www.threatminer.org Open in urlscan Pro
104.25.177.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.threatminer.org/av.php?q=Trojan.Shelma!
Submission: On February 13 via manual (February 13th 2018, 6:52:10 pm UTC) from US

Summary HTTP 84 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 6 domains to perform 84 HTTP transactions. The main IP is 104.25.177.5, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.threatminer.org.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on February 5th 2018. Valid for: 6 months.

This is the only time www.threatminer.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	104.25.177.5 104.25.177.5	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	199.96.57.6 199.96.57.6	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	216.58.206.14 216.58.206.14	15169 (GOOGLE) (GOOGLE - Google LLC)
1 9	74.125.21.104 74.125.21.104	15169 (GOOGLE) (GOOGLE - Google LLC)
3	216.58.207.46 216.58.207.46	15169 (GOOGLE) (GOOGLE - Google LLC)
1	68.232.35.172 68.232.35.172	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER - Twitter Inc.)
34	93.184.220.70 93.184.220.70	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
3	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE - Google LLC)
84	10

27 104.25.177.5 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.threatminer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.96.57.6 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.14 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 74.125.21.104 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: yv-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.207.46 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s24-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.172 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 93.184.220.70 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ton.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.10 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f10.1e100.net

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	twimg.com cdn.syndication.twimg.com pbs.twimg.com abs.twimg.com ton.twimg.com	587 KB
27	threatminer.org www.threatminer.org	1 MB
12	google.com 1 redirects www.google.com cse.google.com clients1.google.com	182 KB
5	twitter.com platform.twitter.com syndication.twitter.com	89 KB
3	googleapis.com www.googleapis.com	5 KB
2	google-analytics.com www.google-analytics.com	14 KB
84	6

	Domain	Requested by
27	www.threatminer.org	www.threatminer.org
25	pbs.twimg.com	www.threatminer.org
9	www.google.com	1 redirects cse.google.com www.google.com
7	abs.twimg.com	www.threatminer.org
4	platform.twitter.com	www.threatminer.org platform.twitter.com
3	www.googleapis.com	www.threatminer.org www.google.com
2	ton.twimg.com	platform.twitter.com
2	cse.google.com	www.threatminer.org www.google.com
2	www.google-analytics.com	www.threatminer.org
1	clients1.google.com
1	syndication.twitter.com	www.threatminer.org
1	cdn.syndication.twimg.com	platform.twitter.com
84	12

This site contains links to these domains. Also see Links.

Domain
github.com
uk.linkedin.com
cse.google.com
www.estsecurity.com
code.google.com
www.reddit.com
www.pinterest.com
www.pinterest.co.uk

Subject Issuer	Validity	Valid
ssl391631.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-02-05` - `2018-08-14`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Frame ID: (422288B2285EA63FA6A7DB8E209ADB66)
Requests: 50 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/960978309214560256/vh9_eAl5?format=jpg&name=144x144_2
Frame ID: (41FFFBA53D2D8CFE5901518F761C5F44)
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

84
Requests

32 %
HTTPS

0 %
IPv6

6
Domains

12
Subdomains

10
IPs

1
Countries

1986 kB
Transfer

4259 kB
Size

5
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://github.com/threatminer
Title: ThreatMiner Github Github.com/threatminer

Search URL Search Domain Scan URL

URL: https://uk.linkedin.com/in/michaelyiphw
Title: Find Mike on LinkedIn Linkedin.com/michaelyiphw

Search URL Search Domain Scan URL

URL: http://cse.google.com/cse/?hl=en

Search URL Search Domain Scan URL

URL: https://www.estsecurity.com/securityCenter/dbupdate/TERA/1
Title: DB업데이트 정보 -(주)이스트시큐리티

Search URL Search Domain Scan URL

URL: http://code.google.com/apis/ajaxsearch/faq.html
Title: clipped from Google - 2/2018

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/Electrum/comments/7v49zz/metadefender_reports_the_windows_standalone/
Title: Metadefender reports the windows standalone version electrum-3.0 ...

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/467530005046019220/
Title: Computer Virus Removal: Get Rid of “Warning! Virus Invasion ...

Search URL Search Domain Scan URL

URL: https://www.pinterest.co.uk/pin/789255903418378621/
Title: How To Fix a Computer That Shows No Sign of Power | computer ...

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/520869513135340336/
Title: Hacker could fool smartphones artificial intelligence with a white ...

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge HTTP 302
https://cse.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge

84 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request av.php Show response
www.threatminer.org/ 23 KB
6 KB 139ms
117ms Document
text/html 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.22
Resource Hash: 9d43a2ba74328a77c0d2229b1c6d7f7099834d203cb985355560b37ed3be9e50

Request headers

:path: /av.php?q=Trojan.Shelma!
accept-encoding: gzip, deflate
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
:authority: www.threatminer.org
:scheme: https
:method: GET
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
server: cloudflare
x-powered-by: PHP/5.5.9-1ubuntu4.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; expires=Wed, 13-Feb-19 18:51:58 GMT; path=/; domain=.threatminer.org; HttpOnly PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0; path=/
cf-ray: 3ec9fb6b5c5596dc-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 bootstrap.min.css
www.threatminer.org/bower_components/bootstrap/dist/css/ 115 KB
19 KB 12ms
10ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/css/bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

:path: /bower_components/bootstrap/dist/css/bootstrap.min.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "1ca39-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d5596dc-FRA
content-length: 19249
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 metisMenu.min.css
www.threatminer.org/bower_components/metisMenu/dist/ 781 B
449 B 37ms
35ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3

Request headers

:path: /bower_components/metisMenu/dist/metisMenu.min.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "30d-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d5896dc-FRA
content-length: 365
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 dataTables.bootstrap.css
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 6 KB
1 KB 19ms
16ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0b0a04d147703c748b3e724da4bc207476bf3637511620efdae8a8d3151dd25

Request headers

:path: /bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: W/"1dc0-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d5996dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 dataTables.responsive.css
www.threatminer.org/bower_components/datatables-responsive/css/ 3 KB
674 B 37ms
35ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-responsive/css/dataTables.responsive.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf76ed021980680c9bf23a741c84ddb6824ba03ae0da1588488087f17a939326

Request headers

:path: /bower_components/datatables-responsive/css/dataTables.responsive.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: W/"beb-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d5a96dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 buttons.dataTables.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 8 KB
2 KB 11ms
8ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1

Request headers

:path: /bower_components/datatables-plugins/buttons/media/css/buttons.dataTables.min.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:08:48 GMT
server: cloudflare
etag: "1f58-54e761fab9800-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d5b96dc-FRA
content-length: 1510
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 buttons.bootstrap.min.css
www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/ 2 KB
591 B 37ms
35ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df

Request headers

:path: /bower_components/datatables-plugins/buttons/media/css/buttons.bootstrap.min.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 13:02:52 GMT
server: cloudflare
etag: "626-54e760a737700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d5c96dc-FRA
content-length: 484
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 sb-admin-2.css
www.threatminer.org/dist/css/ 5 KB
1 KB 17ms
15ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/sb-admin-2.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f18fc8cb48f7cce9d16a5f90d28cb81aa19c3e0e6c0da6c98fe2bd0cf40148c

Request headers

:path: /dist/css/sb-admin-2.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Oct 2015 14:24:06 GMT
server: cloudflare
etag: W/"1607-521fd32c88d80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d5d96dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 font-awesome.min.css
www.threatminer.org/bower_components/font-awesome/css/ 21 KB
5 KB 17ms
15ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

