d39c5a4434e
663a14b3fbb5e44ad939917a2f6f4d93f31a0a1d8ab6702fb0a66036141ddc8b
67e73c2f4c5c3acc9383632080a096fe97c1642ff68884062b73e4a1aa63bdb7
687a057c92b4f6239167f336f96e053988db59f36e61c906ae61a85d0abe5896
68969bac2a1db27ac853c8c231e8031bbd53afc29379ab0e4ee68a20fb85bafc
69926b96246d404d0ff12457196703cb2c0dfd63c76f85f5bc7d75594ff9060c
69e90c7e56645fc910589528888c00a914b1ec05cf00c77f7ddf9d99770e9142
6a342819ad55eb833b9d94923f4a3a790cbc67ffa1ec7fbc800f2682f3c2f4d7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bbe7de5108b119a65b2c480dbfa708846a11d83fa3c329143f0558fad471a97
6be62c2f8d5edfd48f4d8de499432b74c846ad441c4edf63d0d4a68f14a3d368
6c725974f1982b5ec1aeff0f5546683467d3a6808c686f77448bb56a438d1498
6eb1725148073b0d97917b373c481dd25c2d4c07fdf00f1377a2591cddde3b50
70a689877e94704ab6533146c6c94a39774c5399bb3554107fdc20736e0ab3f6
70c35a3b3b36b2fc6bfa0561f148268064ecc7ccf10e336bf3b91540326a647a
70e86f96c689b4d31fd726460660ff73fd3a4643ede63ad358ce9cbebbc3de05
73f701d7eed1b391a0387b4337cb71fd5ac4cae4cdd90baa4a8e30eab0ba413d
75526a1f79a580e2b1452091b385354c2ef225f0d230af14f21e194f13d47c6e
77f5d507b3bd2c7ed625d8291b3f9a91e4ee29839781d09c67cfbe1f0f4dec49
7a3a1a24324b661e918681982552dba1b617b5f0313344dcce1bc39fd36f773f
7aa21b9b8893d784d946e1f07e965831823018cc6123fb0f97ec2c38cf7e0403
7badf3f8d9de634e94a26ad4e6480afb424ace7b21992ecc724960c026347fe0
7bb85c6b3eb442173f57214a267449e51548381a82fedb86428812815d0ec64c
7bbfa145271dfeeabc191664ab8c9ad90af4f5120b2e8a6f6f2cf1a828911e7c
7be74588981e0dae1ec0bb1bd26e6af2e4203b97176be92de475ab5a06bd2c8b
7c41b898c5da0cfa4aa049b65ef50248bce9a72d24bef4c723786431921b75aa
7c4bfbdad82735e58dd96f775aa45d11c965d9967e638e048318fc56df7dd5b0
7ecbc1d3b6c0d537ea94cf1485a9a9ef2734fbc48fa977d911bc5ac499cda2fd
7f09f7ed9350c681587c37e087601818e96a09bfccda3cf5f86daae2d9bab1a6
7f2c690cc6175be879d93be0ebfc16fa2e31e09ba7a536fb73b1aa5d0e05f9ba
7f4c138819c28d666fe76c9649f73fc15234b3e0c012d1568a56471576981e01
7f71745c11db1688fbefd3d72b7f748568b29fd2ca3ead276cdd08c95310b98c
7fea1aa753e5c23f4c56cfbd2707ea5a17b15b74ebd85c57128ff4499152379f
801557f34e0712e2d4d8957a174f30cfc1b06f4a963e41ee46aa123c495ffabe
808e3f3b08cb517cabda3690db1ba2ba69c39f0a8b201aa7ad57114485d9181f
81527351dcca40774320392c4848e906fb667cc78b05f44279874a08684cff25
819f5f74ac359bce633d6b4f3c10981663492d901065198ca0d2df185a4a855b
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
82769b62d196eb232019812300ebae249a33a833797db0921447c429db379c21
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835de0b00f5d8ea56795085cefcaf53d6017c132e081129f100188e005d6f2b3
