threatvector.cylance.com Open in urlscan Pro
52.10.87.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Submission: On September 02 via api (September 2nd 2019, 2:17:48 pm UTC) from CH

Summary HTTP 122 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 41 IPs in 7 countries across 41 domains to perform 122 HTTP transactions. The main IP is 52.10.87.191, located in Boardman, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is threatvector.cylance.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 12th 2019. Valid for: a year.

This is the only time threatvector.cylance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	52.10.87.191 52.10.87.191	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	2.18.232.23 2.18.232.23	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.16.96.80 104.16.96.80	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.139.237.11 151.139.237.11	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
18	2a02:26f0:6c0... 2a02:26f0:6c00:284::9b6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.128.26.6 108.128.26.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	104.111.251.133 104.111.251.133	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.30.78.155 52.30.78.155	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.28.147.68 192.28.147.68	53580 (MARKETO) (MARKETO - MARKETO)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
5	93.184.220.178 93.184.220.178	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.35.253.80 13.35.253.80	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	13.35.253.91 13.35.253.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	52.18.95.163 52.18.95.163	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	13.35.253.61 13.35.253.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	66.117.29.227 66.117.29.227	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
4	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5 6	54.217.228.56 54.217.228.56	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 2	52.28.46.116 52.28.46.116	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.58.176.118 52.58.176.118	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
10 14	54.228.196.147 54.228.196.147	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
2 2	2a00:1288:110... 2a00:1288:110:422::3000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.195.133.216 18.195.133.216	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	52.58.143.52 52.58.143.52	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.208 185.33.223.208	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	35.190.72.21 35.190.72.21	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
122	41

29 52.10.87.191 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-10-87-191.us-west-2.compute.amazonaws.com

threatvector.cylance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.232.23 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-23.deploy.static.akamaitechnologies.com

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.96.80 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

app-sj16.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.237.11 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.rawgit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:26f0:6c00:284::9b6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s7d2.scene7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.26.6 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-108-128-26-6.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.251.133 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-251-133.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.78.155 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

cylance.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

524-dom-989.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 93.184.220.178 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.66 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.80 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-80.fra6.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.91 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-91.fra6.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.95.163 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-18-95-163.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.61 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-61.fra6.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.29.227 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cylance.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland) 1 redirects

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.40 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.217.228.56 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-217-228-56.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.46.116 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-46-116.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.176.118 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-176-118.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 54.228.196.147 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-196-147.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.2 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:422::3000 (United Kingdom) 2 redirects

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.133.216 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-133-216.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.143.52 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-58-143-52.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.208 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.72.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.21.226 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	cylance.com threatvector.cylance.com	446 KB
24	adroll.com 15 redirects s.adroll.com d.adroll.com	28 KB
18	scene7.com s7d2.scene7.com	651 KB
11	adobedtm.com assets.adobedtm.com	65 KB
5	bizible.com cdn.bizible.com	33 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com ads.yahoo.com	2 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
4	gstatic.com fonts.gstatic.com	49 KB
3	facebook.net connect.facebook.net	103 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	1 KB
3	google.de www.google.de	329 B
3	google.com 1 redirects www.google.com	430 B
3	company-target.com 1 redirects api.company-target.com segments.company-target.com	2 KB
3	demdex.net dpm.demdex.net cylance.demdex.net	2 KB
2	openx.net 1 redirects us-u.openx.net	342 B
2	bidswitch.net 1 redirects x.bidswitch.net	911 B
2	3lift.com 1 redirects eb2.3lift.com	692 B
2	outbrain.com 1 redirects sync.outbrain.com	602 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	721 B
2	bidr.io 2 redirects match.prod.bidr.io	752 B
2	googleadservices.com www.googleadservices.com	18 KB
2	bing.com bat.bing.com	7 KB
2	marketo.net munchkin.marketo.net	6 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	rawgit.com cdn.rawgit.com	5 KB
2	marketo.com app-sj16.marketo.com	58 KB
1	facebook.com www.facebook.com	246 B
1	rlcdn.com idsync.rlcdn.com	40 B
1	adnxs.com ib.adnxs.com	874 B
1	taboola.com trc.taboola.com	192 B
1	pubmatic.com simage2.pubmatic.com	862 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	omtrdc.net cylance.sc.omtrdc.net	585 B
1	demandbase.com tag.demandbase.com	15 KB
1	licdn.com snap.licdn.com	5 KB
1	mktoresp.com 524-dom-989.mktoresp.com	303 B
1	ytimg.com s.ytimg.com	10 KB
1	youtube.com www.youtube.com	944 B
1	everesttech.net 1 redirects cm.everesttech.net	527 B
1	googleapis.com fonts.googleapis.com	558 B
122	41

	Domain	Requested by
29	threatvector.cylance.com	threatvector.cylance.com
20	d.adroll.com	15 redirects threatvector.cylance.com
18	s7d2.scene7.com	threatvector.cylance.com
11	assets.adobedtm.com	threatvector.cylance.com
5	cdn.bizible.com	threatvector.cylance.com cdn.bizible.com
4	s.adroll.com	threatvector.cylance.com
4	fonts.gstatic.com	app-sj16.marketo.com threatvector.cylance.com
3	connect.facebook.net	s.adroll.com connect.facebook.net
3	www.google.de	threatvector.cylance.com
3	www.google.com	1 redirects threatvector.cylance.com
2	us-u.openx.net	1 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	ads.yahoo.com	2 redirects
2	sync.outbrain.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	px.ads.linkedin.com	1 redirects
2	segments.company-target.com	1 redirects threatvector.cylance.com
2	match.prod.bidr.io	2 redirects
2	googleads.g.doubleclick.net	threatvector.cylance.com
2	www.googleadservices.com	threatvector.cylance.com assets.adobedtm.com
2	bat.bing.com	threatvector.cylance.com
2	munchkin.marketo.net	threatvector.cylance.com munchkin.marketo.net
2	www.google-analytics.com	1 redirects threatvector.cylance.com
2	dpm.demdex.net	threatvector.cylance.com
2	cdn.rawgit.com	threatvector.cylance.com
2	app-sj16.marketo.com	threatvector.cylance.com app-sj16.marketo.com
1	www.facebook.com
1	cm.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com
1	ib.adnxs.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	pixel.rubiconproject.com
1	www.linkedin.com	1 redirects
1	cylance.sc.omtrdc.net	threatvector.cylance.com
1	stats.g.doubleclick.net	1 redirects
1	api.company-target.com	threatvector.cylance.com
1	tag.demandbase.com	threatvector.cylance.com
1	snap.licdn.com	threatvector.cylance.com
1	524-dom-989.mktoresp.com	threatvector.cylance.com
1	s.ytimg.com	www.youtube.com
1	www.youtube.com	threatvector.cylance.com
1	cm.everesttech.net	1 redirects
1	cylance.demdex.net	threatvector.cylance.com
1	fonts.googleapis.com	threatvector.cylance.com
122	48

This site contains links to these domains. Also see Links.

Domain
www.cylance.com
www.facebook.com
www.youtube.com
twitter.com
www.linkedin.com
shop.cylance.com

Subject Issuer	Validity	Valid
*.cylance.com DigiCert SHA2 Secure Server CA	`2019-06-12` - `2020-09-18`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-06-27` - `2021-07-01`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
app-sj16.marketo.com CloudFlare Inc ECC CA-2	`2019-02-22` - `2020-02-22`	a year	crt.sh
rawgit.com COMODO RSA Domain Validation Secure Server CA	`2018-12-29` - `2020-01-13`	a year	crt.sh
*.scene7.com DigiCert SHA2 Secure Server CA	`2019-01-02` - `2020-03-02`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-12-24` - `2020-03-24`	a year	crt.sh
*.mktoresp.com GeoTrust RSA CA 2018	`2018-02-05` - `2020-02-05`	2 years	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
cdn.bizible.com Go Daddy Secure Certificate Authority - G2	`2019-03-14` - `2021-04-13`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.demandbase.com Go Daddy Secure Certificate Authority - G2	`2018-09-20` - `2020-11-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
www.google.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2020-04-14`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2018-12-19` - `2020-03-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-05-08` - `2019-11-04`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-17` - `2020-05-04`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-24` - `2020-04-23`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 2 frames:

Primary Page: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Frame ID: 76175F0A80E4730410B2B7EA3D09C187
Requests: 121 HTTP requests in this frame

Frame: https://cylance.demdex.net/dest5.html?d_nsid=0
Frame ID: 651C08B34415F62323D1A3DE7EFD9F2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

122
Requests

100 %
HTTPS

35 %
IPv6

41
Domains

48
Subdomains

41
IPs

7
Countries

1521 kB
Transfer

3465 kB
Size

21
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cylance.com/en-us/company/about-us/privacy-notice.html
Title: Read More

Search URL Search Domain Scan URL

URL: https://www.cylance.com/
Title: Cylance.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CylanceInc

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/CylanceInc

Search URL Search Domain Scan URL

URL: https://twitter.com/cylanceinc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cylanceinc

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/about-us/index.html
Title: Who We Are

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/resources/knowledge-center/index.html
Title: Resource Center

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/news-and-press/news.html
Title: Cylance News

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/news-and-press/press-releases.html
Title: Press Releases

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/company/about-us/terms-of-service.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/platform/products/index.html
Title: CylancePROTECT

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en_us/products/our-products/optics.html
Title: CylanceOPTICS

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/platform/products/cylance-threatzero.html
Title: Cylance ThreatZERO

Search URL Search Domain Scan URL

URL: https://shop.cylance.com/us
Title: Cylance Smart Antivirus

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en_us/services/left-structure-nav/overview/consulting.html
Title: Consulting Overview

Search URL Search Domain Scan URL

URL: https://www.cylance.com/en-us/solutions/industry/index.html
Title: Industry Overview

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.everesttech.net/cm/dd?d_uuid=60026004540107824433006466841675321751 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XW0kfAAAEmhX4Dx0

Request Chain 78

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAMFNE662kkAACFZDsoJUA HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAMFNE662kkAACFZDsoJUA&verifyHash=51e231a369e11833b8f5488199a541a43832736b