:path: /bower_components/font-awesome/css/font-awesome.min.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "55e0-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d5e96dc-FRA
content-length: 5042
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 social-share-kit.css
www.threatminer.org/dist/css/ 12 KB
3 KB 37ms
35ms Stylesheet
text/css 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/css/social-share-kit.css
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e99dad48af1797c2a3f182d4ca1e1d5ce3c905e0439b96800d151114908fdc4

Request headers

:path: /dist/css/social-share-kit.css
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
server: cloudflare
etag: W/"2ff1-543c3d291af80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d5f96dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
S 200 widgets.js Show response
platform.twitter.com/ 122 KB
35 KB 24ms
6ms Script
application/javascript 199.96.57.6
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: SPDY
Server: 199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 2e51a9cbc157e8a3d23d85b9abbea7e6c356fd1f16a8ed533d3b578871e9a4d4

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
age: 1756
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 35928
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
last-modified: Wed, 07 Feb 2018 22:11:31 GMT
x-timer: S1518547919.793866,VS0,VE0
etag: "cf17681ce84ef6bec4df6f1bcc13a870+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=1800
accept-ranges: bytes

GET
H2 200 ajax-loader.gif
www.threatminer.org/images/ 3 KB
3 KB 95ms
94ms Image
image/gif 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.threatminer.org/images/ajax-loader.gif
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d823edd3918f7a088fe9d45a4c9b71015ccbfa7f7e5546f1f735364ceb897a

Request headers

:path: /images/ajax-loader.gif
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
cf-cache-status: HIT
last-modified: Sat, 17 Oct 2015 00:26:24 GMT
server: cloudflare
etag: "a30-52241f64ccc00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d7996dc-FRA
content-length: 2608
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
www.threatminer.org/bower_components/jquery/dist/ 95 KB
33 KB 25ms
23ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/jquery/dist/jquery-1.12.4.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

:path: /bower_components/jquery/dist/jquery-1.12.4.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:15:38 GMT
server: cloudflare
etag: "17b8b-54e7561880e80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d6096dc-FRA
content-length: 33760
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 bootstrap.min.js Show response
www.threatminer.org/bower_components/bootstrap/dist/js/ 35 KB
9 KB 18ms
16ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/bootstrap/dist/js/bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

:path: /bower_components/bootstrap/dist/js/bootstrap.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "8c6f-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d6196dc-FRA
content-length: 9539
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 metisMenu.min.js Show response
www.threatminer.org/bower_components/metisMenu/dist/ 2 KB
892 B 92ms
90ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/metisMenu/dist/metisMenu.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b

Request headers

:path: /bower_components/metisMenu/dist/metisMenu.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "757-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d6296dc-FRA
content-length: 808
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 jquery.dataTables.min.js Show response
www.threatminer.org/bower_components/datatables/media/js/ 81 KB
28 KB 20ms
18ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables/media/js/jquery.dataTables.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c

Request headers

:path: /bower_components/datatables/media/js/jquery.dataTables.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:24:55 GMT
server: cloudflare
etag: "14544-54e7582bb33c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d6396dc-FRA
content-length: 28253
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 dataTables.bootstrap.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/ 2 KB
1 KB 91ms
90ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b

Request headers

:path: /bower_components/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "796-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d6496dc-FRA
content-length: 1030
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 dataTables.buttons.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 16 KB
5 KB 16ms
15ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c

Request headers

:path: /bower_components/datatables-plugins/buttons/media/js/dataTables.buttons.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 12:34:43 GMT
server: cloudflare
etag: "4088-54e75a5c75ec0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d6596dc-FRA
content-length: 5345
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 pdfmake.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/ 1 MB
405 KB 39ms
37ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f

Request headers

:path: /bower_components/datatables-plugins/pdfmake/media/js/pdfmake.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:06 GMT
server: cloudflare
etag: "106721-54e74d7b9bc80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d7596dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 jszip.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/ 100 KB
29 KB 30ms
29ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/jszip/media/js/jszip.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966

Request headers

:path: /bower_components/datatables-plugins/jszip/media/js/jszip.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:36:59 GMT
server: cloudflare
etag: "18e33-54e74d74eecc0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d7796dc-FRA
content-length: 30036
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 vfs_fonts.js Show response
www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/ 933 KB
472 KB 92ms
91ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58b64fa80fbaa161fef45d6ffa30e398402fc5bf4dc118fbb6a0ff419b2d10dc

Request headers

:path: /bower_components/datatables-plugins/vfs_fonts/media/js/vfs_fonts.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:11 GMT
server: cloudflare
etag: W/"e94d3-54e74d80607c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d7896dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 buttons.html5.min.js Show response
www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/ 23 KB
6 KB 34ms
34ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc

Request headers

:path: /bower_components/datatables-plugins/buttons/media/js/buttons.html5.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 May 2017 11:37:16 GMT
server: cloudflare
etag: "5b7a-54e74d8525300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d7a96dc-FRA
content-length: 6171
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 sb-admin-2.js Show response
www.threatminer.org/dist/js/ 758 B
464 B 91ms
90ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/sb-admin-2.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96e2208deaff99d8bf5180b736461b94e269f7f4ca22b5346d432fba98ea1f04

Request headers

:path: /dist/js/sb-admin-2.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: W/"49d-51434f58bfb80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 3ec9fb6c1d7b96dc-FRA
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 social-share-kit.min.js Show response
www.threatminer.org/dist/js/ 6 KB
3 KB 210ms
210ms Script
application/javascript 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/js/social-share-kit.min.js
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332

Request headers

:path: /dist/js/social-share-kit.min.js
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
server: cloudflare
etag: "179c-543c3d291af80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c1d7d96dc-FRA
content-length: 2551
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 35 KB
14 KB 6ms
6ms Script
text/javascript 216.58.206.14
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 591
date: Tue, 13 Feb 2018 18:42:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Tue, 13 Feb 2018 20:42:07 GMT

GET
H2 200 fontawesome-webfont.woff
www.threatminer.org/bower_components/font-awesome/fonts/ 64 KB
64 KB 55ms
55ms Font
application/x-font-woff 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

:path: /bower_components/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
origin: https://www.threatminer.org
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://www.threatminer.org/bower_components/font-awesome/css/font-awesome.min.css
Origin: https://www.threatminer.org

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2015 05:02:54 GMT
server: cloudflare
etag: "ffac-51434f58bfb80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-woff
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c5dc196dc-FRA
content-length: 65452
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
H2 200 social-share-kit.woff
www.threatminer.org/dist/fonts/ 7 KB
7 KB 49ms
49ms Font
application/x-font-woff 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/dist/fonts/social-share-kit.woff
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4

Request headers

:path: /dist/fonts/social-share-kit.woff
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0
origin: https://www.threatminer.org
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/dist/css/social-share-kit.css
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Referer: https://www.threatminer.org/dist/css/social-share-kit.css
Origin: https://www.threatminer.org

Response headers

date: Tue, 13 Feb 2018 18:51:58 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2016 10:13:34 GMT
server: cloudflare
etag: "1b08-543c3d291af80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-woff
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 3ec9fb6c9e1f96dc-FRA
content-length: 6920
expires: Wed, 14 Feb 2018 18:51:58 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
103 B 15ms
14ms Image
image/gif 216.58.206.14
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1926911138&t=pageview&_s=1&dl=https%3A%2F%2Fwww.threatminer.org%2Fav.php%3Fq%3DTrojan.Shelma!&ul=en-us&de=UTF-8&dt=AV%3A%20Trojan.Shelma!%20%7C%20ThreatMiner.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=950525616&gjid=2086269296&cid=941658358.1518547919&tid=UA-73787980-1&_gid=1508823191.1518547919&_r=1&z=1158109539

