urlscan.io logo urlscan.io
SecurityTrails logo

www.f-secure.com Open in urlscan Pro
2a02:26f0:6c00:180::1361  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cgi.f-secure.com/cgi-bin/search.cgi?ul=v-descs&q=Trojan:W97M/MaliciousMacro.GEN
Effective URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Submission: On June 17 via manual from AE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 5 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2a02:26f0:6c00:180::1361, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is www.f-secure.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 16th 2018. Valid for: 2 years.
This is the only time www.f-secure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 193.110.109.54 16273 (F-SECURE-AS)
19 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 52.166.11.26 8075 (MICROSOFT...)
2 2a05:d014:275... 16509 (AMAZON-02)
1 151.101.2.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
25 6
2    193.110.109.54 (Espoo, Finland)

ASN16273 (F-SECURE-AS, FI)
PTR: cgi.f-secure.com
cgi.f-secure.com
19    2a02:26f0:6c00:180::1361 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
www.f-secure.com
2    52.166.11.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
addsearch.com
2    2a05:d014:275:cb00:6533:f2f4:82c4:9d8a (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
assets.f-secure.com
1    151.101.2.110 (United States)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
1    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Domain Requested by
19 www.f-secure.com www.f-secure.com
2 assets.f-secure.com www.f-secure.com
2 addsearch.com www.f-secure.com
addsearch.com
2 cgi.f-secure.com 2 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.f-secure.com
25 6
Subject Issuer Validity Valid
www.f-secure.com
DigiCert SHA2 Extended Validation Server CA		 2018-04-16 -
2020-04-28		 2 years crt.sh
www.addsearch.com
DigiCert SHA2 Extended Validation Server CA		 2019-01-08 -
2021-04-07		 2 years crt.sh
assets.f-secure.com
Let's Encrypt Authority X3		 2019-05-07 -
2019-08-05		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Frame ID: 57776B3669D8117B3D2694CC22E6BE85
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cgi.f-secure.com/cgi-bin/search.cgi?ul=v-descs&q=Trojan:W97M/MaliciousMacro.GEN HTTP 302
    http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan:W97M/MaliciousMacro.GEN&orig=email&la... HTTP 302
    https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Page Statistics

25
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

5
Countries

311 kB
Transfer

877 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cgi.f-secure.com/cgi-bin/search.cgi?ul=v-descs&q=Trojan:W97M/MaliciousMacro.GEN HTTP 302
    http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan:W97M/MaliciousMacro.GEN&orig=email&lang=eng HTTP 302
    https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request trojan_w97m_maliciousmacro.shtml
www.f-secure.com/v-descs/
Redirect Chain
  • http://cgi.f-secure.com/cgi-bin/search.cgi?ul=v-descs&q=Trojan:W97M/MaliciousMacro.GEN
  • http://cgi.f-secure.com/cgi-bin/websearch/vsearch.cgi?q=Trojan:W97M/MaliciousMacro.GEN&orig=email&lang=eng
  • https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4a0f3f9461eaca077a9c947c905bd533e950579916295adc068453773547fa5

Request headers

:method
GET
:authority
www.f-secure.com
:scheme
https
:path
/v-descs/trojan_w97m_maliciousmacro.shtml
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-amz-id-2
JYBp+Bc/WWX/e5CE76nFjYKUn96VRCiLUdc6PFKxy2a3fzjoFRuFnvrv3e3r5NPKBK6q5BjRJyw=
x-amz-request-id
636BA5AB6E7407D5
last-modified
Thu, 30 May 2019 06:58:46 GMT
etag
"273f45c58b7ba5582a73cae626442921"
accept-ranges
bytes
content-type
text/html
server
AmazonS3
vary
Accept-Encoding
content-encoding
gzip
expires
Mon, 17 Jun 2019 14:23:29 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Mon, 17 Jun 2019 14:23:29 GMT
content-length
12757
set-cookie
country=DE; path=/; domain=f-secure.com