83d7d4ad5e4725bef1d746ddbf1fc16dd065c9950a344b5ac8eb8b4a66cca642
842f46a7d8ca0abc47026e28a709cb6cea557e64daad9eb91a8bff507945c92b
84470416d4c27fdaf829fb73d080038f38c4162b4fcf13453198af1080346520
84d1bf4cd5b5fefe99357eac6db2f21c1e0e579112ffce60b2c69cd098f3ebeb
8566c12e70a78fae249238e8e20989ede0f2ba0c5e54859b5a6cae6ed72a7095
879c800760e3d4c1180ae0a041efbeecc1420edfb13513d373e2d6c8327f5f69
87a2ae83fa4d6afce7a749def8ef96a4d1329f981f587296307c90869c580bde
87aa7e8eecbcc64fcd6878351518a72c7e495269e206cb10472959d50d6c8f95
8993b3ab7f762fa0645a1177e24547c2fdd729f34d1189b99e72e0c725d957cf
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8bfbc721b242454c04cd907419888ac023dc4c4f4986bd7b8cfa71194cde0821
8c0d06ba574de5682d0c5fce9a27ba5f0593ce31751c198b19d7bf83739a4e65
8d5dfa4004f79dd34fe59fff43b7fe46c095577d58745b6a66ff677b2bfe1553
8f19c6d6e152827203ecdde3583ef11e2f28ff0b8903beca54647f255949deaf
8f52e656ea443d8568ab27dd68776e39dc7ddc03af9fa234a93e7f537287cb0c
8f5846dedbc1a167297f4ea6714f75ba35da3d4049c707e3105568329b170a3a
8fa42619b223e34545ca62e0748cd06aaa92654cbd2b7e2cc9a370d7c3133e5f
91d40010d62b672e27e66350839c5d9b0f0cf11b918d0fbe22ae28bca3bb8cc9
96509ae3806587a5029b14cfa9a0a4ebf0dddaf201bf34516f92edb593f20261
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98e8a67bfc49b85d714f91c8d7fd1931c6269e2a7cb2c2e5fa554a775694abe4
9a2d087fa2d4b3da28f642c6ab8ab410744cce6f5b549956066164f4d85c3f0f
9b6a8a47b2ee723329aaceb68a28e591c7da541832af19b6efda3310a46a8dbb
9b7941b794961b6e08a51f63b7c7b2878740b5b6da37673a4e95618e13b0c495
9bb19f369be6814be10d4cf49d4755e5925e49b872341aa8fb4ea1f4ac4b90fd
9bba7bc380932c1423013444386143a21a3ec797e78f68c2bdf81350d4e79eae
9c8f633e0bb1e0b5e8b24936fb875ff21e28f5db929bef360731ad0adafd1653
9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236
9e5c6ffc03c35b00ba073da7047038391eae135cd65088c7667519aa25af72af
9edc28759e1866c29cc73e8b388ac0b1b044e93cca651a8da39102e263b525a0
a05993da80658bd5e341c5db65d4817f22db3f64722e336708fc188e8a16cf41
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2678914f25ce6f77376659fd248aa0da2f36996f4d777dba0d2dd4fc6095803
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3261b9d052c312bc785b144f133cb4140ef4065d95b77587538a56e6b450e57
a3d562dd7f27076647d2ee17526d676491ef9fe959edd2179d5538265d8e72cf
a43f650076aff5160d5199648cb8aba0c77431dc6118ab697006c7e677e63fa7
a471adff76be3d1424ea51211c2d61f0f1ac441be15e86ce6606d50b7789fc24
a5468ad5750d7374997aefbfe093ae29c3ee7dfc8ec5f51702c40eb6b90f91ae