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

216.58.206.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2018 18:51:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getData.php Show response
www.threatminer.org/ 14 KB
2 KB 202ms
201ms XHR
text/html 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/getData.php?e=samples_container&q=Trojan.Shelma!&t=5&rt=2&p=1
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.22
Resource Hash: b886387a12f4022bbc37ed95dfa2d7a6ab5d0c0c5ecc7060c601ff05377df1bf

Request headers

:path: /getData.php?e=samples_container&q=Trojan.Shelma!&t=5&rt=2&p=1
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0; _ga=GA1.2.941658358.1518547919; _gid=GA1.2.1508823191.1518547919; _gat=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
server: cloudflare
x-powered-by: PHP/5.5.9-1ubuntu4.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
status: 200
cf-ray: 3ec9fb6ed8d396dc-FRA

GET
H2 200 getReport.php Show response
www.threatminer.org/ 0
77 B 234ms
234ms XHR
text/html 104.25.177.5
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.threatminer.org/getReport.php?e=notes_container&t=2&q=Trojan.Shelma!
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.25.177.5 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.5.9-1ubuntu4.22
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /getReport.php?e=notes_container&t=2&q=Trojan.Shelma!
pragma: no-cache
cookie: __cfduid=dfa98ae9009893156b9aa946f29aec9ce1518547918; PHPSESSID=0i9nl6bdp6ugo64jvphmtmoks0; _ga=GA1.2.941658358.1518547919; _gid=GA1.2.1508823191.1518547919; _gat=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.threatminer.org
referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
:scheme: https
:method: GET
Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
server: cloudflare
x-powered-by: PHP/5.5.9-1ubuntu4.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html
status: 200
cf-ray: 3ec9fb6ed8d496dc-FRA

GET
S

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge
https://cse.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge

5 KB
2 KB

48ms
25ms

Script
text/javascript

216.58.207.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

216.58.207.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f14.1e100.net

Software

gws /

Resource Hash

c0bfbc93bfe45aaf3b5118cae349a110816031fe347a98a7e36984d5c708d68f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1652
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:51:59 GMT

Redirect headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge
cache-control: private
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 267
x-xss-protection: 1; mode=block

GET
S 200 timeline.25e3f797ea5047ab5a8d06fd6ee7f701.js Show response
platform.twitter.com/js/ 26 KB
8 KB 6ms
6ms Script
application/javascript 199.96.57.6
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.25e3f797ea5047ab5a8d06fd6ee7f701.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: SPDY
Server: 199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 3fae0c3db934422e316e60770ef942b651ba24e7162e9858ea6e59fba9fc4dc6

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
age: 505942
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 8522
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
last-modified: Wed, 07 Feb 2018 21:11:49 GMT
x-timer: S1518547919.180304,VS0,VE0
etag: "4c2069078ac79d33f455145ac05048f1+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes

GET
H/1.1 200
OK profile Show response
cdn.syndication.twimg.com/timeline/ 121 KB
13 KB 196ms
180ms Script
application/javascript 68.232.35.172
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ThreatMiner_old&dnt=true&domain=www.threatminer.org&lang=en&screen_name=ThreatMiner&suppress_response_codes=true&t=1687275&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

HTTP/1.1

Server

68.232.35.172 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_o /

Resource Hash

7d801ee44713a2edcb9fad8e9bf67d2c4430fc8509c18c3b8d50656bacaa1348

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
Content-Encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
Content-Length: 12146
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 172
last-modified: Tue, 13 Feb 2018 18:51:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
Content-Type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: e5c9d39ae82b619ebcc79916c48ea977
timing-allow-origin: *
x-transaction: 001f3a39000dd6ef
expires: Tue, 13 Feb 2018 18:56:59 GMT

GET
S 200 syndication
syndication.twitter.com/i/jot/ 43 B
239 B 115ms
114ms Image
image/gif 104.244.42.72
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?dnt=1&l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1518547919200%2C%22dnt%22%3Atrue%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 107
pragma: no-cache
last-modified: Tue, 13 Feb 2018 18:51:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 573c5279b33c2c33afb1438c2d575a6d
x-transaction: 00365ac500b2953a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
S 200 vh9_eAl5
pbs.twimg.com/card_img/960978309214560256/ Frame (41F 4 KB
4 KB 29ms
7ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/960978309214560256/vh9_eAl5?format=jpg&name=144x144_2

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41B2) /

Resource Hash

25c3839297b85d93d722906706b92979a01c28b79c0218e61528ef7c55e0ce15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 148
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/4 card_img/960978309214560256
last-modified: Tue, 06 Feb 2018 20:45:37 GMT
server: ECS (fcn/41B2)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a7b08a5b08cd8b90219c4d1a36d08d03
accept-ranges: bytes
content-length: 4049

GET
S 200 jsAG7PFR
pbs.twimg.com/card_img/962733967807008769/ Frame (41F 5 KB
5 KB 29ms
7ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/962733967807008769/jsAG7PFR?format=jpg&name=144x144_2

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A2) /

Resource Hash

3d1d0f7d1eae1319a635335a4938168f49330bf09124a66976df6d17ae23c451

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 148
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/5 card_img/962733967807008769
last-modified: Sun, 11 Feb 2018 17:01:59 GMT
server: ECS (fcn/41A2)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e02f87f1aea929b076ee4db5e080791d
accept-ranges: bytes
content-length: 5174

GET
S 200 2623.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 1 KB
2 KB 34ms
12ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2623.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D4) /

Resource Hash

42531c396064d691253009a1349f6d10b80fb5d7fcd6f16e7e9856c7059f60dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1365
x-cache: HIT
status: 200
content-length: 1365
x-response-time: 108
surrogate-key: twitter-assets
last-modified: Mon, 31 Jul 2017 16:38:49 GMT
server: ECS (fcn/40D4)
etag: "lQ7QrdLohZ7Y2RCjOgtURw=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: d3cfab753e86a673df7fe81449af91fe
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 eYPZNbxR
pbs.twimg.com/card_img/961628320596074497/ Frame (41F 25 KB
25 KB 29ms
7ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/card_img/961628320596074497/eYPZNbxR?format=jpg&name=600x314

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41B0) /

Resource Hash

6b7ce50d9b2656fa8cab240b1e7a2393df273bfa4985ea312424efa10f13311f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 189
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: card_img card_img/bucket/2 card_img/961628320596074497
last-modified: Thu, 08 Feb 2018 15:48:32 GMT
server: ECS (fcn/41B0)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: adac3693ced8afabd47eee3b2c40e67a
accept-ranges: bytes
content-length: 25795

GET
S 200 1f1ee-1f1f1.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 573 B
705 B 34ms
12ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f1ee-1f1f1.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4186) /

Resource Hash

5d6946b92eaf07cd3ea3bbac72e10076f831a8fab868c2dd47ff5d8727d180cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 573
x-cache: HIT
status: 200
content-length: 573
x-response-time: 106
surrogate-key: twitter-assets
last-modified: Mon, 31 Jul 2017 16:38:31 GMT
server: ECS (fcn/4186)
etag: "eGVFgLV2QBYgT87nK8CdKQ=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 138c8e4e26c3d20cf501e9e406ce4997
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 1f60e.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 1 KB
1 KB 34ms
13ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f60e.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41EB) /

