threatvector.cylance.com Open in urlscan Pro
52.27.43.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Submission: On November 04 via api (November 4th 2019, 8:58:16 am UTC) from CH

Summary HTTP 93 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 27 domains to perform 93 HTTP transactions. The main IP is 52.27.43.254, located in Boardman, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is threatvector.cylance.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 12th 2019. Valid for: a year.

This is the only time threatvector.cylance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	52.27.43.254 52.27.43.254	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	2.18.232.23 2.18.232.23	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.16.94.80 104.16.94.80	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
9	2a02:26f0:6c0... 2a02:26f0:6c00:295::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.30.105.51 52.30.105.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.111.251.133 104.111.251.133	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.30.78.155 52.30.78.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO - MARKETO)
1	52.31.190.58 52.31.190.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.101.109 143.204.101.109	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.48.112.242 52.48.112.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	13.225.78.83 13.225.78.83	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	52.30.104.207 52.30.104.207	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
93	28

29 52.27.43.254 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-27-43-254.us-west-2.compute.amazonaws.com

threatvector.cylance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.232.23 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.94.80 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

app-sj16.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00:295::9b6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s7d2.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.105.51 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-105-51.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.251.133 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-251-133.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.78.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

cylance.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

524-dom-989.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.190.58 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-190-58.eu-west-1.compute.amazonaws.com

cylance.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.109 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-109.fra50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.112.242 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-112-242.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.83 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-83.fra2.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.104.207 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-104-207.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	cylance.com threatvector.cylance.com	497 KB
11	adobedtm.com assets.adobedtm.com	65 KB
9	scene7.com s7d2.scene7.com	243 KB
6	adroll.com 1 redirects s.adroll.com d.adroll.com	38 KB
4	bizible.com cdn.bizible.com	33 KB
4	gstatic.com fonts.gstatic.com	49 KB
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	google.de www.google.de	329 B
3	google.com 1 redirects www.google.com	406 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
3	demdex.net dpm.demdex.net cylance.demdex.net	2 KB
2	bidr.io 2 redirects match.prod.bidr.io	754 B
2	googleadservices.com www.googleadservices.com	18 KB
2	bing.com bat.bing.com	8 KB
2	marketo.net munchkin.marketo.net	6 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	rawgit.com cdn.rawgit.com	5 KB
2	marketo.com app-sj16.marketo.com	58 KB
1	demandbase.com tag.demandbase.com	15 KB
1	licdn.com snap.licdn.com	2 KB
1	omtrdc.net cylance.sc.omtrdc.net	396 B
1	mktoresp.com 524-dom-989.mktoresp.com	303 B
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	ytimg.com s.ytimg.com	9 KB
1	youtube.com www.youtube.com	952 B
1	googleapis.com fonts.googleapis.com	572 B
93	27

	Domain	Requested by
29	threatvector.cylance.com	threatvector.cylance.com www.google-analytics.com
11	assets.adobedtm.com	threatvector.cylance.com
9	s7d2.scene7.com	threatvector.cylance.com
4	s.adroll.com	1 redirects threatvector.cylance.com
4	cdn.bizible.com	threatvector.cylance.com cdn.bizible.com
4	fonts.gstatic.com	app-sj16.marketo.com threatvector.cylance.com
3	www.google.de	threatvector.cylance.com
3	www.google.com	1 redirects threatvector.cylance.com
2	d.adroll.com	threatvector.cylance.com
2	segments.company-target.com	1 redirects threatvector.cylance.com
2	match.prod.bidr.io	2 redirects
2	googleads.g.doubleclick.net	threatvector.cylance.com
2	px.ads.linkedin.com	1 redirects threatvector.cylance.com
2	www.googleadservices.com	threatvector.cylance.com assets.adobedtm.com
2	bat.bing.com	threatvector.cylance.com
2	munchkin.marketo.net	threatvector.cylance.com munchkin.marketo.net
2	www.google-analytics.com	1 redirects threatvector.cylance.com
2	dpm.demdex.net	threatvector.cylance.com
2	cdn.rawgit.com	threatvector.cylance.com
2	app-sj16.marketo.com	threatvector.cylance.com app-sj16.marketo.com
1	api.company-target.com	threatvector.cylance.com
1	www.linkedin.com	1 redirects
1	tag.demandbase.com	threatvector.cylance.com
1	snap.licdn.com	threatvector.cylance.com
1	cylance.sc.omtrdc.net	threatvector.cylance.com
1	524-dom-989.mktoresp.com	threatvector.cylance.com
1	stats.g.doubleclick.net	1 redirects
1	cm.everesttech.net	1 redirects
1	cylance.demdex.net	threatvector.cylance.com
1	s.ytimg.com	www.youtube.com
1	www.youtube.com	threatvector.cylance.com
1	fonts.googleapis.com	threatvector.cylance.com
93	32

This site contains links to these domains. Also see Links.

Domain
www.cylance.com
www.facebook.com
www.youtube.com
twitter.com
www.linkedin.com
shop.cylance.com

Subject Issuer	Validity	Valid
*.cylance.com DigiCert SHA2 Secure Server CA	`2019-06-12` - `2020-09-18`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
app-sj16.marketo.com CloudFlare Inc ECC CA-2	`2019-02-22` - `2020-02-22`	a year	crt.sh
rawgit.com COMODO RSA Domain Validation Secure Server CA	`2018-12-29` - `2020-01-13`	a year	crt.sh
*.scene7.com DigiCert SHA2 Secure Server CA	`2019-01-02` - `2020-03-02`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2020-04-14`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Frame ID: 0EFCC45E9A63EB1C3501F2982D96B5DD
Requests: 92 HTTP requests in this frame

Frame: https://cylance.demdex.net/dest5.html?d_nsid=0
Frame ID: 245F47F944391BAE296E76D236366C43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/etc.clientlibs\//i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/etc.clientlibs\//i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

93
Requests

100 %
HTTPS

44 %
IPv6

27
Domains

32
Subdomains

28
IPs

7
Countries

1070 kB
Transfer

2908 kB
Size

19
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cylance.com/en-us/company/about-us/privacy-notice.html
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.cylance.com/
Title: Cylance.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CylanceInc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CylanceInc

Search URL Search Domain Scan URL

URL: https://twitter.com/cylanceinc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cylanceinc

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/about-us/index.html
Title: Who We Are

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/resources/knowledge-center/index.html
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/news-and-press/news.html
Title: Cylance News

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/news-and-press/press-releases.html
Title: Press Releases

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/about-us/terms-of-service.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/platform/products/index.html
Title: CylancePROTECT

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en_us/products/our-products/optics.html
Title: CylanceOPTICS

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/platform/products/cylance-threatzero.html
Title: Cylance ThreatZERO

Search URL Search Domain Scan URL

URL: https://shop.cylance.com/us
Title: Cylance Smart Antivirus

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en_us/services/left-structure-nav/overview/consulting.html
Title: Consulting Overview

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/solutions/industry/index.html
Title: Industry Overview

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://cm.everesttech.net/cm/dd?d_uuid=69160079520439535101508563922721440691 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xb-oFwAAFS0YWhN_