Redirect headers

Date
Mon, 17 Jun 2019 14:23:28 GMT
Server
Apache
Location
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Content-Length
249
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
00-fs-bootstrap-v1.5.0-min.css
www.f-secure.com/documents/styleguide5-beta/css/ 		230 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5-beta/css/00-fs-bootstrap-v1.5.0-min.css
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
bc5504717be37f22c643ff1ac4400537afdef8094b0b3b474199928d36677bd1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"c5fcf508-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=8165395
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
37069
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
01-f-secure-web.min_35e8a96614.css
www.f-secure.com/documents/fs-components/css/ 		496 B
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/fs-components/css/01-f-secure-web.min_35e8a96614.css
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
6053ef246fcab3946d57890a2667148988019407737e9a8801bd4428251a3942
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"efe53770-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=8593518
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
239
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
fs-components-v1.4.0-min.css
www.f-secure.com/documents/fs-components-beta/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/fs-components-beta/css/fs-components-v1.4.0-min.css
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
b41a8cda4aac688a1b8d8270a43454fd1ece870c97621da0996461ce5b57dfe6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"dc864549-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=8162306
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
2937
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
megamenu-v1.0.2-beta.css
www.f-secure.com/documents/fs-components/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/fs-components/css/megamenu-v1.0.2-beta.css
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
f50ac3b7b26c30304979fb030512206d12c3fc743598af58d9fa77da1615deff
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"74f09a78-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=8027928
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
1037
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
01-cw-1.0.1.min.css
www.f-secure.com/documents/assets_home_v5/css/ 		101 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/assets_home_v5/css/01-cw-1.0.1.min.css
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
9baedaaa6fece84a56ec077e20e16a66f95b5c8a86b974321be61b33f7564c01
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"4edb2981-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
expires
Tue, 17 Sep 2019 05:46:56 GMT
cache-control
public, max-age=7917807
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
13291
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
labs.css
www.f-secure.com/documents/labs_global/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/labs_global/css/labs.css
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
8b36d0d5e7c28346715fc958d82461669510d4f2a93862b0a594e82b1668203d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"730bcb74-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
status
200
cache-control
public, max-age=7921777
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
3806
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
00-jquery-3.1.1.min.js
www.f-secure.com/documents/styleguide5/js/lib/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5/js/lib/00-jquery-3.1.1.min.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"15579ac-gzip"
x-frame-options
SAMEORIGIN
content-type
text/javascript
status
200
cache-control
public, max-age=7057578
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
30186
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
logo-f-secure-black.svg
www.f-secure.com/documents/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.f-secure.com/documents/assets/images/logo-f-secure-black.svg
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
391e27011fb127c8b30afd33cf00da2ba88d592456d227503dac9f5e261bcb3a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
vary
Accept-Encoding
content-length
1755
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
/
addsearch.com/js/ 		2 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://addsearch.com/js/?key=6156eca05ef73cc2babc21da4a20c344&categories=1xen
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
56dbc3102f7c3e03eaef7c4dc2acd40535299110f3a618112494be7ad4bcb16f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Jun 2019 14:23:29 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
728
00-fs-bootstrap-v1.3.2-min.js
www.f-secure.com/documents/styleguide5/js/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5/js/00-fs-bootstrap-v1.3.2-min.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
988ee579c6f24301b81b6708414bb58f2e8fb3fc012d8b1c4030139f634ae505
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"8afa70f4-gzip"
x-frame-options
SAMEORIGIN
content-type
text/javascript
status
200
cache-control
public, max-age=3643983
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
27221
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
f-secure-web.min_4f79d8de16.js
www.f-secure.com/documents/fs-components/js/ 		1 KB
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/fs-components/js/f-secure-web.min_4f79d8de16.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
0be570dad193c8e32f3847553751a386071cac1e2cbe2ba67b3cfbf2ba06d013
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"c819f009-gzip"
x-frame-options
SAMEORIGIN
content-type
text/javascript
status
200
cache-control
public, max-age=3551920
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
594
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
00-cw-0.5.53.min.js
www.f-secure.com/documents/assets_home_v5/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/assets_home_v5/js/00-cw-0.5.53.min.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
x-content-type-options
nosniff
server
Apache
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
404
accept-ranges
bytes
content-length
1833
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
fs-components-v1.3.2-beta-min.js
www.f-secure.com/documents/fs-components/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/fs-components/js/fs-components-v1.3.2-beta-min.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
f50bb2f32bfab89816ca092d2b5c4d467f3210bfa67dda2b7c51f65c8adc435e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
etag
"8d4d7a98-gzip"
x-frame-options
SAMEORIGIN
content-type
text/javascript
status
200
expires
Tue, 03 Sep 2019 11:30:11 GMT
cache-control
public, max-age=6728802
date
Mon, 17 Jun 2019 14:23:29 GMT
vary
Accept-Encoding
content-length
2349
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
fs-cookie-consent.js
assets.f-secure.com/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.f-secure.com/fs-cookie-consent.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:275:cb00:6533:f2f4:82c4:9d8a Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Netlify /
Resource Hash
1d8b270132831d0e2fcf99d3bfb7ccbcbfaada6506ada69c9ad056f195b1ba23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7a7c39de-e848-4268-a2fd-f48d80d0cd70-21408187
date
Mon, 17 Jun 2019 09:43:53 GMT
content-encoding
gzip
server
Netlify
age
16777
etag
"80849a9bafd8bb752944cc508354c384-ssl-df"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
access-control-allow-origin
*
content-length
15061
logo-f-secure.svg
www.f-secure.com/documents/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.f-secure.com/documents/assets/images/logo-f-secure.svg
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
5cb4a45a401ebb97a92d63e77ce8819f8564e16eeba895a5bedc849259cb87e6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/documents/labs_global/css/labs.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
status
200
vary
Accept-Encoding
content-length
1809
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
FSSansWeb-Regular.woff2
www.f-secure.com/documents/styleguide5-beta/css/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5-beta/css/fonts/FSSansWeb-Regular.woff2
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
01cb4d89923f8badce615bcf182435e00fd766a3d3f10d3db1a9ced884618bf8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.f-secure.com/documents/styleguide5-beta/css/00-fs-bootstrap-v1.5.0-min.css
Origin
https://www.f-secure.com