Resource Hash

efd23ae9a0072d26d6b82748f77ea174f3f0d1006a011ede6dc5b9172bf4a345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1025
x-cache: HIT
status: 200
content-length: 1025
x-response-time: 114
surrogate-key: twitter-assets
last-modified: Mon, 22 May 2017 17:44:46 GMT
server: ECS (fcn/41EB)
etag: "H4Z1jKVPxl8Z6M+twkD2yg=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: b27e01b72b6ba0a460012f8a9086031c
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 1f385.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 1 KB
1 KB 34ms
13ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f385.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A9) /

Resource Hash

827f5e57c83da3b888b8e01e0abbe4863de17e1c1e2eee68d7a98c66681b6cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1030
x-cache: HIT
status: 200
content-length: 1030
x-response-time: 126
surrogate-key: twitter-assets
last-modified: Mon, 22 May 2017 17:44:38 GMT
server: ECS (fcn/41A9)
etag: "WZAIgyvNCUWZtkPOgFhKBw=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: e3d6a541d62f8f693e80b9a4c744937f
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 1f384.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 1 KB
1 KB 34ms
13ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f384.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41D7) /

Resource Hash

c510084ac37b93bf8abbc83b23d8b1f824eccc077eadb4844d97b94e658feb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1042
x-cache: HIT
status: 200
content-length: 1042
x-response-time: 115
surrogate-key: twitter-assets
last-modified: Mon, 22 May 2017 17:44:38 GMT
server: ECS (fcn/41D7)
etag: "hFl3WnEi3r2hZkU5+s4KJw=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 4d00343311b4383321a7640cbb9bbbeb
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 2603.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 1 KB
1 KB 34ms
13ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2603.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4197) /

Resource Hash

9c246e9fd9893cb65f7a9382a6f8e7d392405a886ebbcee462342af47681a4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1048
x-cache: HIT
status: 200
content-length: 1048
x-response-time: 114
surrogate-key: twitter-assets
last-modified: Mon, 22 May 2017 17:44:53 GMT
server: ECS (fcn/4197)
etag: "75Aorhch8gL++2KOsMdsEw=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: 7e0be27b162c9de7d89125041da7ef46
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 2744.png
abs.twimg.com/emoji/v2/72x72/ Frame (41F 1 KB
1 KB 14ms
12ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/2744.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41BE) /

Resource Hash

aa7dbbed45e41a4c77ea7fb9d69b71e6ff87e45afb2cdaddd2e1bec02433f88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
x-ton-expected-size: 1116
x-cache: HIT
status: 200
content-length: 1116
x-response-time: 107
surrogate-key: twitter-assets
last-modified: Mon, 31 Jul 2017 16:38:50 GMT
server: ECS (fcn/41BE)
etag: "Fx1CB01kKdlC+twYJiyihg=="
content-type: image/png
access-control-allow-origin: *
x-connection-hash: c9ed738c47227a3390fd9d3d906d8555
accept-ranges: bytes
expires: Wed, 13 Feb 2019 18:51:59 GMT

GET
S 200 timeline.b7949fc5ae6443c45d48eb17624f02ee.light.ltr.css
platform.twitter.com/css/ Frame (41F 59 KB
13 KB 6ms
6ms Stylesheet
text/css 199.96.57.6
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.b7949fc5ae6443c45d48eb17624f02ee.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: SPDY
Server: 199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 2c950cf24730ef78e846b9efdbc9d58a4a33d9731913989ca5c1ff8b84e8965d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
age: 505942
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 13285
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
last-modified: Wed, 07 Feb 2018 21:11:48 GMT
x-timer: S1518547919.458250,VS0,VE0
etag: "84122b8a2457c90d128fe430c9daef7a+gzip"
vary: Accept-Encoding,Host
content-type: text/css; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes

GET
S 200 timeline.b7949fc5ae6443c45d48eb17624f02ee.light.ltr.css
platform.twitter.com/css/ 32 KB
32 KB 6ms
6ms Image
text/css 199.96.57.6
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.b7949fc5ae6443c45d48eb17624f02ee.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: SPDY
Server: 199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
age: 505942
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 13285
x-served-by: cache-tw-fra1-cr1-3-TWFRA1
last-modified: Wed, 07 Feb 2018 21:11:48 GMT
x-timer: S1518547919.458659,VS0,VE0
etag: "84122b8a2457c90d128fe430c9daef7a+gzip"
vary: Accept-Encoding,Host
content-type: text/css; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes

GET
S 200 rTbM2r82_normal.jpeg
pbs.twimg.com/profile_images/569484183697772544/ Frame (41F 1 KB
2 KB 13ms
12ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/569484183697772544/rTbM2r82_normal.jpeg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41C2) /

Resource Hash

457be97cc34293f81636900f729ea837fba3994fa64768d0e308a344ec1929e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: BeJ3OczCWFjefUuAlBEK8g==
x-cache: HIT
status: 200
content-length: 1427
x-response-time: 137
surrogate-key: profile_images profile_images/bucket/3 profile_images/569484183697772544
last-modified: Sun, 22 Feb 2015 13:07:44 GMT
server: ECS (fcn/41C2)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ad4245946f3ab66ea8e829db6bc74bc5
accept-ranges: bytes

GET
S 200 3UAW7s5h_normal.png
pbs.twimg.com/profile_images/653471756741685248/ Frame (41F 5 KB
5 KB 13ms
12ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/653471756741685248/3UAW7s5h_normal.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41EB) /

Resource Hash

a98187a68b2512ba8073f68fb559db3b672ad9a36459d74af942d8bb4ed3278f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: AZ3eCkTXB8cAjgq72c6jOg==
x-cache: HIT
status: 200
content-length: 5151
x-response-time: 204
surrogate-key: profile_images profile_images/bucket/7 profile_images/653471756741685248
last-modified: Mon, 12 Oct 2015 07:24:22 GMT
server: ECS (fcn/41EB)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ebfd2771300cf2c0f133f6cba799b7d9
accept-ranges: bytes

GET
S 200 Lm8e9kuy_normal.jpg
pbs.twimg.com/profile_images/944234866413047808/ Frame (41F 2 KB
3 KB 13ms
11ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/944234866413047808/Lm8e9kuy_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41C8) /

Resource Hash

0023180505623a74bc05e0601f74752ac18bca262e49a99b79fec8bfeb967b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 230
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/3 profile_images/944234866413047808
last-modified: Fri, 22 Dec 2017 15:53:09 GMT
server: ECS (fcn/41C8)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d57e495ce5549ee2d072807baa6d33ff
accept-ranges: bytes
content-length: 2415

GET
S 200 3Grh1aBA_normal.jpg
pbs.twimg.com/profile_images/679094040667815937/ Frame (41F 2 KB
2 KB 13ms
12ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/679094040667815937/3Grh1aBA_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41E7) /

Resource Hash

f013e7e0384b639457521dd78f1457b4eca00dde07c67efb503b4c66bdcb2c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: TiOk1djs6+7DDJSbtmWXAA==
x-cache: HIT
status: 200
content-length: 1807
x-response-time: 160
surrogate-key: profile_images profile_images/bucket/7 profile_images/679094040667815937
last-modified: Tue, 22 Dec 2015 00:18:10 GMT
server: ECS (fcn/41E7)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 548ced32f3cc907aed0c36fc8b992b9f
accept-ranges: bytes