Request Chain 86

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=860258704&t=pageview&_s=1&dl=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&ul=en-us&de=UTF-8&dt=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KHBAAAAB~&jid=1795529039&gjid=1763234776&cid=608025799.1567433853&tid=UA-33464378-1&_gid=1351572710.1567433853&_r=1&z=1428585151 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_gid=1351572710.1567433853&gjid=1763234776&_v=j79&z=1428585151 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_v=j79&z=1428585151 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_v=j79&z=1428585151&slf_rd=1&random=3421013933

Request Chain 92

https://px.ads.linkedin.com/collect/?time=1567433853243&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&fmt=js&s=1 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1567433853243%26pid%3D37262%26url%3Dhttps%253A%252F%252Fthreatvector.cylance.com%252Fen_us%252Fhome%252Fblackberry-cylance-vs-parite-polymorphic-file-infector.html%26fmt%3Djs%26s%3D1%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect/?time=1567433853243&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&fmt=js&s=1&liSync=true

Request Chain 100

https://d.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&pv=74812808141.95575&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html HTTP 302
https://s.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB/BMNOXKZHPFHPDK7ZYEXFSC.js

Request Chain 103

https://d.adroll.com/cm/aol/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP67ef9205-cd8c-11e9-8ff9-02bfc2ef0ece HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP67ef9205-cd8c-11e9-8ff9-02bfc2ef0ece&verify=true

Request Chain 104

https://d.adroll.com/cm/index/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expiration=1598969853 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expiration=1598969853&C=1

Request Chain 105

https://d.adroll.com/cm/n/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expires=365

Request Chain 106

https://d.adroll.com/cm/outbrain/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&rdrctExp=true

Request Chain 107

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 108

https://d.adroll.com/cm/r/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 109

https://d.adroll.com/cm/taboola/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

Request Chain 110

https://d.adroll.com/cm/triplelift/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 112

https://d.adroll.com/cm/r/out?advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 113

https://d.adroll.com/cm/b/out?advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

Request Chain 114

https://d.adroll.com/cm/x/out?advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

Request Chain 115

https://d.adroll.com/cm/l/out?advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=b022dcdaf606ec495248a922ab314855

Request Chain 116

https://d.adroll.com/cm/o/out?advertisable=OU3SUNRJWBHPTCY5X23OHE HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=b022dcdaf606ec495248a922ab314855 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b022dcdaf606ec495248a922ab314855

Request Chain 117

https://d.adroll.com/cm/g/out?advertisable=OU3SUNRJWBHPTCY5X23OHE&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=sCLc2vYG7ElSSKkiqzFIVQ&google_ula=1535926 HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set blackberry-cylance-vs-parite-polymorphic-file-infector.html Show response
threatvector.cylance.com/en_us/home/ 48 KB
13 KB 727ms
175ms Document
text/html 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d735815940a1494d67b3771379ea508f495d9aaeffd168963da25eaccc9dc87c

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatvector.cylance.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Accept-Ranges: bytes
Cache-control: no-cache="set-cookie"
Content-Encoding: gzip
Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Type: text/html;charset=utf-8
Date: Mon, 02 Sep 2019 14:17:31 GMT
ETag: "c1d1-591591cb082c0-gzip"
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Last-Modified: Fri, 30 Aug 2019 17:40:03 GMT
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Set-Cookie: AWSELB=4D0BDD9F0A163D48ECFEF400CB706ACF82CD0195C8103937592FB679C084F1DB4FBF9937A7A4381BCD335FA13A79BACAFDE223CF13FD25873C7A2BC0E5C1F5ABCE7C0F7EBB;PATH=/;MAX-AGE=900
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: Accept-Encoding,User-Agent
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 11906
Connection: keep-alive

GET
H/1.1 200
OK main.731db1757391070f3ea2ead82acaf408.css
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 12 KB
3 KB 174ms
174ms Stylesheet
text/css 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/main.731db1757391070f3ea2ead82acaf408.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

d4e42e78d5938248bc7eeac03bfacee8cd2a392daa3885637a7899ca4fb30e3c

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "2eda-58ca5f1932c80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 2403
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.5e8d3382f82b03b0bf3fea3024eecd61.js Show response
threatvector.cylance.com/etc.clientlibs/clientlibs/granite/ 288 KB
87 KB 597ms
249ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery.5e8d3382f82b03b0bf3fea3024eecd61.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

45e2f85e3aab6c36988703f5cc06444289bb795a25736b74975073c98de18498

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "47f04-58ca5f1932c80-gzip"
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK utils.7a49486e1c734bd5d7fd0c1c68c83d9b.js Show response
threatvector.cylance.com/etc.clientlibs/clientlibs/granite/ 47 KB
11 KB 523ms
175ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/utils.7a49486e1c734bd5d7fd0c1c68c83d9b.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e35896fcd15b2238b1b5e2d4fbbd2b287f57dbbded51ab1a2217c38ce6a51d2f

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "bcc7-58ca5f1a26ec0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 10676
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK granite.ed0d934d509c9dab702088c125c92b4f.js Show response
threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/ 10 KB
4 KB 530ms
182ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "28d6-58ca5f1a26ec0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 2974
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery.26df26a88f9f71ceabb6a15e7cb9c550.js Show response
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 471 B
1 KB 528ms
174ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/jquery.26df26a88f9f71ceabb6a15e7cb9c550.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "1d7-58ca5f1a26ec0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 316
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK shared.06a50b23d97647c86982b7801a20508a.js Show response
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 98 KB
19 KB 701ms
177ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/shared.06a50b23d97647c86982b7801a20508a.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1cac386a226657759d39c04b26768f03915090f0f1a5b4e6ca815d7478228159

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "18868-58ca5f1a26ec0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 18634
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main.e2198d73b3e90f0b787085da720eb46e.js Show response
threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/ 22 KB
7 KB 703ms
174ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc.clientlibs/foundation/clientlibs/main.e2198d73b3e90f0b787085da720eb46e.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

f6281f4fc0c8b4cd0ecb0cf382c080d9e5f01b58c816d5f071969f3734465fc6

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "5963-58ca5f1a26ec0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 6275
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK cylance-blogs.css
threatvector.cylance.com/etc/designs/ 0
756 B 352ms
179ms Stylesheet
text/css 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/designs/cylance-blogs.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 18 Oct 2017 04:24:09 GMT
Server: Apache
Date: Mon, 02 Sep 2019 14:17:31 GMT
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: User-Agent
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.d6fc6f0b35c968dde40b02af38f21447.css
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 154 KB
26 KB 526ms
180ms Stylesheet
text/css 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ce11c18967ab30115878af2f6c6dc88fce05dbda48df9cea5a7abf9fb311ef5f

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "2685c-58ca5f1932c80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 25287
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK dependencies.d41d8cd98f00b204e9800998ecf8427e.css
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 0
774 B 527ms
181ms Stylesheet
text/css 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/dependencies.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
ETag: "0-58ca5f1932c80"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 0
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:54 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:31 GMT
Vary: User-Agent
Content-Type: text/css;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 launch-EN9a198e584a4641e5a638d027ddddb3cf.min.js Show response
assets.adobedtm.com/ 149 KB
46 KB 16ms
15ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN9a198e584a4641e5a638d027ddddb3cf.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7fbbeba68616ec3cd21955086a765a1c74d81b3f2772babba4f8f9719adb2d5c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:31 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "5aebb26c4d05b067a5277a6a715dfbac:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Sep 2019 15:17:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
558 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

e85d93603219c7af97e29b183b6f22d04991b9b01c4a79ae824e62ea7aa809b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 02 Sep 2019 14:17:31 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 02 Sep 2019 14:17:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Mon, 02 Sep 2019 14:17:31 GMT

GET
H2 200 forms2.min.js Show response
app-sj16.marketo.com/js/forms2/js/ 169 KB
58 KB 213ms
23ms Script
application/x-javascript 104.16.96.80
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sj16.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.96.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 07 Aug 2019 18:10:53 GMT
server: cloudflare
age: 3244
etag: "a7324-2a536-58f8adc9ba540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 51001ba5687b63a1-FRA
expires: Mon, 02 Sep 2019 18:17:31 GMT

GET
H2 200 featherlight.min.css
cdn.rawgit.com/noelboss/featherlight/1.7.9/release/ 2 KB
1 KB 22ms
7ms Stylesheet
text/css 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/noelboss/featherlight/1.7.9/release/featherlight.min.css

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

96904bcac47ca5d98b664970580ea473e1e6a6b285c87e8cb3caa2f1928e7219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 200
etag: W/"817cdef4a8ec3dc545361453f69e4209a3c4d809"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
strict-transport-security: max-age=31536000; preload
x-robots-tag: none
rawgit-cache-status: HIT

GET
H2 200 fig1-parite
s7d2.scene7.com/is/image/cylance/ 62 KB
63 KB 22ms
8ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig1-parite?&wid=1064&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 68931e33e944d14492cbbc5158faef31ab7040a6b73ba9bb792179a6f1b557d5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:31 GMT
last-modified: Mon, 12 Aug 2019 01:13:28 GMT
server: Unknown
etag: "d2e67ac03624eb4b840dda162449b79a"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 63989
expires: Mon, 02 Sep 2019 16:46:05 GMT

GET
H2 200 fig2-parite
s7d2.scene7.com/is/image/cylance/ 33 KB
33 KB 10ms
7ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig2-parite?&wid=1166&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 1b0a2b5c8df9f3d1b4c5bd8e568486eef3497dc0e049afe9eab06d3ea4b7f892

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:12:24 GMT
server: Unknown
etag: "b54d48344bc4acfa267365009bcfc2ee"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 33743
expires: Mon, 02 Sep 2019 16:46:05 GMT

GET
H2 200 fig3-parite
s7d2.scene7.com/is/image/cylance/ 17 KB
17 KB 11ms
8ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig3-parite?&wid=1113&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 3be28c78b5034a9da9ced3b8679bc9c6509bf241e31e6e2911a0e2ca934af2f7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:12:27 GMT
server: Unknown
etag: "58e5d05705f5dadbedc7d7bedd744800"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 17143
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig4-parite
s7d2.scene7.com/is/image/cylance/ 11 KB
11 KB 14ms
12ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig4-parite?&wid=607&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: de68b9da0dc47d663d4f277de036cfb77dd2b5b6c760f0cdcea9f2f86888c6b9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:14:48 GMT
server: Unknown
etag: "5bd798e9bc726c340deb86034ad671d8"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 11123
expires: Mon, 02 Sep 2019 16:46:05 GMT