a550027dbe16ae842d3f4e3632f8ade0c352c147330698f518c38f8f87555989
a5bb5196d568ccc436e40919b0daaefdbbec711bfcfdbf3a82930bbb58a7bd20
a66ed3676d5acad73204f823a330ad283240d24b5d15a81ebfcc276a87495729
a6d5adaf3a68ff52fcdcf50861572525528e6dbb2199724333e23f7367f9fb16
a70b9635dd7cebe8634aa78201f5533e14c7521c46462f036fc82feaa0dfddb6
a70c2df9665defd3c6bcd1ecf9f29eb39f8c9ecd93e8ab522d30aa4ea25c3b89
a7c866af237441e1f47b0cf45fe22fce9f25d35671b0b0cf87a30157024394e3
a84d21bb9220d654c977c2329c6cdd8918a2be930816587babe6d7d302d03ef2
a93ccf89475f83336712a14da8d52d2d4a8f1b93e62465507e5e74fec5857860
aa8fb84a43802c369be5cc8ffb33bb3f7099cd6c29d8c998bc49bf12f6f25241
ab0c85bb7d7e520e804eae416b5154387a38b1a34cdf41d8ce13071649eaff37
ab94e9181ccfa0fbd37d9523154d1b8e27825737b0228d14e2ef14396d1d9f2d
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
acc61f08e979d54268daa7615e1121c83687a2eece1a1de04ca00a6aad397e69
ace941f3e5f95397596ca7394eba3d53e79e7c717ba7fab29e857c4010b353b7
ad16e16f52ee83e37132ca80f7f8b1f50286407656eab81fe73e45c1cbd164ce
ad367e536c20c594229b6d90ac4097730886eac4f8e11b07e908e584a62b1268
ad96d92f9dd1d6fae5f44e563c410c9eec4cd25b8b58feed3b9347bf333f1ad9
aec2a44eeea6df3fe0ddd88e4f2dd5b227ef678b89ce754251060fc5160f9ac9
af500480a770c61c159f2c95933c6b8f10f2dad5161667aaf3487cfc17a0d8a0
b054619e4845729c52a31708e871e23b327a53c26d7cc52309a30d1b858fe44e
b0f116b6070f8658986fd7db10d550321846965128feca7d1b5ae786dad708e3
b0fabb6cdca970485d787ab3aa2ad69ec7be6a7e1da3d1e702431ad88f513331
b11dee66c99d6b6e3444a2f66694d0f7de9a7c8d728d68690feb7b3a4d9f924d
b1adc37024c81c7b878f628cf843156096426dcd8a2ca9b74dba9688b9851d09
b2892b1c7e5dba9aa27ca9559244807f20538bd11574076962478a06cf08e0d0
b31a3b2cb739733fdf9ee5f1dfdda95bf7831e50c7085d4472ecc0ff98633df8
b35308dc2d61f097257b0ad2cb3b7308276a9f50e288f1ca99a0434080cd0673
b40171ca518b6dd358d7230c1890e1d76423338ed22d95f19a587ebda44eb0ec
b427f52a719026de868165a02f2bac2e8292e2b7a749e1f11fe14a71c0aed79d
b64a42cb2d4bb0497aa1bd9f04cbe3aaafdf5e40b62bec89004b1726f0f10b56
b6b223048d53962ba8887fa17fd057385058f87474cd247e974ec87c2df4d693
b74e15c53792ce175f4a3cfc3a11bb7759a6a90334dd5c18571b486a618ed079
b9b7d6f4795baa46e5b6c84f52913aac15361608a2891ed985ffce99bf3f0486
ba73ff4bde6333360947ed9d66ed173a7d217338d4a18a0b38a860e110e3d788
bb18d4166211ffb4d0b77cd388bfbb4d89718a11ba413ee5fbca320fe0f2cc2f
bb91a3d6fa4ce291537aa3a50eccedf2fd8c79c98f89083a9fae9aad5b106f8d
bbc2a908d267ae71b9d9d50ea105b17c52835c0155ba62a40b4be067f4e71e85
bbc367f73bc831632abae23bd931a4b50ebabe6bb1a36a89e48c9e5ec3dfea8e