GET
S 200 2ap8c8Ke_normal.jpg
pbs.twimg.com/profile_images/958070005723262978/ Frame (41F 2 KB
2 KB 22ms
20ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/958070005723262978/2ap8c8Ke_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41CF) /

Resource Hash

0111429fb340eb0d349e39ddf6824eb251cc90b58fc3d8bd481196725be4d26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 182
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/4 profile_images/958070005723262978
last-modified: Mon, 29 Jan 2018 20:09:04 GMT
server: ECS (fcn/41CF)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 078cebae032cb2ab5e4b7c7f91ce879c
accept-ranges: bytes
content-length: 2111

GET
S 200 s22p0oiwj015je2yz3de_normal.jpeg
pbs.twimg.com/profile_images/2273590814/ Frame (41F 7 KB
7 KB 13ms
11ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/2273590814/s22p0oiwj015je2yz3de_normal.jpeg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/418F) /

Resource Hash

8506dbd967e8f030d46e799e412117da94bd9b26c8cb493634fde1d11512bcfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: 9Wm1rw4c8efx3gq3yuB+sg==
x-cache: HIT
status: 200
content-length: 7190
x-response-time: 135
surrogate-key: profile_images profile_images/bucket/9 profile_images/2273590814
last-modified: Thu, 04 Nov 2010 01:42:54 GMT
server: ECS (fcn/418F)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1985969748967196963718efd6a4d13f
accept-ranges: bytes

GET
S 200 0-AZbPQ9_normal.jpg
pbs.twimg.com/profile_images/726135886543503360/ Frame (41F 2 KB
2 KB 14ms
12ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/726135886543503360/0-AZbPQ9_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4190) /

Resource Hash

43c5a16cbcf6f8eb374567c67fa6a74803211c2253cef5b651bfb18652325453

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: A/doJGA9YTR6eV8bntZ1EQ==
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 118
surrogate-key: profile_images profile_images/bucket/1 profile_images/726135886543503360
last-modified: Fri, 29 Apr 2016 19:45:40 GMT
server: ECS (fcn/4190)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 21c0a7c8f7fd611432e4a8fbac2a844d
accept-ranges: bytes

GET
S 200 x4QJr1v3_normal.jpg
pbs.twimg.com/profile_images/615887383045607424/ Frame (41F 2 KB
2 KB 14ms
12ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/615887383045607424/x4QJr1v3_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

d462cb3b031db49ffb4cb81fbf150f68192a55d7e67b04764f2cf4b79486df78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: 5p/eYoDE48IV6pGEJtEzrA==
x-cache: HIT
status: 200
content-length: 1655
x-response-time: 133
surrogate-key: profile_images profile_images/bucket/5 profile_images/615887383045607424
last-modified: Tue, 30 Jun 2015 14:17:29 GMT
server: ECS (fcn/40D1)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f660c73edbca13c371590d52dbbfe4ca
accept-ranges: bytes

GET
S 200 AIY_L9KT_normal.jpg
pbs.twimg.com/profile_images/839015057526820865/ Frame (41F 2 KB
2 KB 14ms
13ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/839015057526820865/AIY_L9KT_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4187) /

Resource Hash

e4cc4f58a87b3b98052303a2754219afd2f82a35945b63fe5899ba18781b6b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: 0LzmArR+Q+anxSzFHVFR7Q==
x-cache: HIT
status: 200
content-length: 2111
x-response-time: 154
surrogate-key: profile_images profile_images/bucket/8 profile_images/839015057526820865
last-modified: Tue, 07 Mar 2017 07:27:12 GMT
server: ECS (fcn/4187)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a4f0e75aa279fefd9abcd82d18af5f72
accept-ranges: bytes

GET
S 200 SZDQWdTF_normal.jpg
pbs.twimg.com/profile_images/715092306068692992/ Frame (41F 2 KB
2 KB 14ms
12ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/715092306068692992/SZDQWdTF_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

b3d1420bf52afe488f97b85ad0483aea042863f6cf5530e6389e43a580ff203c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: GBHJKqnBLRYuv5m2OeXQDg==
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 140
surrogate-key: profile_images profile_images/bucket/8 profile_images/715092306068692992
last-modified: Wed, 30 Mar 2016 08:22:26 GMT
server: ECS (fcn/40D1)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 417dce89cef86305e06e2af004945aa3
accept-ranges: bytes

GET
S 200 hA8-EXRy_normal.jpg
pbs.twimg.com/profile_images/953714567212863489/ Frame (41F 2 KB
2 KB 14ms
12ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/953714567212863489/hA8-EXRy_normal.jpg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41DB) /

Resource Hash

9b89ba466ee2576c13ad6ec381b9b54a115c50795228fbff9197c8ea7812c9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 117
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/8 profile_images/953714567212863489
last-modified: Wed, 17 Jan 2018 19:42:06 GMT
server: ECS (fcn/41DB)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e61ee3429463e6e4bc5b8caabcc23f47
accept-ranges: bytes
content-length: 1959

GET
S 200 QAznTrLW_normal.png
pbs.twimg.com/profile_images/601481502271090688/ Frame (41F 2 KB
3 KB 14ms
13ms Image
image/png 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/601481502271090688/QAznTrLW_normal.png

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40F7) /

Resource Hash

a91d7f2f3d75d2ee71f62d469008ff7eb5a1756d010f9de04cc67cc63076a976

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: OniBWzUVw3R1D2kNyrpuLg==
x-cache: HIT
status: 200
content-length: 2491
x-response-time: 24
surrogate-key: profile_images profile_images/bucket/8 profile_images/601481502271090688
last-modified: Thu, 21 May 2015 20:13:39 GMT
server: ECS (fcn/40F7)
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 50c93ab3a5a57ff0810511683e2e955a
accept-ranges: bytes

GET
S 200 3319d7cb561807dcdd8ce607ab4f58c8_normal.jpeg
pbs.twimg.com/profile_images/378800000826343811/ Frame (41F 2 KB
2 KB 15ms
14ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/378800000826343811/3319d7cb561807dcdd8ce607ab4f58c8_normal.jpeg

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41E9) /

Resource Hash

29135e5d452017523028e274b9c2b6228ebe9c9fc5790fa666333547b34f74e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
content-md5: 4bc3KYjskD/X/jYO6MJbdw==
x-cache: HIT
status: 200
content-length: 1882
x-response-time: 132
surrogate-key: profile_images profile_images/bucket/0 profile_images/378800000826343811
last-modified: Sat, 14 Sep 2013 08:36:52 GMT
server: ECS (fcn/41E9)
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5e15084e067efa5a6c94300fc5233499
accept-ranges: bytes

GET
S 200 DVILSsSX4AIZHLA
pbs.twimg.com/media/ Frame (41F 69 KB
70 KB 15ms
14ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVILSsSX4AIZHLA?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41B2) /

Resource Hash

76565c0db1844aabb92c0a79880beb745351bd3d94cb6191b770aeefe2feb7f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/1 media/959842086337110018
last-modified: Sat, 03 Feb 2018 17:30:41 GMT
server: ECS (fcn/41B2)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 433a92dee06d9618317c2318baa9b95d
accept-ranges: bytes
content-length: 71101

GET
S 200 DUo_ExfXUAAjI0K
pbs.twimg.com/media/ Frame (41F 52 KB
52 KB 17ms
16ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DUo_ExfXUAAjI0K?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/40D0) /