GET
H2 200 fig5-parite
s7d2.scene7.com/is/image/cylance/ 12 KB
12 KB 15ms
12ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig5-parite?&wid=581&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: c7371fc80aaa8cb831b69c0fc6316d84df50604acf34535f9cd1e8d88b9ab4c3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:13:39 GMT
server: Unknown
etag: "4aa323b019fb214c3be78c79d3d5f09a"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 11825
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig6-parite
s7d2.scene7.com/is/image/cylance/ 8 KB
8 KB 15ms
12ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig6-parite?&wid=1133&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: a6263d2b65dcdb06890af403589c8d56e0686a57ed620e46bfdf9fa527e83dad

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:14:34 GMT
server: Unknown
etag: "672f68e86f38468b92d2297c2720d42c"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 7911
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig7-parite
s7d2.scene7.com/is/image/cylance/ 98 KB
98 KB 20ms
18ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig7-parite?&wid=1144&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 7cb6b262921ae820e6087d669fb2569af137cabcd2e724ab6ea03a4d2e5dae7a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:17:04 GMT
server: Unknown
etag: "01f17864917e986309412d51965b9cbb"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 100105
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig8-parite
s7d2.scene7.com/is/image/cylance/ 47 KB
48 KB 21ms
18ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig8-parite?&wid=705&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: f82142a2b261a9cf7f6c952759be9bc3b7aac64a1da2ca174c494ede3e1f06a9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:15:50 GMT
server: Unknown
etag: "1c486f7d22704375c844e833ec410781"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 48453
expires: Mon, 02 Sep 2019 16:46:05 GMT

GET
H2 200 fig9-parite
s7d2.scene7.com/is/image/cylance/ 52 KB
52 KB 21ms
19ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig9-parite?&wid=530&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: a18d144ce26dd699c57aab1684a6532eb72a77adb420156ba27d34f3e0cce749

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:15:56 GMT
server: Unknown
etag: "8a346aecbd080cb9a38b267f65114427"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 53350
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig10-parite
s7d2.scene7.com/is/image/cylance/ 71 KB
71 KB 22ms
20ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig10-parite?&wid=599&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 995faa1202d9ae4abb0c9d5003865014aeabbaea2a1877eaa060431c5a53c165

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:18:10 GMT
server: Unknown
etag: "b3f6856bbc38dab805a7fe0fbeca87ed"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 72516
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig11-parite
s7d2.scene7.com/is/image/cylance/ 55 KB
55 KB 27ms
25ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig11-parite?&wid=910&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 064ecaaaa361722147392663098cbe3331d9b1a07a862c80bd3912e1119c7b6e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:18:17 GMT
server: Unknown
etag: "8d79c5f9b6994959ded3eb17e64b6b8a"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 55874
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H2 200 fig12-parite
s7d2.scene7.com/is/image/cylance/ 63 KB
63 KB 30ms
28ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/fig12-parite?&wid=910&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 88d7f3238a32d68c38b68c6c1e2a215f0e45c372118518a4360743989aecb590

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 12 Aug 2019 01:17:05 GMT
server: Unknown
etag: "9a156808000fd2e7d0a95c75ef46ea48"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 64354
expires: Mon, 02 Sep 2019 16:46:06 GMT

GET
H/1.1 200
OK author_thumbnail_default.jpg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/placeholder/ 2 KB
3 KB 178ms
176ms Image
image/jpeg 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/placeholder/author_thumbnail_default.jpg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2d9245daf2dcc8739b68091fc3afea1e48c3add85f07d57e551a2ab7a714853e

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:00 GMT
Server: Apache
ETag: "8d7-58ca5f1eeba00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Accept-Ranges: bytes
Content-Length: 2263
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cylance_BB_Logo_RGB_Horz_Black.png
threatvector.cylance.com/content/dam/cylance-blog/en_us/logos/ 19 KB
19 KB 177ms
176ms Image
image/png 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/content/dam/cylance-blog/en_us/logos/Cylance_BB_Logo_RGB_Horz_Black.png

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

eb2deec7e5394e29e51ff83e920f1ce3c092ae5c63b711a4b755b9861a8bc6cd

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:00 GMT
Server: Apache
ETag: "4aaf-58ca5f1eeba00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Accept-Ranges: bytes
Content-Length: 19119
Date: Mon, 02 Sep 2019 14:17:32 GMT

GET
H/1.1 200
OK dependencies.a089e038f1a299472aab3599efb8d481.js Show response
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 668 KB
158 KB 187ms
187ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/dependencies.a089e038f1a299472aab3599efb8d481.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

adc2c8e679ffd8f0cbc9270749db4f687b9201280b2913c2817f230584ea4e1d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "a70c1-58ca5f1b1b100-gzip"
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main.97c9aac6ee7df8531607278a78c5c231.js Show response
threatvector.cylance.com/etc/clientlibs/cylance-blogs/ 236 KB
63 KB 186ms
186ms Script
application/javascript 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.97c9aac6ee7df8531607278a78c5c231.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

1017b2b6551aca43896313770d3c3041d58cee227ce35861c60ef0a10dc38c64

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "3b09d-58ca5f1b1b100-gzip"
transfer-encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:56 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript;charset=utf-8
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 featherlight.min.js Show response
cdn.rawgit.com/noelboss/featherlight/1.7.9/release/ 9 KB
4 KB 8ms
5ms Script
application/javascript 151.139.237.11
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rawgit.com/noelboss/featherlight/1.7.9/release/featherlight.min.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.11 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

0e41a843709f19f5327078ad0e4fca7ff8485d280f2458c15b555957a0e646cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: NetDNA-cache/2.2
status: 200
etag: W/"2f5a26ba5509a7f0235bf1f53ed375289bfc91bd"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315569000, immutable
strict-transport-security: max-age=31536000; preload
x-robots-tag: none
rawgit-cache-status: HIT

GET
H/1.1 200
OK token.json Show response
threatvector.cylance.com/libs/granite/csrf/ 2 B
763 B 184ms
183ms XHR
application/json 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://threatvector.cylance.com/libs/granite/csrf/token.json

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Date: Mon, 02 Sep 2019 14:17:32 GMT
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Connection: keep-alive
Content-Type: application/json;charset=iso-8859-1
Cache-Control: no-cache
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Vary: User-Agent
Content-Length: 2
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 366 B
1 KB 33ms
33ms XHR
application/json 108.128.26.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=4.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=2297E09A576BB9677F000101%40AdobeOrg&d_nsid=0&ts=1567433852480
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.26.6 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-108-128-26-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ec1ed4306b9834065a6b310ea127d9d57bacc57fc8924d638985e13c4fd8e3e2

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v041-00aa9b24d.edge-irl1.demdex.com 5.58.1.20190812093348 4ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: SSAe41k6QQc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://threatvector.cylance.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 299
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP4c3fcccffd524251ae198bf677f3b6e9/ 34 KB
13 KB 27ms
26ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP4c3fcccffd524251ae198bf677f3b6e9/AppMeasurement.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7848472b4e994bcd2cb522201f6c123b50c4b37e5aab979ac50db3244eb894d5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2019 20:43:53 GMT
server: Apache
etag: "f005ac758d3bc63fa30fe4a4bd80448d:1555361033"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12786
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3095
date: Mon, 02 Sep 2019 13:25:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Mon, 02 Sep 2019 15:25:57 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2

Requested by

Host: app-sj16.marketo.com
URL: https://app-sj16.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 05:51:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:34 GMT
server: sffe
age: 721557
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12344
x-xss-protection: 0
expires: Mon, 24 Aug 2020 05:51:35 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzY5abuWI.woff2

Requested by

Host: app-sj16.marketo.com
URL: https://app-sj16.marketo.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e23b84d6736b1645a695282788cee2070cd3f5cd2c5c2e31ea0b44a942294c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 05:46:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:52 GMT
server: sffe
age: 721833
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12524
x-xss-protection: 0
expires: Mon, 24 Aug 2020 05:46:59 GMT

GET
H/1.1 200
OK mainLogo_rgb_h_white.png
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/branding/ 10 KB
11 KB 177ms
176ms Image
image/png 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/branding/mainLogo_rgb_h_white.png

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

09bc1009eb3d9cbc800e4933a407c81b1920be72f28254baff513ee8f422f5b0

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:13:57 GMT
Server: Apache
ETag: "2808-58ca5f1c0f340"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Accept-Ranges: bytes
Content-Length: 10248
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main_search_close.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 938 B
1 KB 272ms
174ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/main_search_close.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

9913bba300e77cd7898ce5a11558bf789fd15cb686107a10a648109117816be1

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "3aa-58ca5f8c97cc0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 491
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:15:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK main_search_icon.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 1 KB
1 KB 271ms
173ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/main_search_icon.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

26ae4b0eb488fa35fca8b199e05b5b5236192cf04a2fa5a91ba6c5c4d5ffc06d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "594-58ca5f8c97cc0-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 693
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:15:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H2 200 082019-parite-cylance-3-lrg
s7d2.scene7.com/is/image/cylance/ 82 KB
83 KB 23ms
23ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/082019-parite-cylance-3-lrg?&wid=1280&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 52a819b57faa286aa34073040a99a7f426c65345757c2c3336260a3573010afa

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Fri, 09 Aug 2019 22:44:12 GMT
server: Unknown
etag: "cf67701488ec2e48a4d2f5923946ff68"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 84247
expires: Mon, 02 Sep 2019 16:46:05 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffAzHGItzY5abuWI.woff2

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f17a340f0388383e8d2a70632006d51e5d0e95f60f1cca3f774bd78b5d3dcd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 29 Aug 2019 05:02:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:25:18 GMT
server: sffe
age: 378928
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12260
x-xss-protection: 0
expires: Fri, 28 Aug 2020 05:02:04 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2
fonts.gstatic.com/s/titilliumweb/v8/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v8/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzY5abuWI.woff2