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
x-content-type-options
nosniff
server
Apache
access-control-allow-origin
*, *
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
status
200
access-control-max-age
86400
access-control-allow-headers
*
content-length
24264
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
fsg-icon-regular.woff2
www.f-secure.com/documents/styleguide5-beta/css/fonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5-beta/css/fonts/fsg-icon-regular.woff2
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
aee07e9c0271280f350f584b8bb08489b36040d7dc515baf71b8df191c10b15d
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.f-secure.com/documents/styleguide5-beta/css/00-fs-bootstrap-v1.5.0-min.css
Origin
https://www.f-secure.com

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
x-content-type-options
nosniff
server
Apache
access-control-allow-origin
*, *
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
status
200
access-control-max-age
86400
access-control-allow-headers
*
content-length
62248
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
/
addsearch.com/searchui/v3/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addsearch.com/searchui/v3/?key=6156eca05ef73cc2babc21da4a20c344&i=
Requested by
Host: addsearch.com
URL: https://addsearch.com/js/?key=6156eca05ef73cc2babc21da4a20c344&categories=1xen
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
89fbff67e264a8fd3871d9ae8c18138057d74c9abaf993876ab94db01f7c6ed8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Jun 2019 14:23:29 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
application/javascript;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
FSSansWeb-Bold.woff2
www.f-secure.com/documents/styleguide5-beta/css/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5-beta/css/fonts/FSSansWeb-Bold.woff2
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
b04e77b8cb106d30f236b14502bd7330fd58b58e181f2edbe70d63f4596a8560
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.f-secure.com/documents/styleguide5-beta/css/00-fs-bootstrap-v1.5.0-min.css
Origin
https://www.f-secure.com

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
x-content-type-options
nosniff
server
Apache
access-control-allow-origin
*, *
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
status
200
access-control-max-age
86400
access-control-allow-headers
*
content-length
25004
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
FSSansWeb-Light.woff2
www.f-secure.com/documents/styleguide5-beta/css/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/styleguide5-beta/css/fonts/FSSansWeb-Light.woff2
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
10d060c97038541bacfb27e38150ba5515f8001ede5b9cddc1c6f936feae3e95
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.f-secure.com/documents/styleguide5-beta/css/00-fs-bootstrap-v1.5.0-min.css
Origin
https://www.f-secure.com