Resource Hash

dad59e9cefb7c5829ce93d745c2f12e539308e238c9728e999fa91fbe97e1525

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/3 media/957647222006566912
last-modified: Sun, 28 Jan 2018 16:09:04 GMT
server: ECS (fcn/40D0)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 0862037b156681253f958e0f6bdaf248
accept-ranges: bytes
content-length: 53412

GET
S 200 DTYzH7PX0AEIq6i
pbs.twimg.com/tweet_video_thumb/ Frame (41F 14 KB
14 KB 20ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/tweet_video_thumb/DTYzH7PX0AEIq6i?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A4) /

Resource Hash

f080c1f0509d061de28bcce93008f98701a9b06c9778c4629b4d5f8935fc86de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: tweet_video_thumb tweet_video_thumb/bucket/9 tweet_video_thumb/952004582489706497
last-modified: Sat, 13 Jan 2018 02:27:14 GMT
server: ECS (fcn/41A4)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e55a662082e0066e1dd4d08ed3b6d135
accept-ranges: bytes
content-length: 14040

GET
S 200 DVHuXq6WkAEWuET
pbs.twimg.com/media/ Frame (41F 64 KB
65 KB 20ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVHuXq6WkAEWuET?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41E5) /

Resource Hash

4f6799d0265d74866f90ef80c6de77c9e4c0c7b79307f37fdc540432862d1b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 201
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/9 media/959810286030065665
last-modified: Sat, 03 Feb 2018 15:24:19 GMT
server: ECS (fcn/41E5)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2ca0156c1f62348f6e2278bae1e05229
accept-ranges: bytes
content-length: 66035

GET
S 200 DVHuguZWAAEIRYH
pbs.twimg.com/media/ Frame (41F 57 KB
57 KB 20ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVHuguZWAAEIRYH?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AB) /

Resource Hash

5df2b706aac78154dcaa9a9318924d5ac767b16384bab1b3f7549f001778f908

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/9 media/959810441584181249
last-modified: Sat, 03 Feb 2018 15:24:56 GMT
server: ECS (fcn/41AB)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3b9a8e0dbb972161d5ac414426db1d33
accept-ranges: bytes
content-length: 58635

GET
S 200 DVHveFZWkAAoc9g
pbs.twimg.com/media/ Frame (41F 71 KB
71 KB 20ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVHveFZWkAAoc9g?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41DE) /

Resource Hash

e3c6cf7c5d303fb09108795b2e1a69eaffeb396586027d415f2b070cf254e8a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/7 media/959811495730253824
last-modified: Sat, 03 Feb 2018 15:29:07 GMT
server: ECS (fcn/41DE)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 74cd0f577c99574b8158f343ed81c56b
accept-ranges: bytes
content-length: 72801

GET
S 200 DVHvy7yXUAcr8lw
pbs.twimg.com/media/ Frame (41F 53 KB
53 KB 20ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DVHvy7yXUAcr8lw?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41A0) /

Resource Hash

2ea98db93be6465e58331524cf9262be00f65492f89a05f03f74f68f5cea800b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 107
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/0 media/959811853928058887
last-modified: Sat, 03 Feb 2018 15:30:33 GMT
server: ECS (fcn/41A0)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 8a501ccacd1007e013c36159f3bc7115
accept-ranges: bytes
content-length: 54282

GET
S 200 DR-k5hXXcAA2YO3
pbs.twimg.com/media/ Frame (41F 30 KB
31 KB 20ms
19ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DR-k5hXXcAA2YO3?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41EA) /

Resource Hash

589466392fe4975381d2a02c938e008d381ab63bc3eb9f61157b35fc9447901a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 17
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/1 media/945655754886967296
last-modified: Tue, 26 Dec 2017 13:59:16 GMT
server: ECS (fcn/41EA)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5746a05360654254d355e63f9052fcb0
accept-ranges: bytes
content-length: 31092

GET
S 200 DR-k7eJX4AA2TYI
pbs.twimg.com/media/ Frame (41F 33 KB
34 KB 20ms
20ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/DR-k7eJX4AA2TYI?format=jpg&name=small

Requested by

Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41BB) /

Resource Hash

bb7df20f355800c2dc5cd30fba62bad1745e6e13320f8f28d68d9cb01417a1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

x-response-time: 116
date: Tue, 13 Feb 2018 18:51:59 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/2 media/945655788382707712
last-modified: Tue, 26 Dec 2017 13:59:24 GMT
server: ECS (fcn/41BB)
status: 200
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 49e146be50e9b0ff2104fded7bbb8884
accept-ranges: bytes
content-length: 34280

GET
S 200 syndication_bundle_v1_2801d83f2f75998762a22055f578875d6e10fd1d.css
ton.twimg.com/tfw/css/ Frame (41F 42 KB
7 KB 13ms
11ms Stylesheet
text/css 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_2801d83f2f75998762a22055f578875d6e10fd1d.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

b8916b8e38aa8d6f850d29187e0deb0adcb816d3521c9924e55dd9814c7359d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 43264
x-cache: HIT
status: 200
content-length: 6635
x-response-time: 10
surrogate-key: tfw
last-modified: Thu, 01 Feb 2018 19:22:03 GMT
server: ECS (fcn/4196)
etag: "W/NCgwO/INMKKBY6EcCmzg=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-connection-hash: 2975a90d7ec084f5dcfb5a435989750a
accept-ranges: bytes
expires: Tue, 20 Feb 2018 18:51:59 GMT

GET
S 200 syndication_bundle_v1_2801d83f2f75998762a22055f578875d6e10fd1d.css
ton.twimg.com/tfw/css/ 42 KB
42 KB 13ms
12ms Image
text/css 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ton.twimg.com/tfw/css/syndication_bundle_v1_2801d83f2f75998762a22055f578875d6e10fd1d.css

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

SPDY

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/4196) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ton-expected-size: 43264
x-cache: HIT
status: 200
content-length: 6635
x-response-time: 10
surrogate-key: tfw
last-modified: Thu, 01 Feb 2018 19:22:03 GMT
server: ECS (fcn/4196)
etag: "W/NCgwO/INMKKBY6EcCmzg=="
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://twitter.com
x-connection-hash: 2975a90d7ec084f5dcfb5a435989750a
accept-ranges: bytes
expires: Tue, 20 Feb 2018 18:51:59 GMT

GET
DATA 200
OK truncated
/ Frame (41F 707 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame (41F 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame (41F 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame (41F 559 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame (41F 618 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b051420a41347f3e04fbe6745d5fa58c3dfd40a7209b8dc09a138bc6381bd8dc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame (41F 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame (41F 607 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml;charset=utf-8

GET
S 200 jsapi Show response
www.google.com/ 26 KB
6 KB 112ms
111ms Script
text/javascript 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22en%22%7D%5D%7D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=009665096751685288782:o6_z_tmwsge

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

GSE /

Resource Hash

4cb336877b23485ebef2965042043ef629bad6e2dbf1adceeb71abd53cb7d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600, must-revalidate
vary: Accept-Encoding
content-length: 6383
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:51:59 GMT

GET
S 200 default+en.css
www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/ 45 KB
10 KB 106ms
105ms Stylesheet
text/css 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22en%22%7D%5D%7D

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

GSE /

Resource Hash

72d4175bacbbc61b9b282dc40b8e796bc60575e2b743a27a01968a50a7612a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 08 Feb 2018 19:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
age: 429186
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=31536000
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 10177
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 19:38:53 GMT