Request Chain 53

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=728211448&t=pageview&_s=1&dl=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&ul=en-us&de=UTF-8&dt=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KEBAAAAB~&jid=732904308&gjid=789595260&cid=443721903.1572857880&tid=UA-33464378-1&_gid=1296236819.1572857880&_r=1&z=350584688 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_gid=1296236819.1572857880&gjid=789595260&_v=j79&z=350584688 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_v=j79&z=350584688 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_v=j79&z=350584688&slf_rd=1&random=4063190824

Request Chain 72

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&time=1572857880255 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37262%26url%3Dhttps%253A%252F%252Fthreatvector.cylance.com%252Fen_us%252Fhome%252Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html%26time%3D1572857880255%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&time=1572857880255&liSync=true

Request Chain 79

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AACgPU67f9AAABQChHAsTw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AACgPU67f9AAABQChHAsTw&verifyHash=580ec4f4d42756448ba32a369505e79ec38dcf31

Request Chain 88

https://s.adroll.com/j/exp/OU3SUNRJWBHPTCY5X23OHE/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

93 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html Show response
threatvector.cylance.com/en_us/home/ 125 KB
41 KB 916ms
350ms Document
text/html 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ab400f270903302b14ca990584dc2ed09e18953580a40369665655c95044edd0

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatvector.cylance.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Accept-Ranges: bytes
Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Type: text/html;charset=utf-8
Date: Mon, 04 Nov 2019 08:57:58 GMT
ETag: "1f428-59653fff12900-gzip"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Last-Modified: Sat, 02 Nov 2019 02:40:04 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Set-Cookie: AWSELB=4D0BDD9F0A163D48ECFEF400CB706ACF82CD0195C8D5AF0B639C0FF52381F196F79B59DABDA4381BCD335FA13A79BACAFDE223CF13FD25873C7A2BC0E5C1F5ABCE7C0F7EBB;PATH=/;MAX-AGE=900
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 40560
Connection: keep-alive

GET
H/1.1 200
OK main.731db1757391070f3ea2ead82acaf408.css
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 12 KB
3 KB 190ms
180ms Stylesheet
text/css 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/main.731db1757391070f3ea2ead82acaf408.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d4e42e78d5938248bc7eeac03bfacee8cd2a392daa3885637a7899ca4fb30e3c

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "2eda-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 2403
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:58 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.5e8d3382f82b03b0bf3fea3024eecd61.js Show response
threatvector.cylance.com/etc.clientlibs/clientlibs/granite/ 288 KB
87 KB 717ms
353ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery.5e8d3382f82b03b0bf3fea3024eecd61.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

45e2f85e3aab6c36988703f5cc06444289bb795a25736b74975073c98de18498

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "47f04-591e576e7e300-gzip"
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK utils.7a49486e1c734bd5d7fd0c1c68c83d9b.js Show response
threatvector.cylance.com/etc.clientlibs/clientlibs/granite/ 47 KB
11 KB 588ms
216ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/utils.7a49486e1c734bd5d7fd0c1c68c83d9b.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e35896fcd15b2238b1b5e2d4fbbd2b287f57dbbded51ab1a2217c38ce6a51d2f

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "bcc7-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 10676
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK granite.ed0d934d509c9dab702088c125c92b4f.js Show response
threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/ 10 KB
4 KB 557ms
183ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "28d6-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 2974
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.26df26a88f9f71ceabb6a15e7cb9c550.js Show response
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 471 B
1 KB 553ms
179ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/jquery.26df26a88f9f71ceabb6a15e7cb9c550.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "1d7-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 316
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK shared.06a50b23d97647c86982b7801a20508a.js Show response
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 98 KB
19 KB 885ms
345ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/shared.06a50b23d97647c86982b7801a20508a.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1cac386a226657759d39c04b26768f03915090f0f1a5b4e6ca815d7478228159

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "18868-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 18634
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main.e2198d73b3e90f0b787085da720eb46e.js Show response
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 22 KB
7 KB 732ms
180ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/main.e2198d73b3e90f0b787085da720eb46e.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f6281f4fc0c8b4cd0ecb0cf382c080d9e5f01b58c816d5f071969f3734465fc6

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "5963-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 6275
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK cylance-blogs.css
threatvector.cylance.com/etc/designs/ 0
756 B 372ms
185ms Stylesheet
text/css 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/designs/cylance-blogs.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 18 Oct 2017 04:24:09 GMT
Server: Apache
Date: Mon, 04 Nov 2019 08:57:59 GMT
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: User-Agent
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.d6fc6f0b35c968dde40b02af38f21447.css
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 154 KB
26 KB 706ms
347ms Stylesheet
text/css 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ce11c18967ab30115878af2f6c6dc88fce05dbda48df9cea5a7abf9fb311ef5f

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "2685c-591e576e7e300-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 25287
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK dependencies.d41d8cd98f00b204e9800998ecf8427e.css
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 0
774 B 537ms
178ms Stylesheet
text/css 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/dependencies.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
ETag: "0-591e576e7e300"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: User-Agent
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 launch-EN9a198e584a4641e5a638d027ddddb3cf.min.js Show response
assets.adobedtm.com/ 149 KB
46 KB 130ms
66ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN9a198e584a4641e5a638d027ddddb3cf.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7fbbeba68616ec3cd21955086a765a1c74d81b3f2772babba4f8f9719adb2d5c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:58 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "5aebb26c4d05b067a5277a6a715dfbac:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Nov 2019 09:57:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
572 B 22ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e85d93603219c7af97e29b183b6f22d04991b9b01c4a79ae824e62ea7aa809b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 04 Nov 2019 08:57:58 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 04 Nov 2019 08:57:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 04 Nov 2019 08:57:58 GMT

GET
H2 200 forms2.min.js Show response
app-sj16.marketo.com/js/forms2/js/ 169 KB
58 KB 107ms
39ms Script
application/x-javascript 104.16.94.80
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj16.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.94.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 25 Sep 2019 18:55:06 GMT
server: cloudflare
age: 6114
etag: "18610b5-2a536-5936530f69680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 5305622f6fcfbf37-AMS
expires: Mon, 04 Nov 2019 12:57:58 GMT

GET
H2 200 featherlight.min.css
cdn.rawgit.com/noelboss/featherlight/1.7.9/release/ 2 KB
1 KB 63ms
16ms Stylesheet
text/css 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/noelboss/featherlight/1.7.9/release/featherlight.min.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

96904bcac47ca5d98b664970580ea473e1e6a6b285c87e8cb3caa2f1928e7219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 200
etag: W/"817cdef4a8ec3dc545361453f69e4209a3c4d809"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
strict-transport-security: max-age=31536000; preload
x-robots-tag: none
rawgit-cache-status: HIT

GET
H2 200 fig1-mobile-malware
s7d2.scene7.com/is/image/cylance/ 52 KB
53 KB 69ms
52ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig1-mobile-malware?&wid=1200&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 78d133e7ae589db43ea71f0693e13b82626a35fb194a31f700c5fc6f4c1546f7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:58 GMT
last-modified: Fri, 27 Sep 2019 23:08:42 GMT
server: Unknown
etag: "66594377f157bfb158835acb57321a00"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 53555
expires: Mon, 04 Nov 2019 16:37:34 GMT

GET
H2 200 fig2-mobile-malware
s7d2.scene7.com/is/image/cylance/ 46 KB
46 KB 72ms
71ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig2-mobile-malware?&wid=1200&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: a71f9955489ddc41f0df61ee1d1996e66ad7c83e0ad48b20328682721e670aaf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Fri, 27 Sep 2019 23:08:49 GMT
server: Unknown
etag: "ffc3ba8ed228aea60518c3b60f211966"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 47306
expires: Mon, 04 Nov 2019 18:10:13 GMT