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Titillium+Web:200,300,400,600
Origin: https://threatvector.cylance.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 26 Aug 2019 13:17:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:25:27 GMT
server: sffe
age: 608420
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 12276
x-xss-protection: 0
expires: Tue, 25 Aug 2020 13:17:12 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 33ms
7ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Apr 2019 02:53:44 GMT
Server: Apache
ETag: "54520320df20b526337717d6d28181fc:1554432824"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 403 getForm
app-sj16.marketo.com/index.php/form/ 0
0 11ms
11ms Script
text/html 104.16.96.80
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://app-sj16.marketo.com/index.php/form/getForm?munchkinId=524-DOM-989&form=3163&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&callback=jQuery112405953172377167115_1567433852493&_=1567433852494
Requested by: Host: app-sj16.marketo.com
URL: https://app-sj16.marketo.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.96.80 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK Cookie set dest5.html
cylance.demdex.net/ Frame 651C 0
0 142ms
30ms Document
text/html 52.30.78.155
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cylance.demdex.net/dest5.html?d_nsid=0
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cylance.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Accept-Encoding: gzip, deflate, br
Cookie: demdex=60026004540107824433006466841675321751
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 13 Aug 2019 09:03:41 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=60026004540107824433006466841675321751;Path=/;Domain=.demdex.net;Expires=Sat, 29-Feb-2020 14:17:32 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: dv6yjbGfR6c=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XW0kfAAAEmhX4Dx0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=60026004540107824433006466841675321751
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XW0kfAAAEmhX4Dx0

42 B
776 B

34ms
34ms

Image
image/gif

108.128.26.6
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XW0kfAAAEmhX4Dx0
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.26.6 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-108-128-26-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v041-0d025c084.edge-irl1.demdex.com 5.58.1.20190812093348 4ms (+0ms)
Pragma: no-cache
X-TID: WG1h6HHbTQA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XW0kfAAAEmhX4Dx0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 082219-hacking-teens-2-lrg
s7d2.scene7.com/is/image/cylance/ 8 KB
9 KB 11ms
11ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/082219-hacking-teens-2-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 8deab9e119a5c57d0a57ace405a1e06b56592bf2ceac2d70c05cef6d8fbb6f40

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 05 Aug 2019 22:23:19 GMT
server: Unknown
etag: "9e4aa54685249d2415fce4dce26b408b"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 8670
expires: Mon, 02 Sep 2019 22:26:47 GMT

GET
H2 200 092819-apt28-cylance-ff3-lrg
s7d2.scene7.com/is/image/cylance/ 8 KB
8 KB 12ms
11ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/092819-apt28-cylance-ff3-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: cbb1b909d87b15c934a34c8b0c4e2fab2c4a0c677446d0bafa08339cd2755e2f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Thu, 22 Aug 2019 23:18:01 GMT
server: Unknown
etag: "9d38d6407b7c2f2933b40ac81206658e"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 7949
expires: Sun, 01 Sep 2019 03:33:49 GMT

GET
H2 200 082919-echobot-mirai-lrg
s7d2.scene7.com/is/image/cylance/ 8 KB
8 KB 12ms
12ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/082919-echobot-mirai-lrg?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: ccbd37c2b3b91c99eb249fcc79ee418b57b7e8b06afc6b541e36b329bbbbf8cc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Tue, 06 Aug 2019 02:06:25 GMT
server: Unknown
etag: "9a53858a445b3bc5f5f0b6f3c169b74f"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 8486
expires: Sat, 31 Aug 2019 14:02:39 GMT

GET
H2 200 JackDaniels%20(002)
s7d2.scene7.com/is/image/cylance/ 8 KB
8 KB 14ms
14ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/JackDaniels%20(002)?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 0f614110a03120974ee49b6f8ff892a1b376753c547afbcca26965cc2a0fc379

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Mon, 26 Aug 2019 18:14:24 GMT
server: Unknown
etag: "b1ad3c31d477c791d14ed111b5edbc52"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 7854
expires: Mon, 02 Sep 2019 21:53:38 GMT

GET
H2 200 000-InSecurity-Podcast-LRG
s7d2.scene7.com/is/image/cylance/ 4 KB
4 KB 14ms
14ms Image
image/jpeg 2a02:26f0:6c00:284::9b6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s7d2.scene7.com/is/image/cylance/000-InSecurity-Podcast-LRG?&wid=319&fit=constrain,1
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:284::9b6 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Unknown /
Resource Hash: 62d710d9bda1dbd522c180805ec2a66d82c84ec1093813ebf39d22f04b30d871

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
last-modified: Thu, 11 Apr 2019 19:54:05 GMT
server: Unknown
etag: "dd3973310906a18966ce86729e8f6c75"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
content-length: 4371
expires: Mon, 02 Sep 2019 21:55:18 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
944 B 21ms
20ms Script
application/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

4ba24b3b0893a8ee74bc043ece4c52e17f4b1a4574ee36545821ac7e4f91711c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
H/1.1 200
OK footer_social_icons_facebook.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 174ms
174ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_facebook.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

937fdd2761db8d890407be8c18e64a7f3c19ded89b4d67f5606e30a560bd63c5

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "6d1-58ca5f20d3e80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 775
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_youtube.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 6 KB
3 KB 174ms
174ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_youtube.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b194fd385666036162259f55563a017e78753671e0fbd3be31a272dc2b869876

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "16d2-58ca5f20d3e80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 2247
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_twitter.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 176ms
175ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_twitter.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

af6f1a1d1ca5b44168e2d69e4e92daf576df150cc615c9e62adc6eb909a73114

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "7d3-58ca5f20d3e80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 1002
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_linkedin.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 175ms
175ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_linkedin.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

099bace63963205abb1875d577e797bdac573989ab27a75960eafe3ccd5fa27a

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "714-58ca5f20d3e80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 803
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK footer_social_icons_rss.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 174ms
173ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/footer_social_icons_rss.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

8235e55fa7f1c889f552c3d7415b6bfff016a82035dc5c77da7a1789a3de95e3

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main.d6fc6f0b35c968dde40b02af38f21447.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "719-58ca5f20d3e80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 827
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/155/ 9 KB
4 KB 11ms
11ms Script
application/x-javascript 104.111.251.133
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/155/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.251.133 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-251-133.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Nov 2018 03:18:20 GMT
Server: Apache
ETag: "c67dad42946949112916578f78706df8:1543547900"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3923
Expires: Wed, 11 Dec 2019 14:17:32 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl_QvS8o/ 26 KB
10 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl_QvS8o/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

743cc926a4314f25d09ad7fa042ddc4dbbb81c7f28fa11be70af367ee3015ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 08:38:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20367
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9985
x-xss-protection: 0
last-modified: Fri, 30 Aug 2019 20:07:01 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Tue, 10 Sep 2019 08:38:05 GMT

GET
H/1.1 200
OK visitWebPage Show response
524-dom-989.mktoresp.com/webevents/ 2 B
303 B 696ms
154ms XHR
text/plain 192.28.147.68
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://524-dom-989.mktoresp.com/webevents/visitWebPage?_mchNc=1567433852600&_mchCn=&_mchId=524-DOM-989&_mchTk=_mch-cylance.com-1567433852600-40785&_mchHo=threatvector.cylance.com&_mchPo=&_mchRu=%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&_mchPc=https%3A&_mchVr=155&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN53580 (MARKETO - MARKETO, Inc., US),
Reverse DNS
Software: akka-http/10.1.7 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 02 Sep 2019 14:17:33 GMT
Content-Encoding: gzip
Server: akka-http/10.1.7
Transfer-Encoding: chunked
X-Request-Id: f4bbbbf8-4623-4c26-a3ef-eb9c3bad0f6d
Content-Type: text/plain; charset=UTF-8

GET
H2 200 RC03553916c50b4787a671e14ccf605715-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 695 B
645 B 7ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC03553916c50b4787a671e14ccf605715-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1a7103ddeebf3a313febafe1aba08a1cec143c98a7b6e51cacbf8893093efaa2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "d9f372492adb73ae3b7bff0cf0a90587:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 412
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 23 KB
7 KB 49ms
48ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 18:53:49 GMT
x-msedge-ref: Ref A: 5B7CB4235081488BB2F5CC073ED44E14 Ref B: VIEEDGE0621 Ref C: 2019-09-02T14:17:32Z
status: 200
etag: "809cac9e6349d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7126

GET
H2 200 RCcd4cfcbe6a2644318ee9f8727d5e7eb8-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 1 KB
775 B 9ms
9ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCcd4cfcbe6a2644318ee9f8727d5e7eb8-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 93a431303f6163e1a1b17d0fe9ac4edb2b042333aec637187fa92f9ed1050ae8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "eababff33cad8c9e414fb875be462778:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 541
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 RCf28b419b6ee84d7a88134d7176e20bb3-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 1 KB
899 B 9ms
9ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCf28b419b6ee84d7a88134d7176e20bb3-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fe884e48d8d2602152678463aa5ac92bb7bd73b357851406aebcc046ab1d8b9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "6d94ea62691631fbad7ebecdcc6e04c3:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 666
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 RCe330e30c9b774f238563c2f0317b145b-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 654 B
624 B 9ms
9ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCe330e30c9b774f238563c2f0317b145b-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f419df72131b2e7ec36c56950099c5c8f88e3e8ba7de2438b0484d0786e56200

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:24 GMT
server: Apache
etag: "cba2baa21d2761515a7b772732db4812:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 391
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 85 KB
32 KB 27ms
6ms Script
application/x-javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js?account=cylance.com
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) / ASP.NET
Resource Hash: 38e2357a7e1247afb1475fd6294b7fb8fe8d085a662bc7fc14659bbf852bcd14

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
etag: "19824fdc2e5bd51:0"
last-modified: Sun, 25 Aug 2019 10:21:30 GMT
server: ECS (fcn/40B4)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 33059

GET
H/1.1 200
OK share_bar_icon_linkedin.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 185ms
174ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_linkedin.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

c6e538e6a9213d8d6cb6a1f3b7c03e5a06d68ff25ec57e6eb5b4868289464de0

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "809-58ca5f1fdfc40-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 876
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_twitter.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 184ms
173ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_twitter.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7b86ac9779af83777789a7fc81940793f77b5bd3ff3d36ac8e925fccf656247a