bd14d0b978a5aaa57bf28684442136fe2afdb7e4768a81a5365d75250b032321
bd3c06907c8bae0fbe82d227181eb6aeb1f1e8c38b693e6bf403de980c2f2a42
bd597b9019a5779af45853abf6ea477dec205d4b1b126ea80780ffa050570034
bd839798395d9e9fea69c568f9449c28b96eecb756947eb0e19881158eefcdb7
bd8cf80ac0e7f7fa126a0cbe0f16d568325a156ca744e8f1e6aef14a9f23e2b2
bdd999dce9f8de3da1944d2ceb87bb7dfdd13cce89ccda787500b796a5251740
be3244f18ec46e3495666e8f7a9163ffac8bc1b41ec08255609fa7ed27adc30c
bfad53aa5488b166229cc8470e7755b2ca60e6e4fa9e00de64bdbac5b564bb34
bffde2dc0f1de1372fcc64e33a129386adc36be643ed00ffeb188c06521ca2ea
c05bec41bceb98e3741eec5abe5ca5db721510c1e92afabc2a222d2dfefb558d
c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a
c0c68ee99978a72f6b30031323c8b4793e97e24ff03adb6edb22ffa7d5d6a24a
c0d3d87b8bd38c73c165621f789cb83413e1e5a023801d8be026b8ca0617a6d5
c1ff2dbeb7ec307f4c0c212bbddd5c0ebaab97ca20e3b47b41b3addf7bf75e9a
c23269df2b82f8486814488d21a8e6e1ed55afae34877a44fc2573a5914a3cb8
c61cb46c0622deb811081ad6416cd92036f89e68e1dce91e471d92e00b0faf08
c6c4aa2602e3356046f5d00ce1d6b56190e8e985618b8dc2d01e72d58ccb6492
c813bcb8b6f45b885a02fa0d03cc9b499ccda7623a3b7392c84c14f18e75c3af
c870aabc7adf8c354ea4a86cab2e1e6d254c829247988df9f26e6e78778d1d8a
c8d0dcf01dafd2c20f57fa2400fb0e95051ff11be6d9e75dcf154b9bf1e4da50
c8d124da4c83eab62cb6300dab7e1c6365430c42338d3c529760a9c15dcd46f4
c9717bdf1a395d9b36792d842da11dc0f736587439691c013c651ce5acafb3c3
c9787b0f5966042b61044d6bf6b50de04fe2e8bd595554f41df9d6e7ea533de9
ca2e492935730b187034c6cf95970edee6f2cf24f33307f60f4295a7b5ee2774
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb107bfd360d379e6de729ca91b805f47a6e0affe7f814743f998d70264a671e
cb341d420886eb30d9643840bd2017e4f74c9bb86edbee866f7e3e518495ac69
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cd182d7ea1f4904b9b9b092a9fe2ef0a3413656e9222ccd319632861784ffdb2
cde8866183a768c3e0b93a8ff2efb0c999e65029ca02d853f5798bedb3a41095
cdeb355a9ffa6456ee2917eb1e985412af551ae8d30ff799e2d2249201d740cc
cdf398f0b57b04f7174b818d55ed5b1d0462802e2cd327aac8c11d2602ef39ff
d0227033bd5c1308b7c468b078482f8a512d0c3554a90a16ac95910f4b058c6d
d0d44a9193d52db1a3210e81813ab91b841202cbb73c85dd19ef552f112b440d
d0f02fdf609ea86efc0155d8b7964bfdc08250b3920043644f831e7c28b4a9d1
d17cb7e33b4982aa013bff4d3b9aca59b461d6bcb75c9d91a12288107c30ebe9
d1b5edc6ae60994126aa455fa391aab95e6d4c3c85356be0ce01e625cbac8ce2
d22151a8ab284610169dd85aef94ae8520ea2aff3a309b196a521fcc0619afc3
d2737b45406ac420fd0d05e0405a842a92dc64102ae9539385c4f5fd19df09d2
d2838a560ed590e2d2b0dfe28b0dfe664bf5ba55a675c6bd4195d77521b9a576