GET
S 200 default.css
www.google.com/cse/static/style/look/v2/ 14 KB
3 KB 351ms
351ms Stylesheet
text/css 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/default.css

Requested by

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

sffe /

Resource Hash

be71e080c180872a6dc83007fbedf42c1716c6ca66c928f9c21b4a15233ccf7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:51:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Feb 2018 20:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=0
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 3061
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:51:59 GMT

GET
S 200 default+en.I.js Show response
www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/ 299 KB
88 KB 131ms
131ms Script
application/x-javascript 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.I.js

Requested by

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

GSE /

Resource Hash

695b21067e92a80c041b789d6fdfb03195a6d69d0cdcbbf15a56bd18bcdb3bd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 08 Feb 2018 19:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
age: 429186
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=31536000
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 90128
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 19:38:53 GMT

GET
S 204 generate_204
www.googleapis.com/ 0
160 B 26ms
5ms Image
text/plain 172.217.18.10
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.threatminer.org
URL: https://www.threatminer.org/av.php?q=Trojan.Shelma!
Protocol: SPDY
Server: 172.217.18.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s28-in-f10.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status: 204
date: Tue, 13 Feb 2018 18:52:00 GMT
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0

GET
S 200 async-ads.js Show response
cse.google.com/adsense/search/ 214 KB
69 KB 42ms
42ms Script
text/javascript 216.58.207.46
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.I.js

Protocol

SPDY

Server

216.58.207.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s24-in-f14.1e100.net

Software

sffe /

Resource Hash

0fc7745a314dddc248f505cda2d6f241e88b4dc5b327b9e87269a8ad6643f9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "15516645313734084077"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

GET googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 0
0

GET
S 200 clear.png
www.google.com/uds/css/v2/ 1018 B
1 KB 109ms
109ms Image
image/png 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/uds/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.I.js

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

GSE /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/cse/static/style/look/v2/default.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2018 16:54:09 GMT
server: GSE
age: 0
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1018
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

GET
S 200 v1element Show response
www.googleapis.com/customsearch/ 9 KB
2 KB 229ms
229ms Script
text/javascript 172.217.18.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/customsearch/v1element?key=AIzaSyCVAXiUzRYsML1Pv6RwSG1gunmMikTzQqY&rsz=5&num=5&hl=en&prettyPrint=false&source=gcsc&gss=.com&sig=45e50696e04f15ce6310843f10a3a8fb&cx=009665096751685288782:o6_z_tmwsge&q=Trojan.Shelma!&cse_tok=AOdTmaCx4qQYwqU7wh9Fgn_o7zBBNAnYXA:1518547919623&filter=0&sort=date&googlehost=www.google.com&callback=google.search.Search.apiary9353&nocache=1518547920122

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.I.js

Protocol

SPDY

Server

172.217.18.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

GSE /

Resource Hash

a0b886c793ff8d026e5270e51648cdc9354dee69f2d5bdae6d8cfbdc25e95466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
server: GSE
etag: "lxbOZjyCI-bRfLQdhTILaaOu7tk/hAcnMJHloUn4iF6EboKcrS1RKbQ"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=0, must-revalidate, no-transform
vary: Origin, X-Origin
content-length: 1775
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

GET
S 200 v1element Show response
www.googleapis.com/customsearch/ 14 KB
3 KB 160ms
159ms Script
text/javascript 172.217.18.10
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleapis.com/customsearch/v1element?key=AIzaSyCVAXiUzRYsML1Pv6RwSG1gunmMikTzQqY&rsz=5&num=5&hl=en&prettyPrint=false&source=gcsc&gss=.com&sig=45e50696e04f15ce6310843f10a3a8fb&cx=009665096751685288782:o6_z_tmwsge&q=%22Trojan.Shelma!%22&cse_tok=AOdTmaCx4qQYwqU7wh9Fgn_o7zBBNAnYXA:1518547919623&filter=0&sort=date&googlehost=www.google.com&callback=google.search.Search.apiary13172&nocache=1518547920123

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.I.js

Protocol

SPDY

Server

172.217.18.10 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f10.1e100.net

Software

GSE /

Resource Hash

73d838c34f6211cf26d72d27ca019e507530f686dc2547022d692a0a835232a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
server: GSE
etag: "lxbOZjyCI-bRfLQdhTILaaOu7tk/tEtdxgrzbw-vC8L4vbBagdz1CrM"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=0, must-revalidate, no-transform
vary: Origin, X-Origin
content-length: 3259
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

GET
S 200 googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 919 B
1012 B 114ms
113ms Image
image/png 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

sffe /

Resource Hash

a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2016 15:00:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 919
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

GET
S 200 search_box_icon.png
www.google.com/uds/css/v2/ 1018 B
1 KB 110ms
109ms Image
image/png 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/uds/css/v2/search_box_icon.png

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

GSE /

Resource Hash

76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2018 16:54:09 GMT
server: GSE
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1018
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

GET
S 204 generate_204
clients1.google.com/ 0
42 B 7ms
6ms Image
text/plain 216.58.207.46
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Protocol: SPDY
Server: 216.58.207.46 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra16s24-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.threatminer.org/av.php?q=Trojan.Shelma!
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

status: 204
date: Tue, 13 Feb 2018 18:52:00 GMT
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0

GET
S 200 arrow_open.gif
www.google.com/uds/css/ 170 B
239 B 108ms
108ms Image
image/gif 74.125.21.104
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/uds/css/arrow_open.gif

Protocol

SPDY

Server

74.125.21.104 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

yv-in-f104.1e100.net

Software

GSE /

Resource Hash

31c56f886458a0b7ca17db086903436f752a234b1c7f7b9f1f541b7a5b0defb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/uds/api/search/1.0/45e50696e04f15ce6310843f10a3a8fb/default+en.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 13 Feb 2018 18:52:00 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Jan 2018 16:54:09 GMT
server: GSE
age: 0
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=0
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 170
x-xss-protection: 1; mode=block
expires: Tue, 13 Feb 2018 18:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.threatminer.org/	1970-01-18 13:50:34	Name: _gid Value: GA1.2.1508823191.1518547919
.threatminer.org/	1970-01-19 07:20:19	Name: _ga Value: GA1.2.941658358.1518547919
.threatminer.org/	1970-01-18 13:49:07	Name: _gat Value: 1
www.threatminer.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0i9nl6bdp6ugo64jvphmtmoks0
.threatminer.org/	1970-01-18 22:34:43	Name: __cfduid Value: dfa98ae9009893156b9aa946f29aec9ce1518547918