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "8c8-58ca5f1fdfc40-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 1062
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_google.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 292ms
175ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_google.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

66de82969f617c85184ad351d55501233e538e7f54caa684368c8a155053874d

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "829-58ca5f1fdfc40-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 867
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_facebook.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 2 KB
2 KB 291ms
174ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_facebook.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

fe08d074a32f7c481cc425d22cdd787137feea90578e0b10556cebeefcfa3040

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "771-58ca5f1fdfc40-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 796
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:01 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK share_bar_icon_email.svg
threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/ 1 KB
1 KB 185ms
174ms Image
image/svg+xml 52.10.87.191
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://threatvector.cylance.com/etc/clientlibs/cylance-blogs/main/images/icons/share_bar_icon_email.svg

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.87.191 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-10-87-191.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

87f55f0eb8ca3828f1f3c43da32e71933463b639ff59c86fab549600912ac687

Security Headers

Name	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy: font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Content-Encoding: gzip
ETag: "49c-58ca5f20d3e80-gzip"
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 682
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 01 Jul 2019 22:14:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Date: Mon, 02 Sep 2019 14:17:32 GMT
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Connection: keep-alive
Feature-Policy: geolocation 'none';midi 'none';sync-xhr *;microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';speaker *;fullscreen *;payment 'none';
Accept-Ranges: bytes
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 15 KB
5 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=30322
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 19ms
16ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9166
x-xss-protection: 0
server: cafe
etag: 9427867564825067918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Sep 2019 14:17:32 GMT

GET
H2 200 6e7b478b.min.js Show response
tag.demandbase.com/ 56 KB
15 KB 12ms
10ms Script
application/javascript 13.35.253.80
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.demandbase.com/6e7b478b.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.80 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-80.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d46f9e013df1aa1864b8a744dd8f1bddf6b0a372d8745917d432c7f0d5171214

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: OPlVoOutJTXQxpBdYEE3syCPOCOOHtom
content-encoding: gzip
last-modified: Tue, 20 Aug 2019 00:26:20 GMT
server: AmazonS3
age: 893
date: Mon, 02 Sep 2019 14:02:40 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: MMZPlB2Zh0MyY9N42HDN-zDHU_CDG-3S06PHjqGHLqjwT9eBIn2QZA==
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)

GET
H2 200 ipv
cdn.bizible.com/m/ 43 B
323 B 8ms
8ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=8d5037f61dc34539d49557ddc28150fe&_biz_s=58b730&_biz_l=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&_biz_t=1567433852699&_biz_i=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&_biz_n=0&a=cylance.com&rnd=654663&cdn_o=a&_biz_z=1567433852701
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A2) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-aspnetmvc-version: 4.0
last-modified: Sat, 31 Aug 2019 17:52:35 GMT
server: ECS (fcn/41A2)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/ 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/?random=1567433852711&cv=9&fst=1567433852711&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&tiba=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&async=1&rfmt=3&fmt=4

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

daf90f37815d639cb17edaf0a92a9f36b4fbb3ae6f2ab5e3c6fec5b3b4ea53e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 993
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 423 B
930 B 55ms
55ms XHR
application/json 13.35.253.91
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&page_title=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&key=7535516323dadf7e3d35f603eaad6491&src=tag
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.91 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-91.fra6.r.cloudfront.net
Software: nginx /
Resource Hash: 5b4f7ddf2cbd5ef8611f5fd90529a7c0b42bedb4c6f5a8f08d1c328b55043372

Request headers

Sec-Fetch-Mode: cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 1728000
request-id: f30b78a2-a12a-4267-896e-2ad9af89543d
x-amz-cf-id: LuPaBRnIkKdCY_7Rmt11rSAuAz725XPcC6uKsstoXrozaEb7QHQnlg==
pragma: no-cache
access-control-allow-origin: https://threatvector.cylance.com
server: nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
identification-source: STANDARD
expires: Sun, 01 Sep 2019 14:17:32 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAMFNE662kkAACFZDsoJUA
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAMFNE662kkAACFZDsoJUA&verifyHash=51e231a369e11833b8f5488199a541a43832736b

26 B
361 B

98ms
97ms

Image
image/gif

13.35.253.61
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAMFNE662kkAACFZDsoJUA&verifyHash=51e231a369e11833b8f5488199a541a43832736b
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.61 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-61.fra6.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:33 GMT
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 26
X-Amz-Cf-Id: evu7b-fqKsAyND3yOQWohqoIVgLKyIruxgFZfQnDQNvwdocP5Yen8g==

Redirect headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
Via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAMFNE662kkAACFZDsoJUA&verifyHash=51e231a369e11833b8f5488199a541a43832736b
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: Xl_D1U0aaqCKQV_Rh8-XhdEGoF7RZ6U7HQMYpv3pX3s7_5LCXym8jQ==

GET
H2 200 BizibleAcct.js Show response
cdn.bizible.com/ 376 B
521 B 508ms
508ms Script
text/javascript 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=8d5037f61dc34539d49557ddc28150fe&_biz_h=-1906410348&cdn_o=a&jsVer=4.19.08.20&a=cylance.com
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js?account=cylance.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aabeeb6bfde1582f7ed01db949b560d8b630a2240267663db17f561b2ff4125c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
etag: 6CA403F5
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 323

GET
H2 204 0
bat.bing.com/action/ 0
148 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5637515&tm=al001&Ver=2&mid=3f8abcd0-34ab-d10f-d9fd-d1f090b82156&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&kw=BlackBerry%20Cylance,%20Parite,%20polymorphic,%20file%20infector&p=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&r=&lt=1902&pt=1567433850773,,,,,0,1,32,32,552,205,553,728,730,733,1884,1884,1902,,,&pn=0,0&evt=pageLoad&msclkid=N&rn=861035
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: BF15D9D0D7334C03811C719548BC8C4D Ref B: VIEEDGE0621 Ref C: 2019-09-02T14:17:32Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858415995/ 42 B
119 B 20ms
19ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858415995/?random=1567433852711&cv=9&fst=1567432800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&tiba=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&async=1&fmt=3&is_vtc=1&random=1195646252&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858415995/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858415995/?random=1567433852711&cv=9&fst=1567432800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&tiba=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&async=1&fmt=3&is_vtc=1&random=1195646252&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC45a65cb4bab44e65966fc1bfe9d6d8ed-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 460 B
487 B 7ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC45a65cb4bab44e65966fc1bfe9d6d8ed-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 44df095afbcc3700bb27f3c430bce008b8074188be803787ce11b9b850ed6675

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "eb0abeded1d23a64ed81155c95cbb867:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 254
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 RC795343619189407bb257bf77f37e4f32-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 458 B
484 B 7ms
7ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC795343619189407bb257bf77f37e4f32-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b10bfe284fcea12155ae8def55a8ec14b8a804e198e06d985e6e8a1681851c63

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "6c8d0a2b5eadfc79c1cea9bda4c63d3f:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 252
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 RCa7a45d271f51412293463f49427635d0-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 472 B
499 B 9ms
9ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RCa7a45d271f51412293463f49427635d0-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ae0d8091f974c66bea6d9f9aeba9feb785eb4e5a4e779060ec5f31b525f61f0f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "1cd1f676e57143bd85e5f21bdd4785bb:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 265
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=860258704&t=pageview&_s=1&dl=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.h...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_gid=1351572710.1567433853&gjid=1763234776&_v=j79&z=1428585151
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_v=j79&z=1428585151
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_v=j79&z=1428585151&slf_rd=1&random=3421013933

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_v=j79&z=1428585151&slf_rd=1&random=3421013933

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-33464378-1&cid=608025799.1567433853&jid=1795529039&_v=j79&z=1428585151&slf_rd=1&random=3421013933
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC65049b1ee2da4bed9ece12f15b7d466f-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 835 B
587 B 6ms
6ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC65049b1ee2da4bed9ece12f15b7d466f-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c0aed91f1b10ec94f40fdf79c31d1f870fb4bf3eda63b61edb3bbaeff53a93e0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:25 GMT
server: Apache
etag: "3802beb763414589551c998a499408b3:1560460645"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 353
expires: Mon, 02 Sep 2019 15:17:32 GMT

GET
H2 200 u
cdn.bizible.com/m/ 43 B
116 B 7ms
7ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A524-DOM-989%26token%3A_mch-cylance.com-1567433852600-40785&_biz_u=8d5037f61dc34539d49557ddc28150fe&_biz_s=58b730&_biz_l=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&_biz_t=1567433852704&_biz_i=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&_biz_n=1&a=cylance.com&rnd=443303&cdn_o=a&_biz_z=1567433852805
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DD) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-aspnetmvc-version: 4.0
last-modified: Fri, 30 Aug 2019 04:37:02 GMT
server: ECS (fcn/40DD)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizible.com/m/ 43 B
80 B 10ms
10ms Image
image/gif 93.184.220.178
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=ecid&mapValue=2297E09A576BB9677F000101%40AdobeOrg_60480085779606677112961766723490511171&_biz_u=8d5037f61dc34539d49557ddc28150fe&_biz_s=58b730&_biz_l=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&_biz_t=1567433852706&_biz_i=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&_biz_n=2&a=cylance.com&rnd=234976&cdn_o=a&_biz_z=1567433852805
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.178 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DD) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:32 GMT
x-aspnetmvc-version: 4.0
last-modified: Fri, 30 Aug 2019 04:37:02 GMT
server: ECS (fcn/40DD)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H/1.1 200
OK s22092515285498
cylance.sc.omtrdc.net/b/ss/cylan-production/1/JS-2.12.0-L9TT/ 43 B
585 B 66ms
16ms Image
image/gif 66.117.29.227
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cylance.sc.omtrdc.net/b/ss/cylan-production/1/JS-2.12.0-L9TT/s22092515285498?AQB=1&ndh=1&pf=1&t=2%2F8%2F2019%2016%3A17%3A32%201%20-120&mid=60480085779606677112961766723490511171&aamlh=6&ce=UTF-8&pageName=home%3Ablackberry-cylance-vs-parite-polymorphic-file-infector&g=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&cc=USD&ch=home&server=threatvector.cylance.com&events=event17&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=threatvector.cylance.com&h1=home%7Cblackberry-cylance-vs-parite-polymorphic-file-infector&c2=2019-08-30%2017%3A40%3A03&v3=friday&c4=7%3A17%20AM%7CMonday&v4=7%3A17%20AM%7CMonday&v6=home%3Ablackberry-cylance-vs-parite-polymorphic-file-infector&v7=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&c8=D%3Dv8&v8=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&c9=D%3Dv9&v9=en_us&c10=D%3Dv10&c11=New&v11=First%20Visit&v12=New&c16=1&c17=16&v17=16&v35=The%20Cylance%20Threat%20Research%20Team&v36=research-and-intelligence&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=2297E09A576BB9677F000101%40AdobeOrg&AQE=1