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
x-content-type-options
nosniff
server
Apache
access-control-allow-origin
*, *
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/font-woff2
status
200
access-control-max-age
86400
access-control-allow-headers
*
content-length
25188
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
00-cw-0.5.53.min.js
www.f-secure.com/documents/assets_home_v5/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.f-secure.com/documents/assets_home_v5/js/00-cw-0.5.53.min.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:180::1361 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=16070400; includeSubdomains
x-content-type-options
nosniff
server
Apache
date
Mon, 17 Jun 2019 14:23:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/html
status
404
accept-ranges
bytes
content-length
1833
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
en_US.json
assets.f-secure.com/localizations/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets.f-secure.com/localizations/en_US.json
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:275:cb00:6533:f2f4:82c4:9d8a Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Netlify /
Resource Hash
548b6ab1f683ae7a771e5e634e71d3bd5116617c63de9d46ebf5fd1dd0f64063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Origin
https://www.f-secure.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nf-request-id
7a7c39de-e848-4268-a2fd-f48d80d0cd70-21408192
date
Fri, 14 Jun 2019 11:23:47 GMT
content-encoding
gzip
server
Netlify
age
269983
status
200
etag
"e273ca747fb041f4c48cd2e6f586e299-ssl-df"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
1086
nr-974.min.js
js-agent.newrelic.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-974.min.js
Requested by
Host: www.f-secure.com
URL: https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 17 Jun 2019 14:23:30 GMT
content-encoding
gzip
x-amz-request-id
697864CD6559CD82
x-cache
HIT
status
200
content-length
8756
x-amz-id-2
Syx6X8d+YlHmm1XMkWxU7/5ZeIc7p9fRkKj2AFDL2UDdy0lX+ziSb5nh/XK0+5rEfQJbtiGnpv4=
x-served-by
cache-hhn1534-HHN
last-modified
Wed, 28 Feb 2018 23:33:45 GMT
server
AmazonS3
x-timer
S1560781410.319189,VS0,VE0
etag
"634571f9ce8c2fed916ddca30914f48a"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
325
1fccd16bb0
bam.nr-data.net/1/ 		57 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/1fccd16bb0?a=26286576&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=1788&ref=https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml&be=1010&fe=528&dc=509&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1560781408548,%22n%22:0,%22f%22:421,%22dn%22:422,%22dne%22:457,%22c%22:457,%22s%22:463,%22ce%22:477,%22rq%22:478,%22rp%22:501,%22rpe%22:503,%22dl%22:983,%22di%22:1519,%22ds%22:1519,%22de%22:1528,%22dc%22:1538,%22l%22:1538,%22le%22:1548%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-974.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer
https://www.f-secure.com/v-descs/trojan_w97m_maliciousmacro.shtml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| addsearch_custdata object| AddSearchAsync undefined| materialForm object| input function| $f function| flowplayer function| flashembed object| DomReady function| html5media string| addsearch_suid object| addsearch_searchsettings object| addsearch_i18n string| addsearch_html string| addsearch_social object| addsearchUtils object| addsearch boolean| addSearchSupportsPassive object| opts undefined| topNavigation undefined| fsModalVideo object| $header number| $navbarHeight number| $headerHeight boolean| isIOS boolean| isSafari object| isChrome object| test

1 Cookies

Domain/Path Name / Value
.f-secure.com/ Name: country
Value: DE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
assets.f-secure.com
bam.nr-data.net
cgi.f-secure.com
js-agent.newrelic.com
www.f-secure.com
151.101.2.110
162.247.242.21
193.110.109.54
2a02:26f0:6c00:180::1361
2a05:d014:275:cb00:6533:f2f4:82c4:9d8a
52.166.11.26
01cb4d89923f8badce615bcf182435e00fd766a3d3f10d3db1a9ced884618bf8
0be570dad193c8e32f3847553751a386071cac1e2cbe2ba67b3cfbf2ba06d013
10d060c97038541bacfb27e38150ba5515f8001ede5b9cddc1c6f936feae3e95
1d8b270132831d0e2fcf99d3bfb7ccbcbfaada6506ada69c9ad056f195b1ba23
391e27011fb127c8b30afd33cf00da2ba88d592456d227503dac9f5e261bcb3a
548b6ab1f683ae7a771e5e634e71d3bd5116617c63de9d46ebf5fd1dd0f64063
56dbc3102f7c3e03eaef7c4dc2acd40535299110f3a618112494be7ad4bcb16f
5cb4a45a401ebb97a92d63e77ce8819f8564e16eeba895a5bedc849259cb87e6
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
6053ef246fcab3946d57890a2667148988019407737e9a8801bd4428251a3942
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89fbff67e264a8fd3871d9ae8c18138057d74c9abaf993876ab94db01f7c6ed8
8b36d0d5e7c28346715fc958d82461669510d4f2a93862b0a594e82b1668203d
988ee579c6f24301b81b6708414bb58f2e8fb3fc012d8b1c4030139f634ae505
9baedaaa6fece84a56ec077e20e16a66f95b5c8a86b974321be61b33f7564c01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a0f3f9461eaca077a9c947c905bd533e950579916295adc068453773547fa5
aee07e9c0271280f350f584b8bb08489b36040d7dc515baf71b8df191c10b15d
b04e77b8cb106d30f236b14502bd7330fd58b58e181f2edbe70d63f4596a8560
b41a8cda4aac688a1b8d8270a43454fd1ece870c97621da0996461ce5b57dfe6
bc5504717be37f22c643ff1ac4400537afdef8094b0b3b474199928d36677bd1
de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa
f50ac3b7b26c30304979fb030512206d12c3fc743598af58d9fa77da1615deff
f50bb2f32bfab89816ca092d2b5c4d467f3210bfa67dda2b7c51f65c8adc435e