GET
H2 200 fig3-mobile-malware
s7d2.scene7.com/is/image/cylance/ 75 KB
75 KB 72ms
71ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig3-mobile-malware?&wid=1200&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: ec05f68627a4a86905970bced620ce0a93f0c05b5993e70dc05465b51e59e6e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Fri, 27 Sep 2019 23:16:50 GMT
server: Unknown
etag: "33efc3c74fd41070bee7bacf9b052818"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 76374
expires: Sun, 03 Nov 2019 17:57:31 GMT

GET
H/1.1 200
OK blackberry-logo-300X300.jpg
threatvector.cylance.com/content/dam/cylance-blog/en_us/images/authors/ 24 KB
24 KB 185ms
184ms Image
image/jpeg 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/content/dam/cylance-blog/en_us/images/authors/blackberry-logo-300X300.jpg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

6f1ee571e25de6c9078d39b570a151a28f4a787d86d4a0ce4c810a486f08182d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 18 Oct 2019 16:07:37 GMT
Server: Apache
ETag: "5e49-595318858a440"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Accept-Ranges: bytes
Content-Length: 24137
Date: Mon, 04 Nov 2019 08:57:59 GMT

GET
H/1.1 200
OK Cylance_BB_Logo_RGB_Horz_Black.png
threatvector.cylance.com/content/dam/cylance-blog/en_us/logos/ 19 KB
19 KB 182ms
181ms Image
image/png 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/content/dam/cylance-blog/en_us/logos/Cylance_BB_Logo_RGB_Horz_Black.png

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

eb2deec7e5394e29e51ff83e920f1ce3c092ae5c63b711a4b755b9861a8bc6cd

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
ETag: "4aaf-591e576f72540"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Accept-Ranges: bytes
Content-Length: 19119
Date: Mon, 04 Nov 2019 08:57:59 GMT

GET
H/1.1 200
OK dependencies.a089e038f1a299472aab3599efb8d481.js Show response
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 668 KB
158 KB 396ms
365ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/dependencies.a089e038f1a299472aab3599efb8d481.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

adc2c8e679ffd8f0cbc9270749db4f687b9201280b2913c2817f230584ea4e1d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "a70c1-591e576e7e300-gzip"
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main.97c9aac6ee7df8531607278a78c5c231.js Show response
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 236 KB
63 KB 198ms
198ms Script
application/javascript 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.97c9aac6ee7df8531607278a78c5c231.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1017b2b6551aca43896313770d3c3041d58cee227ce35861c60ef0a10dc38c64

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "3b09d-591e576e7e300-gzip"
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:52 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 featherlight.min.js Show response
cdn.rawgit.com/noelboss/featherlight/1.7.9/release/ 9 KB
4 KB 17ms
16ms Script
application/javascript 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/noelboss/featherlight/1.7.9/release/featherlight.min.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

0e41a843709f19f5327078ad0e4fca7ff8485d280f2458c15b555957a0e646cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 200
etag: W/"2f5a26ba5509a7f0235bf1f53ed375289bfc91bd"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
strict-transport-security: max-age=31536000; preload
x-robots-tag: none
rawgit-cache-status: HIT

GET
H/1.1 200
OK token.json Show response
threatvector.cylance.com/libs/granite/csrf/ 2 B
763 B 188ms
188ms XHR
application/json 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/libs/granite/csrf/token.json

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Date: Mon, 04 Nov 2019 08:57:59 GMT
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: keep-alive
Content-Type: application/json;charset=iso-8859-1
Cache-Control: no-cache
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: User-Agent
Content-Length: 2
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 366 B
1 KB 142ms
40ms XHR
application/json 52.30.105.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=2297E09A576BB9677F000101%40AdobeOrg&d_nsid=0&ts=1572857879792

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.105.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-30-105-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9717b3d99087896d95cc8507f0f6229d402a0420ebe52d359339604a2d1f7c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v050-049a85238.edge-irl1.demdex.com 5.62.0.20191030104901 4ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: o9pd8pFGQRo=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://threatvector.cylance.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 302
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP4c3fcccffd524251ae198bf677f3b6e9/ 34 KB
13 KB 87ms
86ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP4c3fcccffd524251ae198bf677f3b6e9/AppMeasurement.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7848472b4e994bcd2cb522201f6c123b50c4b37e5aab979ac50db3244eb894d5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2019 20:43:53 GMT
server: Apache
etag: "f005ac758d3bc63fa30fe4a4bd80448d:1555361033"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12786
expires: Mon, 04 Nov 2019 09:57:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1461
date: Mon, 04 Nov 2019 08:33:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 04 Nov 2019 10:33:38 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2

Requested by

Host: app-sj16.marketo.com
URL: https://app-sj16.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Thu, 31 Oct 2019 13:55:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:34 GMT
server: sffe
age: 327761
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12344
x-xss-protection: 0
expires: Fri, 30 Oct 2020 13:55:18 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzY5abuWI.woff2

Requested by

Host: app-sj16.marketo.com
URL: https://app-sj16.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e23b84d6736b1645a695282788cee2070cd3f5cd2c5c2e31ea0b44a942294c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 11:01:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:52 GMT
server: sffe
age: 424604
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12524
x-xss-protection: 0
expires: Thu, 29 Oct 2020 11:01:15 GMT

GET
H/1.1 200
OK mainLogo_rgb_h_white.png
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/branding/ 10 KB
11 KB 181ms
180ms Image
image/png 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/branding/mainLogo_rgb_h_white.png

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

09bc1009eb3d9cbc800e4933a407c81b1920be72f28254baff513ee8f422f5b0

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Mon, 04 Nov 2019 08:57:59 GMT
Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
ETag: "2808-591e576f72540"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Accept-Ranges: bytes
Content-Length: 10248
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main_search_close.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 938 B
1 KB 179ms
178ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/main_search_close.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9913bba300e77cd7898ce5a11558bf789fd15cb686107a10a648109117816be1

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "3aa-591e576f72540-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 491
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:57:59 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main_search_icon.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 1 KB
1 KB 274ms
183ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/main_search_icon.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

26ae4b0eb488fa35fca8b199e05b5b5236192cf04a2fa5a91ba6c5c4d5ffc06d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "594-591e576f72540-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 693
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 102319-mobile-malware-cylance-lrg
s7d2.scene7.com/is/image/cylance/ 30 KB
31 KB 74ms
74ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/102319-mobile-malware-cylance-lrg?&wid=1280&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 7d9192060dd74c5e97ca9dabcb601b03b4a54b432af366ba5975c95941c77d90

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Mon, 14 Oct 2019 19:48:06 GMT
server: Unknown
etag: "1c42021a8d3bb63cabb961dd512f5241"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 31006
expires: Mon, 04 Nov 2019 11:00:05 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzY5abuWI.woff2

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f17a340f0388383e8d2a70632006d51e5d0e95f60f1cca3f774bd78b5d3dcd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:25:18 GMT
server: sffe
age: 399168
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12260
x-xss-protection: 0
expires: Thu, 29 Oct 2020 18:05:11 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 22:56:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:25:27 GMT
server: sffe
age: 381699
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12276
x-xss-protection: 0
expires: Thu, 29 Oct 2020 22:56:20 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 212ms
160ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f97341de4415531cb15d7472b1a00e875c1ad9b5541fd7e9f8ef5905f2a02092