d2f5cf75a63fc6050035c507c308b27f1298db9c178bf0a98e852041d3bf574d
d566b0df5ed3c4e90da21a0ee58cce6cbd0d3259bb0f98bb31d524b00c0e9afc
d5e79e1d62c2955ff7996be7c49c02bfe527b56e6bf47d62e54face1ada0160b
d65b089121a7205b05eb696462e9b58048326f236f4e010c6415673f2ac42db3
d6919a40101e75c8accad2e0e756dc04e61a582c3f33ccfd51dd2593418e11fe
d7082511522c4df5d87ddcabb64e2696b0b316cd7b208d2e8110089a3dc5f705
d7d5fd37104b920289011c87a92c7e3681251179c9fd1ff79a47ab93e128424b
d86a381a8750a3e22956160bca45b26a41ae9068078382f7db7b59bca0962739
d8bc2fabd324a865fb6f11276bc6b7517f8c66e637f1b585b1a2a568a7065112
d8c05592597de267189f0f5b92e1cff66ff3131e9d51f56adb2d33663ed76e25
d913a95a44c9d6edff5f1b0c6ac6c004cd6ed5fa4e9659f6109ad2377df8db03
d9da5f743ccda2f1bc3c85cc1df42f8280feffc35dc75c38dc95b996b2369fa3
d9df6451975419c0b0f7b076b048cf03e83262c6643940a0d6ab5f976028a353
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
dd3a85ea0a4fe7bc1e7915cb0a43226c00d75e26cd0721f73124714933073d36
dd5588c8432d8f1630319a4d3a12d7f77adcf1e01e315a649275dca5e5921198
de1324cf9615178ed5fd102bd4f7b793d0a27dfc5058470e896961be6adb1eca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de80b2b0c32b938ed432b49c0f3dc09f8c6152fc6b090ac49294b891ad8933bc
df5e72491de42d519d782711ffe4b0914a57585f13235927db42324c5c8b8154
e036d4c0bab9dcd3d8ed9d625c2cdd24f4d0474f1a4232f0e7c9471aaf0cf470
e070715527628cca4fbefeb4aca155122d465927f027749002686ab1e5996e31
e0ae28c5a633fd1d7ca95e841dce0ee9614968e119122b05abe7d7bbac505558
e1a2ed0c708a2a9f8f96128e0f0ff4518dbf1af4e2f56276681273bb1659642f
e1c34f7ead90dea4877914b63dff670d5c62fd5837232d3a37896687af68ae9c
e23fd7d9aaeb533a5fa226c21fd0cb510959b31351b638633eb3f6cd91287920
e3142f8f9fc481a4f365b6c3c9c774a510167924a0d450de6678f4c12fd12491
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e517dd8ad821858de84b73d31c0efeb392eb780b46a38b79bba0005b33d694f1
e63a5f14e57733c2768ffe6a3f882f125df33487603a5a1a059daf7ccdf728f6
e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c
e748d41cd9cfe01dbb54a81879719cf10802004bdf822009e81e16673a9e0bce
e7cbc8627c6e593075352516c356c6789b7ae8d73a3f8f67d468529bbc94c4cb
e8247375044496d06ad9447a156f1bbc1e2a50e2895041ae5552d5554d3d5d4a
e878c84c5a5d323e7649bed33fee3829cbadb6ef0722d52a262099f7f906d8ac
e89cc85750cabe4a1352be2c824af05958b906fdf9ab9b9e99fdd15a4d798152
e8e8a692a3d205212b325961053e9fab1e3faadc837ff38fe709efc6a62261e4
e94dea6a076445d2063bbe7101fa33c8fb6cdd723863eb5c25eeaa81e3736b16
ea19d09e274ea490bbc49dd96de986b6826b466e9a4024c6e6e066652f151093