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.117.29.227 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

Software

Omniture DC /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 02 Sep 2019 14:17:32 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 03 Sep 2019 14:17:32 GMT
Server: Omniture DC
xserver: www73
ETag: "3366038566578716672-5533203245532803263"
Vary: *
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Sun, 01 Sep 2019 14:17:32 GMT

GET
H2 200 RC6d15653dcdbd4cccb51d7164ce31913c-source.min.js Show response
assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/ 1 KB
900 B 6ms
6ms Script
application/x-javascript 2.18.232.23
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/COe49f90d73b104d95a5840fb29de3b4bb/PRf95f8581a88f45b9b9b9fb92baf50df7/BL2622518685ad46688ae9b6337ed669ac/RC6d15653dcdbd4cccb51d7164ce31913c-source.min.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.23 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8f9713075b7edd29146b9f8472de0a9dea8c7f3dc2f41ff172f3e558536227c7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:33 GMT
content-encoding: gzip
last-modified: Thu, 13 Jun 2019 21:17:23 GMT
server: Apache
etag: "030fd508521493a75099bd78f60225e1:1560460644"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 667
expires: Mon, 02 Sep 2019 15:17:33 GMT

GET
H2

200

/ Show response
px.ads.linkedin.com/collect/
Redirect Chain

https://px.ads.linkedin.com/collect/?time=1567433853243&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&fmt=js&s=1
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1567433853243%26pid%3D37262%26url%3Dhttps%253A%252F%252Fthreatvector.cylance.com%252Fen_us%252Fh...
https://px.ads.linkedin.com/collect/?time=1567433853243&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&fmt=js&s=1&...

0
71 B

166ms
166ms

Script
application/javascript

2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1567433853243&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&fmt=js&s=1&liSync=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:33 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: 6koh3NKkwBVg3TKWvSoAAA==

Redirect headers

date: Mon, 02 Sep 2019 14:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 302
vary: Accept-Encoding
content-length: 20
x-li-uuid: 4LnY+cikwBXgu0DEySoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-efr5
x-frame-options: sameorigin
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect/?time=1567433853243&pid=37262&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&fmt=js&s=1&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 19ms
19ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN9a198e584a4641e5a638d027ddddb3cf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

910c0f7f21ae6d436fd483f49c5c3c46713877acd81cb71998dd053358ebbc2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 2965469837572918388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 02 Sep 2019 14:17:33 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/ 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858415995/?random=1567433853273&cv=9&fst=1567433853273&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&tiba=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&rfmt=3&fmt=4

Requested by

Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4225582d78d868dc342479658f2084f45f81cb401f661f636b0081f6d6db1a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 988
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 34 KB
11 KB 9ms
9ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e129303f75e317ba0dd09f90f4de9e94f1d832355b5d9202181e3e72648b3646

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: QeYg6KFO.FRXBdsxcgzaI4tvnuNYuapJ
Content-Encoding: gzip
ETag: "6c0b13f9ae206371f89a62089e2cee50"
x-amz-request-id: 72C989087570869F
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 10669
x-amz-id-2: TgB7jm4tUHMYhmYndS1Uuw4Z8J5SwCSq+l0APkKh74lNhuvIYuMVZK29ShMaGBKiS0VURCM5OAU=
Last-Modified: Thu, 29 Aug 2019 21:37:09 GMT
Server: AmazonS3
Date: Mon, 02 Sep 2019 14:17:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 /
www.google.com/pagead/1p-user-list/858415995/ 42 B
119 B 21ms
21ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858415995/?random=1567433853273&cv=9&fst=1567432800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&tiba=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&fmt=3&is_vtc=1&random=1150914821&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858415995/ 42 B
110 B 22ms
21ms Image
image/gif 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858415995/?random=1567433853273&cv=9&fst=1567432800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&tiba=BlackBerry%20Cylance%20vs.%20Parite%20Polymorphic%20File%20Infector&fmt=3&is_vtc=1&random=1150914821&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/exp/OU3SUNRJWBHPTCY5X23OHE/ 36 B
688 B 7ms
7ms Script
application/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/OU3SUNRJWBHPTCY5X23OHE/index.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9690bc8de8d9efcfd7f8b2154219ec3cf41cd61795dbc98bc068e5b0155e8288

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: Lm3Hy.Tk7aBwRYbfn88XHd6QvX5xtKiT
ETag: "9900870e5422567a7a6c7a4197ef9f39"
x-amz-request-id: 2EA32B079095C692
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 36
x-amz-id-2: nWl/EKe9Ps4E6p3rHFDu+tQyMoFgy6BfEcdz09TjICaQeImBWwj029f1upHo2IPfjyk6viT8hw8=
Last-Modified: Thu, 29 Aug 2019 22:22:38 GMT
Server: AmazonS3
Date: Mon, 02 Sep 2019 14:17:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK OU3SUNRJWBHPTCY5X23OHE Show response
d.adroll.com/consent/check/ 46 B
505 B 28ms
27ms Script
application/javascript 54.217.228.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/OU3SUNRJWBHPTCY5X23OHE?_s=1ecfd87b145b35a65818b1b8e4327fb2
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.228.56 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-217-228-56.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: f7d7b8e746c4d75bbd4454d4a0e2e2c58d51f0293c25b1351696c33fc3571cce

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 46

GET
H/1.1

200
OK

BMNOXKZHPFHPDK7ZYEXFSC.js Show response
s.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB/
Redirect Chain

https://d.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&pv=74812808141.95575&cookie=&adroll_s_ref=&keyw=&arrfrr=h...
https://s.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB/BMNOXKZHPFHPDK7ZYEXFSC.js

6 KB
3 KB

9ms
9ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB/BMNOXKZHPFHPDK7ZYEXFSC.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 79a5a24099a0a07f7f110441ce3a04edc884ebcfa098f2dd88a29aeb4f14ca03

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: V2flq_cuofb0.7odwT2UwbzD1MgCIuJf
Content-Encoding: gzip
ETag: "08be8e66b3184f140f912a9c1babc1f7"
x-amz-request-id: 72496EB1E9914099
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1995
x-amz-id-2: MTIZT/z4oD/3JbPm5QaEiQRHnUxlUa+LcYi9nfBnZIccMjbBpZUHhC88wRlXUKLzuBBwrY30lrk=
Last-Modified: Tue, 20 Aug 2019 22:52:59 GMT
Server: AmazonS3
Date: Mon, 02 Sep 2019 14:17:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Mon, 02 Sep 2019 14:17:33 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.14.1
X-Rule: *threatvector.cylance.com*
X-Segment-Eid: BMNOXKZHPFHPDK7ZYEXFSC
Location: https://s.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB/BMNOXKZHPFHPDK7ZYEXFSC.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: JFQUMKJ3NRFIFLRA5FOQKB
X-Segment-Name: a102ead2
X-Advertisable-Eid: OU3SUNRJWBHPTCY5X23OHE
X-Conversion-Currency

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
24 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/pixel/OU3SUNRJWBHPTCY5X23OHE/JFQUMKJ3NRFIFLRA5FOQKB/BMNOXKZHPFHPDK7ZYEXFSC.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 23404
x-xss-protection: 0
pragma: public
x-fb-debug: nOIRJ15xxI4nrm8WxDmj3aaGtAx3gVgI+JWOdVm3lAKDq71TDR2/dAiElWtEkgLjYcZgIe0+fSkZOOxIGmljIQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 02 Sep 2019 14:17:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
3 KB 7ms
7ms Script
text/javascript 2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: threatvector.cylance.com
URL: https://threatvector.cylance.com/etc.clientlibs/clientlibs/granite/jquery/granite.ed0d934d509c9dab702088c125c92b4f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: bv5tbFRTscaRKEqFkalakKuyHLZKzhRi
Content-Encoding: gzip
ETag: "15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id: 198E401D87432C99
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2039
x-amz-id-2: 3WoyI0AXgXs7dk6lhxNOloR7ydF87514Pa/UZ7binEfc+CqUVTnT4JAYzmoZ4kg6v8WLBkUUPQ0=
Last-Modified: Fri, 16 Aug 2019 17:29:31 GMT
Server: AmazonS3
Date: Mon, 02 Sep 2019 14:17:33 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://pixel.advertising.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP67ef9205-cd8c-11e9-8ff9-02...
https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP67ef9205-cd8c-11e9-8ff9-02...