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Mon, 04 Nov 2019 08:58:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Oct 2019 16:30:39 GMT
Server: Apache
ETag: "521a36d038605fd35c0785cc62e39b0e:1572021039"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 766

GET
H2 403 getForm
app-sj16.marketo.com/index.php/form/ 0
0 23ms
23ms Script
text/html 104.16.94.80
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj16.marketo.com/index.php/form/getForm?munchkinId=524-DOM-989&form=3163&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&callback=jQuery1124019955003904000668_1572857879805&_=1572857879806
Requested by: Host: app-sj16.marketo.com
URL: https://app-sj16.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.94.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

GET
H2 200 10319-david-cundiff-lrg
s7d2.scene7.com/is/image/cylance/ 6 KB
6 KB 60ms
59ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/10319-david-cundiff-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 9c6e0b46467f0a59d6f4965d996b8ab2dda7f9aa17e33c9c60cd91ee56a774a1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Wed, 30 Oct 2019 22:11:27 GMT
server: Unknown
etag: "f404584931b488b87914f31b8a4a61a7"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 5740
expires: Sun, 03 Nov 2019 08:05:03 GMT

GET
H2 200 102519-katelyn-bowden-0-lrg
s7d2.scene7.com/is/image/cylance/ 6 KB
6 KB 57ms
56ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/102519-katelyn-bowden-0-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: f767ef115408b6bb1de315799c2234ab3ad7947cbfa254aa5e55378ea6fe1a55

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Thu, 24 Oct 2019 20:18:53 GMT
server: Unknown
etag: "5c096d64cbd61c7daa41762d2db5eeb6"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 6129
expires: Mon, 04 Nov 2019 08:02:58 GMT

GET
H2 200 102419-jelena-milosovic-1-lrg
s7d2.scene7.com/is/image/cylance/ 7 KB
7 KB 57ms
56ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/102419-jelena-milosovic-1-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 7dbcba652fc8dea9fccba838cc5bb0b1dbedafc7a49977392de7d3ab8bffee87

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Thu, 24 Oct 2019 18:12:14 GMT
server: Unknown
etag: "9d82c13348386238730114b1fc80a06b"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 7432
expires: Mon, 04 Nov 2019 17:13:01 GMT

GET
H2 200 103119-three-card-monty-2-lrg
s7d2.scene7.com/is/image/cylance/ 10 KB
10 KB 60ms
59ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/103119-three-card-monty-2-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 6a0094ae6935a88efb2771bc15cecd7ab526b5c9dc40e14f8a4a863443afec63

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Tue, 29 Oct 2019 22:49:52 GMT
server: Unknown
etag: "71ac48b57708279cadaf6a9039b82642"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 9832
expires: Mon, 04 Nov 2019 17:24:10 GMT

GET
H2 200 102919-neshta-4-lrg
s7d2.scene7.com/is/image/cylance/ 9 KB
9 KB 65ms
65ms Image
image/jpeg 2a02:26f0:6c00:295::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/102919-neshta-4-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:295::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: c7798e6bf5e6b28865bb3731be289083425ac9b87785c72afe01e4eb591e1c49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
last-modified: Thu, 24 Oct 2019 20:50:04 GMT
server: Unknown
etag: "6f2f5835ac5a12606791900d411f52b1"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 9261
expires: Mon, 04 Nov 2019 16:37:36 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
952 B 24ms
24ms Script
application/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

37c687b8f028567b6e7a898f961cfddc284b29dc35b9d588202121439b609660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 200
OK footer_social_icons_facebook.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 182ms
181ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_facebook.svg

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

937fdd2761db8d890407be8c18e64a7f3c19ded89b4d67f5606e30a560bd63c5

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "6d1-591e576f72540-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 775
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_youtube.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 6 KB
3 KB 182ms
181ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_youtube.svg

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b194fd385666036162259f55563a017e78753671e0fbd3be31a272dc2b869876

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "16d2-591e576f72540-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 2247
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_twitter.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 182ms
182ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_twitter.svg

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

af6f1a1d1ca5b44168e2d69e4e92daf576df150cc615c9e62adc6eb909a73114

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "7d3-591e576f72540-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 1002
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_linkedin.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 194ms
193ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_linkedin.svg

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

099bace63963205abb1875d577e797bdac573989ab27a75960eafe3ccd5fa27a

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "714-591e576f72540-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 803
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_rss.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 222ms
189ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_rss.svg

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8235e55fa7f1c889f552c3d7415b6bfff016a82035dc5c77da7a1789a3de95e3

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "719-591e576f72540-gzip"
Connection: keep-alive
Content-Length: 827
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/svg+xml
Cache-control: no-cache="set-cookie"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflhiN9BI/ 23 KB
9 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflhiN9BI/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sun, 03 Nov 2019 20:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43323
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8680
x-xss-protection: 0
last-modified: Sun, 03 Nov 2019 06:01:19 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 11 Nov 2019 20:55:56 GMT

GET
H/1.1 200
OK Cookie set dest5.html
cylance.demdex.net/ Frame 245F 0
0 199ms
39ms Document
text/html 52.30.78.155
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cylance.demdex.net/dest5.html?d_nsid=0

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: cylance.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Accept-Encoding: gzip, deflate, br
Cookie: demdex=69160079520439535101508563922721440691
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 30 Oct 2019 17:33:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=69160079520439535101508563922721440691;Path=/;Domain=.demdex.net;Expires=Sat, 02-May-2020 08:58:00 GMT;Max-Age=15552000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: SsGMmomsRO4=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Xb-oFwAAFS0YWhN_
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=69160079520439535101508563922721440691
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xb-oFwAAFS0YWhN_

42 B
873 B

46ms
46ms

Image
image/gif

52.30.105.51
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xb-oFwAAFS0YWhN_

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.105.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-30-105-51.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v050-09049a4ce.edge-irl1.demdex.com 5.62.0.20191030104901 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: sOO5JUTcRsg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 04 Nov 2019 08:57:59 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Xb-oFwAAFS0YWhN_
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 RC45a65cb4bab44e65966fc1bfe9d6d8ed-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 460 B
487 B 42ms
42ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC45a65cb4bab44e65966fc1bfe9d6d8ed-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 44df095afbcc3700bb27f3c430bce008b8074188be803787ce11b9b850ed6675

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "eb0abeded1d23a64ed81155c95cbb867:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 254
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 RC795343619189407bb257bf77f37e4f32-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 458 B
491 B 42ms
42ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC795343619189407bb257bf77f37e4f32-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b10bfe284fcea12155ae8def55a8ec14b8a804e198e06d985e6e8a1681851c63

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: AkamaiNetStorage
etag: "6c8d0a2b5eadfc79c1cea9bda4c63d3f:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 252
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 RCa7a45d271f51412293463f49427635d0-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 472 B
499 B 43ms
42ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCa7a45d271f51412293463f49427635d0-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ae0d8091f974c66bea6d9f9aeba9feb785eb4e5a4e779060ec5f31b525f61f0f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "1cd1f676e57143bd85e5f21bdd4785bb:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 265
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=728211448&t=pageview&_s=1&dl=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_gid=1296236819.1572857880&gjid=789595260&_v=j79&z=350584688
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_v=j79&z=350584688
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_v=j79&z=350584688&slf_rd=1&random=4063190824