ea7f53d0f3c0177b20a3604c7263e406013ea8def4fa82f7a09361a8ac6845c2
eb16dcbcfed35fd40c5c61f3f7cb9661c7ca7608e9ad2cb9a81752fb195c76dc
ebd04a96b54329b8a1254bc7bd0e1479415c2f4b5e475216c7658a5874c1b071
ecdbd8d21ada7e09e601733e47c6451cc913b439cbea82ad83b93a96d9fa8cf8
edcb16fa396f7e60ad5d1796cf74ec7ba81cb86ab93878f23c09eec468dac6ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbaa31a58e8a666e4a16f95608bf41d683be39bb09d7e75c80d8ce0ce59b235
f059a5aa0a112fddeea0086027cdfb5c4c612a2e6d86e7e430213093b7425424
f09070396827145f8cb2728f9825de55826781572964ba3394a62c8234cdb06c
f0ce00c5e34798e7a17d3fedeb01624650b43e52d6bd225e1c79c2db013ae10c
f1ec7fd994ef08be61d7826fab880f881e7655fe756ebbedabef076769246852
f393eb2713d80f2e7cf87f9f094f4b524eedd64e3ad0fc0a9208bb348d3359d6
f42d85a1fbec8757d847b58ea0138e7c8a93e6769af086f4a1cf9dc46b5e6fa4
f6fc181079860f8a70036447d0b01c27ddde9705ad9b4a85cff86e5f8d6fe991
f75641bdf876b5bb0f4bdc6835ca11b88e7afa5f1b65de18fd82734d957686df
f8f2ea1401819fe906dc24d499bec9d073c2f3757be8f5e3944432001b9556f9
f976589b67405bbc6b9c773eaf742662f600465db7843d1e70100bb8f3c173cf
f9cedf3e356ef50849d37fa9e132a137f91584334ee823fa61d2c881784c6d5b
fb372a60a8b6705edbe2ab4c0d80b8418c5f1d26049433dd4d515c5eaa617e69
fb4529cc42ed4fdee59dfb30fec6d069634cb6b3211c2274505e556c8be0cf3b
fc9840876318b8c21fa8718b599a2942e6e23c9e302a37274a8b19be6a439864
fc9ad7df6018269998940126df5b35af77503a3b1aabc1bf7b0fa09f38b5b333
fcf24005b11cd05653dd1a1d3d13b8ed20f495811d5fd742ba73374eee3aa16d
fd553f6229e34abb458572766f7c5693c7fbe509dfb24558f5d9e99532d3d9d0
fdb01d0c2c147dd308754fc4e19de4f20f4474110825eed804def2b1775c0440
fe526d60c0f5076fbbc412b20ac31027669f546b9c8f974ae8cc0a051698877d
fed64fa7478ee94e0ed2e324e1b260be161b9f91b8ccf80c05724f88cac96109
fee248102959ee652ab2c28d934bbce89200a51a5cdc9968ce90f977f6dc1dac
fefb0dcf4a8a85f14b4d96ea1a89296353ef7e17a784bd914070b67db3b7b9ca
ff28d591b0707bfe7a8fc66020594a85ed5d4521f1a1671623a5770d336dad4c

securityintelligence.com Open in urlscan Pro 104.18.24.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

394 Requests

98 %HTTPS

0 %IPv6

26 Domains

34 Subdomains

32 IPs

3 Countries

3836 kBTransfer

17103 kBSize

45 Cookies

23 Outgoing links

Redirected requests

394 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securityintelligence.com Open in urlscan Pro
104.18.24.241 Public Scan

Screenshot
Live screenshot

Full Image

394
Requests

98 %
HTTPS

0 %
IPv6

26
Domains

34
Subdomains

32
IPs

3
Countries

3836 kB
Transfer

17103 kB
Size

45
Cookies

394 HTTP transactions
0 data transactions