0
473 B

8ms
8ms

Image
text/plain

52.58.176.118
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP67ef9205-cd8c-11e9-8ff9-02bfc2ef0ece&verify=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.176.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-176-118.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 02 Sep 2019 14:17:33 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Mon, 02 Sep 2019 14:17:33 GMT
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55980/sync?uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP67ef9205-cd8c-11e9-8ff9-02bfc2ef0ece&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expiration=1598969853
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expiration=1598969853&C=1

43 B
898 B

16ms
15ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expiration=1598969853&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 02 Sep 2019 14:17:33 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expiration=1598969853&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Mon, 02 Sep 2019 14:17:33 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expires=365

42 B
371 B

11ms
11ms

Image
image/gif

69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:32 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: MohxERpafThH6yWbsapo8A
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
H2

200

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&rdrctExp=true

0
330 B

97ms
97ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&rdrctExp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:33 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1567433854.601446,VS0,VE91
accept-ranges: bytes, bytes
x-served-by: cache-jfk8138-JFK, cache-hhn4032-HHN
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.38
x-traceid: b348c79b048d282f661443e267ff528e
content-length: 0
x-cache-hits: 0, 0

Redirect headers

date: Mon, 02 Sep 2019 14:17:33 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, JFK, HHN, Europe1
x-timer: S1567433854.509061,VS0,VE86
accept-ranges: bytes, bytes
x-served-by: cache-jfk8143-JFK, cache-hhn4032-HHN
status: 302
x-cache: MISS, MISS
location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&rdrctExp=true
backend-ip: 104.156.90.43
x-traceid: 5968269ac3300adfd863cf3705dacf89
content-length: 0
x-cache-hits: 0, 0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
862 B

14ms
14ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
X-lat: Pug22030:0:451
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
H/1.1

200
OK

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
488 B

30ms
29ms

Image
image/gif

54.228.196.147
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.196.147 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-196-147.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

Redirect headers

Date: Mon, 02 Sep 2019 14:17:33 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

0
192 B

18ms
17ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:33 GMT
via: 1.1 varnish
server: nginx
x-timer: S1567433854.516826,VS0,VE12
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
x-served-by: cache-hhn4032-HHN

Redirect headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=b557ae2894da60982f9ee5b7168ad2b7-1567433853346&xid_ch=f&advertisable=OU3SUNRJWBHPTCY5X23OHE
https://eb2.3lift.com/xuid?mid=4714&xuid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&dongle=c85e&gdpr=1&cmp_cs=

37 B
334 B

10ms
10ms

Image
image/gif

18.195.133.216
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&dongle=c85e&gdpr=1&cmp_cs=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.133.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-133-216.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 02 Sep 2019 14:17:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

status: 302
date: Mon, 02 Sep 2019 14:17:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: /xuid?ld=1&mid=4714&xuid=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU&dongle=c85e&gdpr=1&cmp_cs=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK in
d.adroll.com/cm/mk/ADVERTISABLE_EID/ 42 B
488 B 32ms
32ms Image
image/gif 54.228.196.147
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/mk/ADVERTISABLE_EID/in?id=id%3A524-DOM-989%26token%3A_mch-cylance.com-1567433852600-40785
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.196.147 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-196-147.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

GET
H/1.1

200
OK

in
d.adroll.com/cm/r/
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=OU3SUNRJWBHPTCY5X23OHE
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

42 B
501 B

30ms
30ms

Image
image/gif

54.228.196.147
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.196.147 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-196-147.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42

Redirect headers

Date: Mon, 02 Sep 2019 14:17:33 GMT
X-Content-Type-Options: nosniff
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
P3P: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Location: https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=OU3SUNRJWBHPTCY5X23OHE
https://x.bidswitch.net/sync?dsp_id=44&user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

43 B
379 B

24ms
24ms

Image
image/gif

52.58.143.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.143.52 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-58-143-52.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Mon, 02 Sep 2019 14:17:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

status: 302
date: Mon, 02 Sep 2019 14:17:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=OU3SUNRJWBHPTCY5X23OHE
https://ib.adnxs.com/setuid?entity=172&code=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

43 B
874 B

37ms
13ms

Image
image/gif

185.33.223.208
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=172&code=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

311.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:35 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid: 05792363-4e26-451a-b102-f9d3a74e3ba3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/setuid?entity=172&code=YjAyMmRjZGFmNjA2ZWM0OTUyNDhhOTIyYWIzMTQ4NTU
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 93

GET
H2

204

377928.gif
idsync.rlcdn.com/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=OU3SUNRJWBHPTCY5X23OHE
https://idsync.rlcdn.com/377928.gif?partner_uid=b022dcdaf606ec495248a922ab314855

0
40 B

113ms
113ms

Image
text/plain

35.190.72.21
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=b022dcdaf606ec495248a922ab314855
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 02 Sep 2019 14:17:33 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=b022dcdaf606ec495248a922ab314855
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 86

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=OU3SUNRJWBHPTCY5X23OHE
https://us-u.openx.net/w/1.0/sd?id=537103138&val=b022dcdaf606ec495248a922ab314855
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b022dcdaf606ec495248a922ab314855

43 B
109 B

15ms
15ms

Image
image/gif

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b022dcdaf606ec495248a922ab314855
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.161.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:33 GMT
via: 1.1 google
server: OXGW/16.161.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 02 Sep 2019 14:17:33 GMT
via: 1.1 google
server: OXGW/16.161.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=b022dcdaf606ec495248a922ab314855
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=OU3SUNRJWBHPTCY5X23OHE&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=sCLc2vYG7ElSSKkiqzFIVQ&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
533 B

30ms
29ms

Image
image/gif

54.228.196.147
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.196.147 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-196-147.eu-west-1.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 02 Sep 2019 14:17:33 GMT
Server: nginx/1.14.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Mon, 02 Sep 2019 14:17:33 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1792927231029740 Show response
connect.facebook.net/signals/config/ 307 KB
78 KB 49ms
49ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1792927231029740?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4cdb5521799347327648c9276d2efa4b5c608ca21238cb091f2629d4c95e6cea

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: /Qme4YeJFyh2Bsmr/cynn0YRo0jLpEo2d0LOlnupBJuxfWuTVRiC9dVwT1lStPDSeQRzea2sQCWDlFNZLBLWvg==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 02 Sep 2019 14:17:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
897 B 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: g1139GvhJLqYpUEBI81NZtSbEWZwY4OEX3UgYtAXyu7veAfsf81oirLoz+bLt2bAbHKlt6VpN57TirqXvsjlRg==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Mon, 02 Sep 2019 14:17:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1792927231029740&ev=PageView&dl=https%3A%2F%2Fthreatvector.cylance.com%2Fen_us%2Fhome%2Fblackberry-cylance-vs-parite-polymorphic-file-infector.html&rl=&if=false&ts=1567433853505&cd[segment_eid]=BMNOXKZHPFHPDK7ZYEXFSC&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=29&fbp=fb.1.1567433853504.367243054&it=1567433853413&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 02 Sep 2019 14:17:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Mon, 02 Sep 2019 14:17:33 GMT

Verdicts & Comments Add Verdict or Comment

176 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 07:43:05	Name: demdex Value: 60026004540107824433006466841675321751
.cylance.com/	1970-01-19 12:09:29	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22Ecid%22%3A%22-1826469128%22%2C%22XDomain%22%3A%221%22%7D
.cylance.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.cylance.com/	1969-12-31 23:59:59	Name: s_tp Value: 9758
.cylance.com/	1970-01-19 12:09:29	Name: s_vnum Value: 1598969852883%26vn%3D1
.cylance.com/	1970-01-19 03:23:55	Name: s_lv_s Value: First%20Visit
.cylance.com/	1970-01-20 05:40:41	Name: s_lv Value: 1567433852881
.cylance.com/	1970-01-19 12:09:29	Name: _biz_pendingA Value: %5B%5D
.cylance.com/	1970-01-19 03:23:55	Name: _biz_sid Value: 58b730
.threatvector.cylance.com/	1970-01-19 03:25:20	Name: _gid Value: GA1.3.1351572710.1567433853
.threatvector.cylance.com/	1970-01-19 03:23:53	Name: _gat_904909c8b4224b069399ead37fce794b Value: 1
.cylance.com/	1970-01-19 03:23:55	Name: s_invisit Value: true
.cylance.com/	1970-01-19 12:09:29	Name: _biz_nA Value: 3
.threatvector.cylance.com/	1970-01-19 20:55:05	Name: _ga Value: GA1.3.608025799.1567433853
.cylance.com/	1970-01-19 04:07:05	Name: s_nr Value: 1567433852884-New
threatvector.cylance.com/	1970-01-19 03:23:54	Name: AWSELB Value: 4D0BDD9F0A163D48ECFEF400CB706ACF82CD0195C8103937592FB679C084F1DB4FBF9937A7A4381BCD335FA13A79BACAFDE223CF13FD25873C7A2BC0E5C1F5ABCE7C0F7EBB
.cylance.com/	1970-01-19 12:09:29	Name: _biz_uid Value: 8d5037f61dc34539d49557ddc28150fe
.cylance.com/	1970-01-19 20:56:32	Name: AMCV_2297E09A576BB9677F000101%40AdobeOrg Value: -715282455%7CMCIDTS%7C18142%7CMCMID%7C60480085779606677112961766723490511171%7CMCAAMLH-1568038652%7C6%7CMCAAMB-1568038652%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1567441052s%7CNONE%7CMCSYNCSOP%7C411-18149%7CvVersion%7C4.2.0
.cylance.com/	1969-12-31 23:59:59	Name: s_ppv Value: home%253Ablackberry-cylance-vs-parite-polymorphic-file-infector%2C12%2C12%2C1200
.cylance.com/	1969-12-31 23:59:59	Name: AMCVS_2297E09A576BB9677F000101%40AdobeOrg Value: 1
.cylance.com/	1970-01-19 20:55:05	Name: _mkto_trk Value: id:524-DOM-989&token:_mch-cylance.com-1567433852600-40785

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://threatvector.cylance.com/en_us/home/blackberry-cylance-vs-parite-polymorphic-file-infector.html(Line 247) Message: cookie not is active
console-api	log	(Line 2) Message: add----roll1
console-api	log	(Line 2) Message: add----roll2
console-api	log	(Line 2) Message: add----roll2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	font-src https: data:; img-src http: https: data:; script-src http: https: blob: 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