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_v=j79&z=350584688&slf_rd=1&random=4063190824

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=443721903.1572857880&jid=732904308&_v=j79&z=350584688&slf_rd=1&random=4063190824
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
4 KB 105ms
104ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Mon, 04 Nov 2019 08:58:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Wed, 12 Feb 2020 08:58:00 GMT

GET
H2 200 RC65049b1ee2da4bed9ece12f15b7d466f-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 835 B
587 B 34ms
34ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC65049b1ee2da4bed9ece12f15b7d466f-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c0aed91f1b10ec94f40fdf79c31d1f870fb4bf3eda63b61edb3bbaeff53a93e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "3802beb763414589551c998a499408b3:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 353
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 RC03553916c50b4787a671e14ccf605715-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 695 B
645 B 37ms
37ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC03553916c50b4787a671e14ccf605715-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1a7103ddeebf3a313febafe1aba08a1cec143c98a7b6e51cacbf8893093efaa2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "d9f372492adb73ae3b7bff0cf0a90587:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 412
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 72ms
46ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: B949BC737ADD4746B897E7FBC793A862 Ref B: VIEEDGE1219 Ref C: 2019-11-04T08:58:00Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H2 200 RCcd4cfcbe6a2644318ee9f8727d5e7eb8-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 1 KB
775 B 37ms
36ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCcd4cfcbe6a2644318ee9f8727d5e7eb8-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 93a431303f6163e1a1b17d0fe9ac4edb2b042333aec637187fa92f9ed1050ae8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "eababff33cad8c9e414fb875be462778:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 541
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 RCf28b419b6ee84d7a88134d7176e20bb3-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 1 KB
899 B 37ms
36ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCf28b419b6ee84d7a88134d7176e20bb3-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fe884e48d8d2602152678463aa5ac92bb7bd73b357851406aebcc046ab1d8b9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "6d94ea62691631fbad7ebecdcc6e04c3:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 666
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 RCe330e30c9b774f238563c2f0317b145b-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 654 B
624 B 39ms
38ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCe330e30c9b774f238563c2f0317b145b-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f419df72131b2e7ec36c56950099c5c8f88e3e8ba7de2438b0484d0786e56200

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "cba2baa21d2761515a7b772732db4812:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 391
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 85 KB
32 KB 106ms
25ms Script
application/x-javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js?account=cylance.com
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D3F) / ASP.NET
Resource Hash: 304bfe9eb3f7bd61580b2a74331e32e2c5bb918afa808dc35f01f32f2e693510

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
etag: "be72ba94f588d51:0"
last-modified: Tue, 22 Oct 2019 16:27:22 GMT
server: ECS (lcy/1D3F)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 33061

GET
H/1.1 200
OK share_bar_icon_linkedin.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 190ms
189ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_linkedin.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

c6e538e6a9213d8d6cb6a1f3b7c03e5a06d68ff25ec57e6eb5b4868289464de0

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "809-591e578c0e8c0-gzip"
Connection: keep-alive
Content-Length: 876
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:07:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/svg+xml
Cache-control: no-cache="set-cookie"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_twitter.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 187ms
186ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_twitter.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7b86ac9779af83777789a7fc81940793f77b5bd3ff3d36ac8e925fccf656247a

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "8c8-591e576f72540-gzip"
Connection: keep-alive
Content-Length: 1062
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/svg+xml
Cache-control: no-cache="set-cookie"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_google.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 186ms
186ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_google.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

66de82969f617c85184ad351d55501233e538e7f54caa684368c8a155053874d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "829-591e578c0e8c0-gzip"
Connection: keep-alive
Content-Length: 867
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:07:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/svg+xml
Cache-control: no-cache="set-cookie"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_facebook.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 184ms
184ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_facebook.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fe08d074a32f7c481cc425d22cdd787137feea90578e0b10556cebeefcfa3040

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "771-591e576f72540-gzip"
Connection: keep-alive
Content-Length: 796
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:06:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/svg+xml
Cache-control: no-cache="set-cookie"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_email.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 1 KB
2 KB 290ms
178ms Image
image/svg+xml 52.27.43.254
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_email.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.43.254 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-27-43-254.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

87f55f0eb8ca3828f1f3c43da32e71933463b639ff59c86fab549600912ac687

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "49c-591e578c0e8c0-gzip"
Connection: keep-alive
Content-Length: 682
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 06 Sep 2019 17:07:23 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 04 Nov 2019 08:58:00 GMT
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Type: image/svg+xml
Cache-control: no-cache="set-cookie"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK visitWebPage Show response
524-dom-989.mktoresp.com/webevents/ 2 B
303 B 817ms
168ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://524-dom-989.mktoresp.com/webevents/visitWebPage?_mchNc=1572857880222&_mchCn=&_mchId=524-DOM-989&_mchTk=_mch-cylance.com-1572857880222-67236&_mchHo=threatvector.cylance.com&_mchPo=&_mchRu=%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 04 Nov 2019 08:58:00 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: 5433ce56-7e9b-4db4-957b-13d15106b2dd
Content-Type: text/plain; charset=UTF-8

GET
H2 200 s4656575423730
cylance.sc.omtrdc.net/b/ss/cylan-production/1/JS-2.12.0-L9TT/ 43 B
396 B 118ms
33ms Image
image/gif 52.31.190.58
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cylance.sc.omtrdc.net/b/ss/cylan-production/1/JS-2.12.0-L9TT/s4656575423730?AQB=1&ndh=1&pf=1&t=4%2F10%2F2019%209%3A58%3A0%201%20-60&mid=68707449269207955701462592805602667367&aamlh=6&ce=UTF-8&pageName=home%3Amobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform&g=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&cc=USD&ch=home&server=threatvector.cylance.com&events=event17&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=threatvector.cylance.com&h1=home%7Cmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform&c2=2019-11-02%2002%3A40%3A04&v3=saturday&c4=1%3A58%20AM%7CMonday&v4=1%3A58%20AM%7CMonday&v6=home%3Amobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform&v7=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&c8=D%3Dv8&v8=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F78.0.3904.70%20Safari%2F537.36&c9=D%3Dv9&v9=en_us&c10=D%3Dv10&c11=New&v11=First%20Visit&v12=New&c16=1&c17=18&v17=18&v35=BlackBerry%20Research&v36=research-and-intelligence&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=2297E09A576BB9677F000101%40AdobeOrg&AQE=1

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.31.190.58 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-31-190-58.eu-west-1.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
x-content-type-options: nosniff
x-c: master-1058.I94f02a.M0-309
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 05 Nov 2019 08:58:00 GMT
server: jag
xserver: anedge-75dd976fc9-dtqln
etag: 3377686578013241344-4613490612882539560
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 03 Nov 2019 08:58:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Mon, 04 Nov 2019 08:58:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=35741
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 32ms
31ms Script
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

16d64f53167596e3b279e203618e79e279f0b06c294a6a64100acab05f596654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9200
x-xss-protection: 0
server: cafe
etag: 994047167040605454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Nov 2019 08:58:00 GMT

GET
H2 200 6e7b478b.min.js Show response
tag.demandbase.com/ 56 KB
15 KB 107ms
41ms Script
application/javascript 13.225.78.69
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/6e7b478b.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.69 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-69.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4697ebaf632dba20350e471f46c9c1d576262de9006a41a7b630200ccea9a842

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sun, 03 Nov 2019 14:46:30 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 15:30:33 GMT
server: AmazonS3
age: 1147
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: g52zQweoLQF5hL4f0g70.qpxrFSNvPUz
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: bjCmnWmDS-_JZrFEZieFUoPNDn2XZ6JbeaYEu9ueZPH8Zrf6DzfN0w==
via: 1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&time...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D37262%26url%3Dhttps%253A%252F%252Fthreatvector.cylance.com%252Fen_us%252Fhome%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&time...