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abs.twimg.com
cdn.syndication.twimg.com
clients1.google.com
cse.google.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
ton.twimg.com
www.google-analytics.com
www.google.com
www.googleapis.com
www.threatminer.org
www.google.com
104.244.42.72
104.25.177.5
172.217.18.10
199.96.57.6
216.58.206.14
216.58.207.46
68.232.35.172
74.125.21.104
93.184.220.70
0023180505623a74bc05e0601f74752ac18bca262e49a99b79fec8bfeb967b79
0111429fb340eb0d349e39ddf6824eb251cc90b58fc3d8bd481196725be4d26e
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc
0e99dad48af1797c2a3f182d4ca1e1d5ce3c905e0439b96800d151114908fdc4
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
0fc7745a314dddc248f505cda2d6f241e88b4dc5b327b9e87269a8ad6643f9e9
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
25c3839297b85d93d722906706b92979a01c28b79c0218e61528ef7c55e0ce15
29135e5d452017523028e274b9c2b6228ebe9c9fc5790fa666333547b34f74e4
2c950cf24730ef78e846b9efdbc9d58a4a33d9731913989ca5c1ff8b84e8965d
2e51a9cbc157e8a3d23d85b9abbea7e6c356fd1f16a8ed533d3b578871e9a4d4
2ea98db93be6465e58331524cf9262be00f65492f89a05f03f74f68f5cea800b
31c56f886458a0b7ca17db086903436f752a234b1c7f7b9f1f541b7a5b0defb2
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
3ab0a74bbd399efdf7c9c9bffb689f0a755fc7131d5af04c8393d45f5163a69b
3d1d0f7d1eae1319a635335a4938168f49330bf09124a66976df6d17ae23c451
3fae0c3db934422e316e60770ef942b651ba24e7162e9858ea6e59fba9fc4dc6
42531c396064d691253009a1349f6d10b80fb5d7fcd6f16e7e9856c7059f60dc
43c5a16cbcf6f8eb374567c67fa6a74803211c2253cef5b651bfb18652325453
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
457be97cc34293f81636900f729ea837fba3994fa64768d0e308a344ec1929e7
45b3ffadbc785de6091fa798527891eb7264e4d115e3c1a37acb60e3d70d4966
47d823edd3918f7a088fe9d45a4c9b71015ccbfa7f7e5546f1f735364ceb897a
4cb336877b23485ebef2965042043ef629bad6e2dbf1adceeb71abd53cb7d94a
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4f6799d0265d74866f90ef80c6de77c9e4c0c7b79307f37fdc540432862d1b80
589466392fe4975381d2a02c938e008d381ab63bc3eb9f61157b35fc9447901a
58b64fa80fbaa161fef45d6ffa30e398402fc5bf4dc118fbb6a0ff419b2d10dc
5d6946b92eaf07cd3ea3bbac72e10076f831a8fab868c2dd47ff5d8727d180cf
5df2b706aac78154dcaa9a9318924d5ac767b16384bab1b3f7549f001778f908
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
695b21067e92a80c041b789d6fdfb03195a6d69d0cdcbbf15a56bd18bcdb3bd1
697c41fffac431521f2db48c7426ac23b972b6eb7b1242f0bb47d6079884d3a4
6b7ce50d9b2656fa8cab240b1e7a2393df273bfa4985ea312424efa10f13311f
6f18fc8cb48f7cce9d16a5f90d28cb81aa19c3e0e6c0da6c98fe2bd0cf40148c
72d4175bacbbc61b9b282dc40b8e796bc60575e2b743a27a01968a50a7612a76
73d838c34f6211cf26d72d27ca019e507530f686dc2547022d692a0a835232a4
76565c0db1844aabb92c0a79880beb745351bd3d94cb6191b770aeefe2feb7f2
76a0d76f135419f4d00213037cda0cba949a0372e01ab6a1d70072008a56bd18
7d801ee44713a2edcb9fad8e9bf67d2c4430fc8509c18c3b8d50656bacaa1348
827f5e57c83da3b888b8e01e0abbe4863de17e1c1e2eee68d7a98c66681b6cb0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8506dbd967e8f030d46e799e412117da94bd9b26c8cb493634fde1d11512bcfe
8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c
8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c
96e2208deaff99d8bf5180b736461b94e269f7f4ca22b5346d432fba98ea1f04
9926a0d226b45faff8db829a1c445f33efa6522e213fafed1000365d5abf73df
9b89ba466ee2576c13ad6ec381b9b54a115c50795228fbff9197c8ea7812c9d6
9c246e9fd9893cb65f7a9382a6f8e7d392405a886ebbcee462342af47681a4a8
9d43a2ba74328a77c0d2229b1c6d7f7099834d203cb985355560b37ed3be9e50
a0b886c793ff8d026e5270e51648cdc9354dee69f2d5bdae6d8cfbdc25e95466
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
a905062b971bfb70ba70dda1a454d9cb7f7389be7ff515f6eb9009c8e697a34b
a91d7f2f3d75d2ee71f62d469008ff7eb5a1756d010f9de04cc67cc63076a976
a98187a68b2512ba8073f68fb559db3b672ad9a36459d74af942d8bb4ed3278f
aa7dbbed45e41a4c77ea7fb9d69b71e6ff87e45afb2cdaddd2e1bec02433f88a
ac74cddb007ace18442f5111c4c23125de6031dca42bcead5ea5bfb12d2ca332
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b051420a41347f3e04fbe6745d5fa58c3dfd40a7209b8dc09a138bc6381bd8dc
b3d1420bf52afe488f97b85ad0483aea042863f6cf5530e6389e43a580ff203c
b886387a12f4022bbc37ed95dfa2d7a6ab5d0c0c5ecc7060c601ff05377df1bf
b8916b8e38aa8d6f850d29187e0deb0adcb816d3521c9924e55dd9814c7359d3
bb7df20f355800c2dc5cd30fba62bad1745e6e13320f8f28d68d9cb01417a1fe
be71e080c180872a6dc83007fbedf42c1716c6ca66c928f9c21b4a15233ccf7b
c0bfbc93bfe45aaf3b5118cae349a110816031fe347a98a7e36984d5c708d68f
c510084ac37b93bf8abbc83b23d8b1f824eccc077eadb4844d97b94e658feb5d
c7d55fb721c0a1bb591d30b6e06f7781fbd13ab200a8aef0fa8df62e455bc0b1
cd7887cf9a61431f64864df1e5fe9823e163638bf811dc97ee556268886bf865
cf76ed021980680c9bf23a741c84ddb6824ba03ae0da1588488087f17a939326
cf919e6fbfbf62a4f8cfaab4cf5c5f80e7c10be2bc9f7e4c70142175c0b49b4f
d462cb3b031db49ffb4cb81fbf150f68192a55d7e67b04764f2cf4b79486df78
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
dad59e9cefb7c5829ce93d745c2f12e539308e238c9728e999fa91fbe97e1525
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e0b0a04d147703c748b3e724da4bc207476bf3637511620efdae8a8d3151dd25
e0dc574fb2b266dba913861d60b0c69d1e41f0fd095a3341a45f26401cd8b6b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c6cf7c5d303fb09108795b2e1a69eaffeb396586027d415f2b070cf254e8a0
e4cc4f58a87b3b98052303a2754219afd2f82a35945b63fe5899ba18781b6b47
efd23ae9a0072d26d6b82748f77ea174f3f0d1006a011ede6dc5b9172bf4a345
f013e7e0384b639457521dd78f1457b4eca00dde07c67efb503b4c66bdcb2c80
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f080c1f0509d061de28bcce93008f98701a9b06c9778c4629b4d5f8935fc86de
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

www.threatminer.org Open in urlscan Pro 104.25.177.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

84 Requests

32 %HTTPS

0 %IPv6

6 Domains

12 Subdomains

10 IPs

1 Countries

1986 kBTransfer

4259 kBSize

5 Cookies

9 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.threatminer.org Open in urlscan Pro
104.25.177.5 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

32 %
HTTPS

0 %
IPv6

6
Domains

12
Subdomains

10
IPs

1
Countries

1986 kB
Transfer

4259 kB
Size

5
Cookies

84 HTTP transactions
7 data transactions