524-dom-989.mktoresp.com
ads.yahoo.com
api.company-target.com
app-sj16.marketo.com
assets.adobedtm.com
bat.bing.com
cdn.bizible.com
cdn.rawgit.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
cylance.demdex.net
cylance.sc.omtrdc.net
d.adroll.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
match.prod.bidr.io
munchkin.marketo.net
pixel.advertising.com
pixel.rubiconproject.com
px.ads.linkedin.com
s.adroll.com
s.ytimg.com
s7d2.scene7.com
segments.company-target.com
simage2.pubmatic.com
snap.licdn.com
stats.g.doubleclick.net
sync.outbrain.com
tag.demandbase.com
threatvector.cylance.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
104.111.251.133
104.16.96.80
108.128.26.6
13.35.253.61
13.35.253.80
13.35.253.91
151.101.114.2
151.139.237.11
172.217.21.226
172.217.22.66
18.195.133.216
185.33.223.208
185.64.189.110
192.28.147.68
2.18.232.23
2.18.233.40
2.18.234.21
2620:1ec:c11::200
2a00:1288:110:422::3000
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:814::200e
2a00:1450:4001:816::2002
2a00:1450:4001:816::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:400c:c04::9b
2a02:26f0:6c00:284::9b6
2a02:26f0:6c00:28c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.95.120.147
35.190.72.21
52.10.87.191
52.18.95.163
52.28.46.116
52.30.78.155
52.58.143.52
52.58.176.118
54.217.228.56
54.228.196.147
66.117.28.86
66.117.29.227
69.173.144.136
93.184.220.178
064ecaaaa361722147392663098cbe3331d9b1a07a862c80bd3912e1119c7b6e
099bace63963205abb1875d577e797bdac573989ab27a75960eafe3ccd5fa27a
09bc1009eb3d9cbc800e4933a407c81b1920be72f28254baff513ee8f422f5b0
0e23b84d6736b1645a695282788cee2070cd3f5cd2c5c2e31ea0b44a942294c2
0e41a843709f19f5327078ad0e4fca7ff8485d280f2458c15b555957a0e646cd
0f614110a03120974ee49b6f8ff892a1b376753c547afbcca26965cc2a0fc379
1017b2b6551aca43896313770d3c3041d58cee227ce35861c60ef0a10dc38c64
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a7103ddeebf3a313febafe1aba08a1cec143c98a7b6e51cacbf8893093efaa2
1b0a2b5c8df9f3d1b4c5bd8e568486eef3497dc0e049afe9eab06d3ea4b7f892
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1cac386a226657759d39c04b26768f03915090f0f1a5b4e6ca815d7478228159
26ae4b0eb488fa35fca8b199e05b5b5236192cf04a2fa5a91ba6c5c4d5ffc06d
2afa0193eebc6dcba6256c02ba126cd809b278a8c271ba1344af1d54520fb173
2d9245daf2dcc8739b68091fc3afea1e48c3add85f07d57e551a2ab7a714853e
321bbcc4cc57483b7e329186e5159498b668ddde87cb64696ddcdc95176cce82
38e2357a7e1247afb1475fd6294b7fb8fe8d085a662bc7fc14659bbf852bcd14
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3be28c78b5034a9da9ced3b8679bc9c6509bf241e31e6e2911a0e2ca934af2f7
4225582d78d868dc342479658f2084f45f81cb401f661f636b0081f6d6db1a08
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44df095afbcc3700bb27f3c430bce008b8074188be803787ce11b9b850ed6675
45e2f85e3aab6c36988703f5cc06444289bb795a25736b74975073c98de18498
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba24b3b0893a8ee74bc043ece4c52e17f4b1a4574ee36545821ac7e4f91711c
4cdb5521799347327648c9276d2efa4b5c608ca21238cb091f2629d4c95e6cea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52a819b57faa286aa34073040a99a7f426c65345757c2c3336260a3573010afa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b4f7ddf2cbd5ef8611f5fd90529a7c0b42bedb4c6f5a8f08d1c328b55043372
62d710d9bda1dbd522c180805ec2a66d82c84ec1093813ebf39d22f04b30d871
66de82969f617c85184ad351d55501233e538e7f54caa684368c8a155053874d
66f7eaa7a45f696c332cd450771f4be48e110f6afbe1fe7b39c7a95518aeef76
68931e33e944d14492cbbc5158faef31ab7040a6b73ba9bb792179a6f1b557d5
6b4c72b8214beaceed57a85c54eed2c61cfc4911b3d677db9a6e00849ef6be05
743cc926a4314f25d09ad7fa042ddc4dbbb81c7f28fa11be70af367ee3015ecd
7848472b4e994bcd2cb522201f6c123b50c4b37e5aab979ac50db3244eb894d5
79a5a24099a0a07f7f110441ce3a04edc884ebcfa098f2dd88a29aeb4f14ca03
7b86ac9779af83777789a7fc81940793f77b5bd3ff3d36ac8e925fccf656247a
7cb6b262921ae820e6087d669fb2569af137cabcd2e724ab6ea03a4d2e5dae7a
7fbbeba68616ec3cd21955086a765a1c74d81b3f2772babba4f8f9719adb2d5c
8235e55fa7f1c889f552c3d7415b6bfff016a82035dc5c77da7a1789a3de95e3
8658dcad983dacbb3bca7bc8217fd0b75f28df85bf9259bd0dccf69e58cb0ecd
87f55f0eb8ca3828f1f3c43da32e71933463b639ff59c86fab549600912ac687
88d7f3238a32d68c38b68c6c1e2a215f0e45c372118518a4360743989aecb590
8deab9e119a5c57d0a57ace405a1e06b56592bf2ceac2d70c05cef6d8fbb6f40
8f9713075b7edd29146b9f8472de0a9dea8c7f3dc2f41ff172f3e558536227c7
910c0f7f21ae6d436fd483f49c5c3c46713877acd81cb71998dd053358ebbc2e
937fdd2761db8d890407be8c18e64a7f3c19ded89b4d67f5606e30a560bd63c5
93a431303f6163e1a1b17d0fe9ac4edb2b042333aec637187fa92f9ed1050ae8
96904bcac47ca5d98b664970580ea473e1e6a6b285c87e8cb3caa2f1928e7219
9690bc8de8d9efcfd7f8b2154219ec3cf41cd61795dbc98bc068e5b0155e8288
9913bba300e77cd7898ce5a11558bf789fd15cb686107a10a648109117816be1
995faa1202d9ae4abb0c9d5003865014aeabbaea2a1877eaa060431c5a53c165
a18d144ce26dd699c57aab1684a6532eb72a77adb420156ba27d34f3e0cce749
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a6263d2b65dcdb06890af403589c8d56e0686a57ed620e46bfdf9fa527e83dad
aabeeb6bfde1582f7ed01db949b560d8b630a2240267663db17f561b2ff4125c
adc2c8e679ffd8f0cbc9270749db4f687b9201280b2913c2817f230584ea4e1d
ae0d8091f974c66bea6d9f9aeba9feb785eb4e5a4e779060ec5f31b525f61f0f
af6f1a1d1ca5b44168e2d69e4e92daf576df150cc615c9e62adc6eb909a73114
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b10bfe284fcea12155ae8def55a8ec14b8a804e198e06d985e6e8a1681851c63
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b194fd385666036162259f55563a017e78753671e0fbd3be31a272dc2b869876
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c0aed91f1b10ec94f40fdf79c31d1f870fb4bf3eda63b61edb3bbaeff53a93e0
c6e538e6a9213d8d6cb6a1f3b7c03e5a06d68ff25ec57e6eb5b4868289464de0
c7371fc80aaa8cb831b69c0fc6316d84df50604acf34535f9cd1e8d88b9ab4c3
cbb1b909d87b15c934a34c8b0c4e2fab2c4a0c677446d0bafa08339cd2755e2f
ccbd37c2b3b91c99eb249fcc79ee418b57b7e8b06afc6b541e36b329bbbbf8cc
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
ce11c18967ab30115878af2f6c6dc88fce05dbda48df9cea5a7abf9fb311ef5f
d46f9e013df1aa1864b8a744dd8f1bddf6b0a372d8745917d432c7f0d5171214
d4e42e78d5938248bc7eeac03bfacee8cd2a392daa3885637a7899ca4fb30e3c
d735815940a1494d67b3771379ea508f495d9aaeffd168963da25eaccc9dc87c
daf90f37815d639cb17edaf0a92a9f36b4fbb3ae6f2ab5e3c6fec5b3b4ea53e2
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd1dad45fd0dd168ad46427307aa8a206b857b783ca3afbcfe2bc8b8724acec0
de68b9da0dc47d663d4f277de036cfb77dd2b5b6c760f0cdcea9f2f86888c6b9
e129303f75e317ba0dd09f90f4de9e94f1d832355b5d9202181e3e72648b3646
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
e35896fcd15b2238b1b5e2d4fbbd2b287f57dbbded51ab1a2217c38ce6a51d2f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85d93603219c7af97e29b183b6f22d04991b9b01c4a79ae824e62ea7aa809b5
eb2deec7e5394e29e51ff83e920f1ce3c092ae5c63b711a4b755b9861a8bc6cd
ec1ed4306b9834065a6b310ea127d9d57bacc57fc8924d638985e13c4fd8e3e2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb6b9732bf508ee305363b10cf2a67ace474e06eb42642f2c3696b2442a5775
f15f778cd39043a166a29f654b1191bc6fbf8043a8cc3477c42764b14b919dec
f17a340f0388383e8d2a70632006d51e5d0e95f60f1cca3f774bd78b5d3dcd07
f419df72131b2e7ec36c56950099c5c8f88e3e8ba7de2438b0484d0786e56200
f6281f4fc0c8b4cd0ecb0cf382c080d9e5f01b58c816d5f071969f3734465fc6
f7d7b8e746c4d75bbd4454d4a0e2e2c58d51f0293c25b1351696c33fc3571cce
f82142a2b261a9cf7f6c952759be9bc3b7aac64a1da2ca174c494ede3e1f06a9
fe08d074a32f7c481cc425d22cdd787137feea90578e0b10556cebeefcfa3040
fe7b1fa106b52fd3b7a72421171503eee8ec0c911d495be3ce168f76ed7cc8b1
fe884e48d8d2602152678463aa5ac92bb7bd73b357851406aebcc046ab1d8b9f

threatvector.cylance.com Open in urlscan Pro 52.10.87.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

122 Requests

100 %HTTPS

35 %IPv6

41 Domains

48 Subdomains

41 IPs

7 Countries

1521 kBTransfer

3465 kBSize

21 Cookies

17 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatvector.cylance.com Open in urlscan Pro
52.10.87.191 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

100 %
HTTPS

35 %
IPv6

41
Domains

48
Subdomains

41
IPs

7
Countries

1521 kB
Transfer

3465 kB
Size

21
Cookies

122 HTTP transactions
0 data transactions