0
303 B

109ms
107ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&time=1572857880255&liSync=true
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 20
x-li-uuid: xMLLtejp0xVwe4zeAisAAA==

Redirect headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
vary: Accept-Encoding
content-length: 20
x-li-uuid: gTWKrOjp0xUQKc627CoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&time=1572857880255&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 47ms
47ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5637515&tm=al001&Ver=2&mid=328d340e-79c4-1c94-ff4a-4410944d122f&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific,%20Pervasive,%20and%20Cross-Platform&kw=BlackBerry%20Cylance,%20Mobile%20Malware,%20APT,%20Espionage,%20cross-platform&p=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&r=&lt=2340&pt=1572857877877,,,,,1,1,27,27,567,40,567,916,922,926,2325,2325,2340,,,&pn=0,0&evt=pageLoad&msclkid=N&rn=681572
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 04 Nov 2019 08:57:59 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 2FA5EB9934A84ECEB3F03D7070B0941D Ref B: VIEEDGE1219 Ref C: 2019-11-04T08:58:00Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/?random=1572857880284&cv=9&fst=1572857880284&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&tiba=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&async=1&rfmt=3&fmt=4

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fc22eace79070d1c797a315d0c0af8667d2da77a6711647e4b47fbcaf372f962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858415995/ 42 B
112 B 19ms
19ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858415995/?random=1572857880284&cv=9&fst=1572854400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&tiba=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&async=1&fmt=3&is_vtc=1&random=3358144969&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858415995/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858415995/?random=1572857880284&cv=9&fst=1572854400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&tiba=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&async=1&fmt=3&is_vtc=1&random=3358144969&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
345 B 23ms
23ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=65270ac7ad7747daf3af96a509f14b23&_biz_s=8c2b6&_biz_l=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&_biz_t=1572857880336&_biz_i=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&_biz_n=0&a=cylance.com&rnd=623932&cdn_o=a&_biz_z=1572857880337
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D2F) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:01 GMT
x-aspnetmvc-version: 5.2
last-modified: Wed, 30 Oct 2019 01:35:55 GMT
server: ECS (lcy/1D2F)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 424 B
934 B 207ms
112ms XHR
application/json 143.204.101.109
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&page_title=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&key=7535516323dadf7e3d35f603eaad6491&src=tag
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.109 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-101-109.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: ce9c97a2ee0e2b20b7205db10e85fd53008e238cec1d1bc7541c2c6bcd6fd302

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 1728000
request-id: 955b97f8-a644-4e58-b028-e3ca32875fa5
x-amz-cf-id: 6MoZk_YPr9kGTHtFhlkYU1hrFbnMnKMERnLrU9wlMpkj29RAx-IyUA==
pragma: no-cache
access-control-allow-origin: https://threatvector.cylance.com
server: nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source: CENTRAL
expires: Sun, 03 Nov 2019 08:58:00 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AACgPU67f9AAABQChHAsTw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AACgPU67f9AAABQChHAsTw&verifyHash=580ec4f4d42756448ba32a369505e79ec38dcf31

26 B
408 B

199ms
198ms

Image
image/gif

13.225.78.83
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AACgPU67f9AAABQChHAsTw&verifyHash=580ec4f4d42756448ba32a369505e79ec38dcf31
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.83 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-83.fra2.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Mon, 04 Nov 2019 08:58:00 GMT
Via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: cc84cf21e58eeb01
X-Amz-Cf-Id: xfEtdDXEerDHbjstFe6tpq4b0b2QW3XZunKWi_Jids1vDN9gU4bY7A==

Redirect headers

Date: Mon, 04 Nov 2019 08:58:00 GMT
Via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AACgPU67f9AAABQChHAsTw&verifyHash=580ec4f4d42756448ba32a369505e79ec38dcf31
Connection: keep-alive
trace-id: e6bb8f3c3f092cc8
Content-Length: 0
X-Amz-Cf-Id: 81dRSp5TO7L_JMEaH9sMn8kspqeXqUYMo25yV9FxY2OUQXBAucCYoQ==

GET
H2 200 BizibleAcct.js Show response
cdn.bizible.com/ 378 B
547 B 125ms
125ms Script
text/javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=65270ac7ad7747daf3af96a509f14b23&_biz_h=-1906410348&cdn_o=a&jsVer=4.19.06.26&a=cylance.com
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=cylance.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c020e5897f7e47dafe2c01e4951765a15be0bc4c339aca4ba3d7414d2ea48380

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:57:59 GMT
content-encoding: gzip
etag: 83688B92
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 326

GET
H2 200 u
cdn.bizible.com/m/ 43 B
116 B 23ms
23ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A524-DOM-989%26token%3A_mch-cylance.com-1572857880222-67236&_biz_u=65270ac7ad7747daf3af96a509f14b23&_biz_s=8c2b6&_biz_l=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&_biz_t=1572857880339&_biz_i=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&_biz_n=1&a=cylance.com&rnd=687015&cdn_o=a&_biz_z=1572857880439
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (lcy/1D68) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:00 GMT
x-aspnetmvc-version: 5.2
last-modified: Fri, 01 Nov 2019 04:23:04 GMT
server: ECS (lcy/1D68)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 RC6d15653dcdbd4cccb51d7164ce31913c-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 1 KB
907 B 40ms
39ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC6d15653dcdbd4cccb51d7164ce31913c-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8f9713075b7edd29146b9f8472de0a9dea8c7f3dc2f41ff172f3e558536227c7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:23 GMT
server: AkamaiNetStorage
etag: "030fd508521493a75099bd78f60225e1:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 667
expires: Mon, 04 Nov 2019 09:58:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 31ms
31ms Script
text/javascript 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9a198e584a4641e5a638d027ddddb3cf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Mon, 04 Nov 2019 08:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9385
x-xss-protection: 0
server: cafe
etag: 14299522277420216331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Nov 2019 08:58:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 33 KB
11 KB 72ms
28ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 880a2e81641380a4609a464aa6c813ba5a47f953ea354c1f08eb4f0706409ccd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: CdVV7j36_NrWhaa2SL8tgFNc7xBcb0ts
Content-Encoding: gzip
ETag: "1ab416151418a84e04dca50b27b312ee"
x-amz-request-id: 08D1DCF34EAC8E13
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10541
x-amz-id-2: G+JPo5NDEcKiqcoT4lO6aZsxZ0nOfRZGSyskSS3y8WygGJ+d6VLhM11OiRu6QQfLoJR2ArSHTPc=
Last-Modified: Mon, 21 Oct 2019 16:57:14 GMT
Server: AmazonS3
Date: Mon, 04 Nov 2019 08:58:01 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/?random=1572857881010&cv=9&fst=1572857881010&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&tiba=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&rfmt=3&fmt=4

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c38f181251957f2954ea97c3a2a04a9c50996af5764c232784b164026cea5e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1002
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858415995/ 42 B
112 B 21ms
21ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858415995/?random=1572857881010&cv=9&fst=1572854400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&tiba=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&fmt=3&is_vtc=1&random=1818132546&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858415995/ 42 B
110 B 21ms
21ms Image
image/gif 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858415995/?random=1572857881010&cv=9&fst=1572854400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fmobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html&tiba=Mobile%20Malware%20and%20APT%20Espionage%3A%20Prolific%2C%20Pervasive%2C%20and%20Cross-Platform&fmt=3&is_vtc=1&random=1818132546&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Nov 2019 08:58:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/OU3SUNRJWBHPTCY5X23OHE/index.js
https://s.adroll.com/j/exp/index.js

28 B
680 B

30ms
30ms

Script
application/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: n89Djc2hpwJ_7XKnkt__9L2_0W3LFSZW
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A3B83DC1577A0A5F
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 28
x-amz-id-2: 3rZxTD/oYxYCacn5xF1W46VW9+aHwLl3fV5/cTasbA6aaHrCq5f0/zJd1rdtrKArj9Y+BrXn9fs=
Last-Modified: Thu, 31 Oct 2019 21:51:14 GMT
Server: AmazonS3
Date: Mon, 04 Nov 2019 08:58:01 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 04 Nov 2019 08:58:01 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2 200 OU3SUNRJWBHPTCY5X23OHE Show response
d.adroll.com/consent/check/ 72 B
163 B 105ms
35ms Script
application/javascript 52.30.104.207
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/OU3SUNRJWBHPTCY5X23OHE?_s=10278d291291f47d138a996e62f57d83&_b=2
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.104.207 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-104-207.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 867f268a5c0dcca5157c69c5e61a0f676fb4f00e808b4c268f8e24d3474ebe2b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Mon, 04 Nov 2019 08:58:01 GMT
server: nginx/1.16.1
content-length: 72
content-type: application/javascript

GET
H/1.1 200
OK consent.js Show response
s.adroll.com/j/ 177 KB
25 KB 112ms
61ms Script
application/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9deb521436ad37051d51543f2445bb999ddb6f459da1c6165e155aa99e0c4f0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

x-amz-version-id: mUP7jw_OqQybVflhPbyIiIDmhEvIvOlK
Content-Encoding: gzip
ETag: "e2416a8dda91db724f94f8cf899ec942"
x-amz-request-id: 271B5C1684C2E517
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 25154
x-amz-id-2: bSbj3I+cDjCTdjGZCaQFdJ782xsgHhEwfa32wY58mLwyUUv2Wo2wYtrpVPr+oM7SMvtdpaHYbxI=
Last-Modified: Mon, 30 Sep 2019 18:10:17 GMT
Server: AmazonS3
Date: Mon, 04 Nov 2019 08:58:01 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 hod
d.adroll.com/consent/ 42 B
180 B 35ms
35ms Image
image/gif 52.30.104.207
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/consent/hod?_e=view_banner&_s=10278d291291f47d138a996e62f57d83&_b=2&_a=OU3SUNRJWBHPTCY5X23OHE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.104.207 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-104-207.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Mon, 04 Nov 2019 08:58:01 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.16.1
content-length: 42
vary: Cookie
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 09:13:29	Name: demdex Value: 69160079520439535101508563922721440691
.cylance.com/	1970-01-19 22:26:56	Name: AMCV_2297E09A576BB9677F000101%40AdobeOrg Value: -715282455%7CMCIDTS%7C18205%7CMCMID%7C68707449269207955701462592805602667367%7CMCAAMLH-1573462680%7C6%7CMCAAMB-1573462680%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1572865080s%7CNONE%7CvVersion%7C4.2.0
.cylance.com/	1970-01-19 13:39:53	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.cylance.com/	1970-01-19 13:39:53	Name: _biz_pendingA Value: %5B%5D
.cylance.com/	1970-01-19 04:54:19	Name: _biz_sid Value: 8c2b6
threatvector.cylance.com/	1970-01-19 04:54:18	Name: AWSELB Value: 4D0BDD9F0A163D48ECFEF400CB706ACF82CD0195C8D5AF0B639C0FF52381F196F79B59DABDA65005DB13B5CC961C67EC4A82E113711D6D70A536F9B759B0F5D706ABCD580A
.cylance.com/	1970-01-19 05:37:29	Name: s_nr Value: 1572857880234-New
.cylance.com/	1970-01-19 13:39:53	Name: _biz_uid Value: 65270ac7ad7747daf3af96a509f14b23
.cylance.com/	1969-12-31 23:59:59	Name: AMCVS_2297E09A576BB9677F000101%40AdobeOrg Value: 1
.cylance.com/	1969-12-31 23:59:59	Name: s_ppv Value: home%253Amobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform%2C3%2C3%2C1200
.cylance.com/	1970-01-19 13:39:53	Name: _biz_nA Value: 2
.cylance.com/	1970-01-19 04:54:19	Name: s_invisit Value: true
.cylance.com/	1970-01-20 07:11:05	Name: s_lv Value: 1572857880233
.cylance.com/	1970-01-19 13:39:53	Name: s_vnum Value: 1604393880234%26vn%3D1
.cylance.com/	1970-01-19 04:54:19	Name: s_lv_s Value: First%20Visit
.cylance.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.cylance.com/	1969-12-31 23:59:59	Name: s_tp Value: 40796
.cylance.com/	1970-01-19 22:25:29	Name: _mkto_trk Value: id:524-DOM-989&token:_mch-cylance.com-1572857880222-67236
.threatvector.cylance.com/	1970-01-19 04:54:17	Name: _gat_904909c8b4224b069399ead37fce794b Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://threatvector.cylance.com/en_us/home/mobile-malware-and-apt-espionage-prolific-pervasive-and-cross-platform.html(Line 247) Message: cookie not is active
console-api	log	(Line 2) Message: add----roll1
console-api	log	(Line 2) Message: add----roll2
console-api	log	(Line 2) Message: add----roll2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

524-dom-989.mktoresp.com
api.company-target.com
app-sj16.marketo.com
assets.adobedtm.com
bat.bing.com
cdn.bizible.com
cdn.rawgit.com
cm.everesttech.net
cylance.demdex.net
cylance.sc.omtrdc.net
d.adroll.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.prod.bidr.io
munchkin.marketo.net
px.ads.linkedin.com
s.adroll.com
s.ytimg.com
s7d2.scene7.com
segments.company-target.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
threatvector.cylance.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.linkedin.com
www.youtube.com
104.111.251.133
104.16.94.80
13.225.78.69
13.225.78.83
143.204.101.109
151.139.237.11
172.217.18.2
192.28.147.68
2.18.232.23
2.18.233.40
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:815::2003
2a00:1450:4001:817::2003
2a00:1450:4001:818::2004
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9c
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:295::9b6
2a05:f500:10:101::b93f:9101
2a05:f500:10:101::b93f:9105
52.27.43.254
52.30.104.207
52.30.105.51
52.30.78.155
52.31.190.58
52.48.112.242
66.117.28.86
93.184.220.178
099bace63963205abb1875d577e797bdac573989ab27a75960eafe3ccd5fa27a
09bc1009eb3d9cbc800e4933a407c81b1920be72f28254baff513ee8f422f5b0
0e23b84d6736b1645a695282788cee2070cd3f5cd2c5c2e31ea0b44a942294c2
0e41a843709f19f5327078ad0e4fca7ff8485d280f2458c15b555957a0e646cd
1017b2b6551aca43896313770d3c3041d58cee227ce35861c60ef0a10dc38c64
16d64f53167596e3b279e203618e79e279f0b06c294a6a64100acab05f596654
1a7103ddeebf3a313febafe1aba08a1cec143c98a7b6e51cacbf8893093efaa2
1cac386a226657759d39c04b26768f03915090f0f1a5b4e6ca815d7478228159
26ae4b0eb488fa35fca8b199e05b5b5236192cf04a2fa5a91ba6c5c4d5ffc06d
2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173
304bfe9eb3f7bd61580b2a74331e32e2c5bb918afa808dc35f01f32f2e693510
321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82
37c687b8f028567b6e7a898f961cfddc284b29dc35b9d588202121439b609660
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44df095afbcc3700bb27f3c430bce008b8074188be803787ce11b9b850ed6675
45e2f85e3aab6c36988703f5cc06444289bb795a25736b74975073c98de18498
4697ebaf632dba20350e471f46c9c1d576262de9006a41a7b630200ccea9a842
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
66de82969f617c85184ad351d55501233e538e7f54caa684368c8a155053874d
6a0094ae6935a88efb2771bc15cecd7ab526b5c9dc40e14f8a4a863443afec63
6f1ee571e25de6c9078d39b570a151a28f4a787d86d4a0ce4c810a486f08182d
7848472b4e994bcd2cb522201f6c123b50c4b37e5aab979ac50db3244eb894d5
78a79d5cefe3a91bfccc9d0e3522b756e142d8c2aeba35146f2bc399b71cf4ad
78d133e7ae589db43ea71f0693e13b82626a35fb194a31f700c5fc6f4c1546f7
7b86ac9779af83777789a7fc81940793f77b5bd3ff3d36ac8e925fccf656247a
7d9192060dd74c5e97ca9dabcb601b03b4a54b432af366ba5975c95941c77d90
7dbcba652fc8dea9fccba838cc5bb0b1dbedafc7a49977392de7d3ab8bffee87
7fbbeba68616ec3cd21955086a765a1c74d81b3f2772babba4f8f9719adb2d5c
8235e55fa7f1c889f552c3d7415b6bfff016a82035dc5c77da7a1789a3de95e3
8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd
867f268a5c0dcca5157c69c5e61a0f676fb4f00e808b4c268f8e24d3474ebe2b
87f55f0eb8ca3828f1f3c43da32e71933463b639ff59c86fab549600912ac687
880a2e81641380a4609a464aa6c813ba5a47f953ea354c1f08eb4f0706409ccd
8f9713075b7edd29146b9f8472de0a9dea8c7f3dc2f41ff172f3e558536227c7
937fdd2761db8d890407be8c18e64a7f3c19ded89b4d67f5606e30a560bd63c5
93a431303f6163e1a1b17d0fe9ac4edb2b042333aec637187fa92f9ed1050ae8
96904bcac47ca5d98b664970580ea473e1e6a6b285c87e8cb3caa2f1928e7219
9717b3d99087896d95cc8507f0f6229d402a0420ebe52d359339604a2d1f7c86
9913bba300e77cd7898ce5a11558bf789fd15cb686107a10a648109117816be1
9c6e0b46467f0a59d6f4965d996b8ab2dda7f9aa17e33c9c60cd91ee56a774a1
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a71f9955489ddc41f0df61ee1d1996e66ad7c83e0ad48b20328682721e670aaf
a9deb521436ad37051d51543f2445bb999ddb6f459da1c6165e155aa99e0c4f0
ab400f270903302b14ca990584dc2ed09e18953580a40369665655c95044edd0
adc2c8e679ffd8f0cbc9270749db4f687b9201280b2913c2817f230584ea4e1d
ae0d8091f974c66bea6d9f9aeba9feb785eb4e5a4e779060ec5f31b525f61f0f
af6f1a1d1ca5b44168e2d69e4e92daf576df150cc615c9e62adc6eb909a73114
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b10bfe284fcea12155ae8def55a8ec14b8a804e198e06d985e6e8a1681851c63
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b194fd385666036162259f55563a017e78753671e0fbd3be31a272dc2b869876
b631fccbe48b26dccef2b6eedeed2d6fb9020daf34dbc8010e587e280b6f498e
c020e5897f7e47dafe2c01e4951765a15be0bc4c339aca4ba3d7414d2ea48380
c0aed91f1b10ec94f40fdf79c31d1f870fb4bf3eda63b61edb3bbaeff53a93e0
c38f181251957f2954ea97c3a2a04a9c50996af5764c232784b164026cea5e29
c6e538e6a9213d8d6cb6a1f3b7c03e5a06d68ff25ec57e6eb5b4868289464de0
c7798e6bf5e6b28865bb3731be289083425ac9b87785c72afe01e4eb591e1c49
ce11c18967ab30115878af2f6c6dc88fce05dbda48df9cea5a7abf9fb311ef5f
ce9c97a2ee0e2b20b7205db10e85fd53008e238cec1d1bc7541c2c6bcd6fd302
d4e42e78d5938248bc7eeac03bfacee8cd2a392daa3885637a7899ca4fb30e3c
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
e35896fcd15b2238b1b5e2d4fbbd2b287f57dbbded51ab1a2217c38ce6a51d2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85d93603219c7af97e29b183b6f22d04991b9b01c4a79ae824e62ea7aa809b5
eb2deec7e5394e29e51ff83e920f1ce3c092ae5c63b711a4b755b9861a8bc6cd
ec05f68627a4a86905970bced620ce0a93f0c05b5993e70dc05465b51e59e6e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f17a340f0388383e8d2a70632006d51e5d0e95f60f1cca3f774bd78b5d3dcd07
f419df72131b2e7ec36c56950099c5c8f88e3e8ba7de2438b0484d0786e56200
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6281f4fc0c8b4cd0ecb0cf382c080d9e5f01b58c816d5f071969f3734465fc6
f767ef115408b6bb1de315799c2234ab3ad7947cbfa254aa5e55378ea6fe1a55
f97341de4415531cb15d7472b1a00e875c1ad9b5541fd7e9f8ef5905f2a02092
fc22eace79070d1c797a315d0c0af8667d2da77a6711647e4b47fbcaf372f962
fe08d074a32f7c481cc425d22cdd787137feea90578e0b10556cebeefcfa3040
fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1
fe884e48d8d2602152678463aa5ac92bb7bd73b357851406aebcc046ab1d8b9f

threatvector.cylance.com Open in urlscan Pro 52.27.43.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

93 Requests

100 %HTTPS

44 %IPv6

27 Domains

32 Subdomains

28 IPs

7 Countries

1070 kBTransfer

2908 kBSize

19 Cookies

17 Outgoing links

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatvector.cylance.com Open in urlscan Pro
52.27.43.254 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

100 %
HTTPS

44 %
IPv6

27
Domains

32
Subdomains

28
IPs

7
Countries

1070 kB
Transfer

2908 kB
Size

19
Cookies

93 HTTP transactions
0 data transactions